Security Basics mailing list archives

Re: Protection against fake mails

From: "Mark Owen" <mr.markowen () gmail com>
Date: Wed, 9 Apr 2008 15:22:11 -0400

On Wed, Apr 9, 2008 at 12:37 PM, WALI <hkhasgiwale () gmail com> wrote:

 How do I guard against such emails originating from fake email
impersonations. Is there something I can do at our email gateway, proxy or
exchange sever (2003) levels?


Basic protection is to only allow e-mail originating from your domain
name to be allowed from a specific set of trusted mail servers.  This
will protect you internally from fake e-mails spoofing your domain but
will not block other spoofed domains.  Spoofed e-mails from other
domains may be blocked by relying on reverse DNS lookup and comparing
the resultant domain with that of the one specified in the e-mail, but
this will also block misconfigured servers and some sites on shared
hosting.  Long answer short, if you don't want to miss any e-mails
then theres really not much you can do.

What you can do to prove that your domain is not spoofed is to enable
DomainKeys[1] on your server.  If everyone did this then blocking fake
e-mails would be possible.

Hope this helps.



[1] http://en.wikipedia.org/wiki/DomainKeys




-- 
Mark Owen

Current thread:

RE: Port Monitoring Software, (continued)
- RE: Port Monitoring Software Dan Denton (Apr 09)
- RE: Port Monitoring Software Steve Anderson (Apr 09)
  - RE: Port Monitoring Software Nathan Sherlock (Apr 09)
- Re: Port Monitoring Software Charles H. Leggett (Apr 09)
- Re: Port Monitoring Software infolookup (Apr 09)
- RE: Port Monitoring Software Stachowicz, Mark (Apr 09)
- RE: Port Monitoring Software Mohamed Senan (Apr 09)
  - Re: Port Monitoring Software Jarrod Frates (Apr 09)
  - Protection against fake mails WALI (Apr 09)
    - Re: Protection against fake mails Ansgar -59cobalt- Wiechers (Apr 09)
    - Re: Protection against fake mails Mark Owen (Apr 09)
    - Re: Protection against fake mails Captain Bock (Apr 10)
    - RE: Protection against fake mails Jens C. Laundrup (Apr 10)
    - Re: Protection against fake mails Captain Bock (Apr 14)
    - Re: Protection against fake mails Jarrod Frates (Apr 12)
    - Re: Protection against fake mails vipw01 () gmail com (Apr 14)
    - Re: Protection against fake mails Jeff MacDonald (Apr 10)
    - RE: Protection against fake mails Jens C. Laundrup (Apr 10)
    - Re: Protection against fake mails Nick Owen (Apr 10)
    - RE: Protection against fake mails Craig Wright (Apr 14)
- Re: Port Monitoring Software Paul Halliday (Apr 09)

(Thread continues...)