Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1010
Views
0
Helpful
1
Replies

Geting spoofed mail

rockbd
Level 1
Level 1

‎08-19-2018 10:37 PM - edited ‎03-08-2019 07:39 PM

Recently i am getting some unwanted mail where i found out following

 

Envelope Sender: notreply.6jaENeWT@6jaenewt.dhl.com
Envelope Recipients: musa@xxxxxxx.com
Message ID Header: <ULQ1-ZBSC2ZW4-235-1EK0OVOUV6-RV14NE8.JavaMail.email@email.apple.com>

 

where the send and message header is different. It seems to me it is spoofed mail.

I seached in the google and found the following url to protect spoofed mail.

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200166-Quarantine-Spoofed-Email-Messages-on-the.html

 

Can anyone help me and confirm that it is spoofed mail and can i only use GUI to block spoofed mail? As i am not good at CLI.

 

Thanks in advance for the help.

 

Labels:
0 Helpful
1 Reply 1

Libin Varghese
Cisco Employee
Cisco Employee

‎08-31-2018 08:21 AM

You may want to look at implementing SPF and DMARC for spoofed email protection.

 

However, the sender domain should have these DNS records published in order for the ESA to take action on them.

 

http://www.cisco.com/c/dam/en/us/products/collateral/security/esa-spf-dkim-dmarc.pdf

 

Regards,

Libin

0 Helpful
Customers Also Viewed These Support Documents