• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

danblee.com

Tutorials & Knowledge Base Articles for System Administrators who wear many, many hats.

  • Home
  • About
  • Ask Me
  • DBLHost.com

Anti Spoofing for Domains in Exchange 2016

May 15, 2017 by Dan B. Lee 3 Comments

If your’e getting mail from outside sources pretending to be on your domain, you can create a Mail Flow Rule to manage messages that say they are from your domain but really aren’t.

  1. Log into the ECP and go to Mail Flow > Rules and New (+)
  2. Click “more options…”
  3. You want to add two applications. Apply this rule if:
    1. The sender domain is ‘yourdomain.com’
    2. The sender location is from outside of the company
  4. You can treat mail that triggers those two applications any way you’d like. For my guys, I just put [POSSIBLE SPAM] in front of it and let them hash it out. Maybe you don’t trust your security as much as we do and you’d like to delete it right away or open a service ticket; it’s up to you.

Here’s a screenshot:

How to test this thing out

Well, if you’d like, you can send a spoofed email yourself. Do you have a discovery server in place? Or something with SMTP in place? If so, you can use this script here to send a mail using your domain from a server that’s outside of your company. It should trigger.

$MyEmail = "bob.smith@yourdomain.com"
$SMTP= "discovery.yoursmtpserver.com"
$To = "real.user@yourdomain.com"
$Subject = "Test Spoof Email"
$Body = "This is a test email using a domain spoof."
#$Creds = (Get-Credential -Credential "$MyEmail")

Start-Sleep 2

Send-MailMessage -To $to -From $MyEmail -Subject $Subject -Body $Body -SmtpServer $SMTP -Port 25 -DeliveryNotificationOption never

Otherwise you may just have to wait for it to trigger in production. In the meantime you can add another action and tell it to email you as well, that way you’ll catch them going to your customers you support.

Filed Under: Exchange 2013, Microsoft Windows, PowerShell, Windows Server Tagged With: Domain Spoofing, Email, Exchange, Phishing, PowerShell, script, Spoof, Testing

Primary Sidebar

Categories

  • Active Directory
    • Group Policy
  • Adobe Photoshop
  • Browsers
    • Chrome
  • Cloud Based Technology
    • Citrix XenApp
  • ConnectWise
    • LabTech
  • Dell
  • Internet Service Providers (ISPs)
  • iPhone
  • Linux
    • CentOS
    • OpenVPN
    • SaltStack
    • Ubuntu
  • Microsoft Office
    • Lync
    • Microsoft Excel
    • Microsoft Outlook
    • Microsoft Word
  • Microsoft Windows
    • Active Directory
    • PowerShell
    • Windows 7
    • Windows 8 Preview & Release
  • Networks
  • News
  • Off Topic
  • Office 365
  • Peripherals
    • Monitors
  • Printers
    • Local Printers
    • Network Printers
  • Programming
    • Python
  • Riverbed
  • Security
  • Sharepoint
  • Social Media
  • Splunk
  • Storage
  • Switching & Routing
    • Cisco
    • Fortinet
  • Technology Culture
    • Opinion
  • Uncategorized
  • Virtualization
    • VEEAM
    • VMware
  • WAMP
  • Web Hosting
    • WHMCS
  • Website Design
  • Windows Server
    • Exchange 2003
    • Exchange 2010
    • Exchange 2013
    • Microsoft SQL
    • Windows Server 2003
    • Windows Server 2008 R2
    • Windows Server 2012
  • WordPress

Footer

Recent Activity

  • pings on Xerox Phaser 3635MFP Default Admin Username and Password
  • Xerox Phaser 3635MFP Default Admin Username and Password — danblee.com on About Dan B. Lee
  • Estudio Login | LOGINEGG on Toshiba E-Studio Default Administrator Username and Password
  • Estudio Login | LOGINSPENT on Toshiba E-Studio Default Administrator Username and Password
  • Estudio Login | CHARTLOGIN on Toshiba E-Studio Default Administrator Username and Password

Dan Lee

Dan B. Lee works at SyApps, LLC., a Managed Hosting Solutions Firm, as a Senior Network Engineer. Dan has a decade of IT experience and specializes in a number of different disciplines including Virtualization, Web Site Hosting and Design, Network Security, Data Center Architecture, Local and Remote Server Hosting, and Backup & DRS Solutions. Read More…

Links

  • Home
  • About Dan B. Lee
  • Ask Me
  • Privacy Policy

Copyright © 2021 · Genesis Child Theme on Genesis Framework · WordPress · Log in