SMTP Incoming Email denied
Have a company trying to send us email and it keeps getting denied by our SMTP Proxy settings. I added to the email address to our "SPAM" and "Mail From" exceptions so this isn't blocking them. But I now get this message:
What am I missing?
smtp-proxy[2979]: msg_id="1BFF-0003" Deny External Trusted tcp -removed- -removed- 12668 25 msg="ProxyDrop: SMTP header" proxy_act="SMTP-Incoming.1" rule_name="Prevent Spoofing" header="X-DMZ-RCPT-TO: JDoe@company.com geo_src="USA" geo_dst="USA" (SMTP-proxy-incoming-00
*removed IP addresses from logs. -jc
0
Sign In to comment.
Comments
Hi @SystemsA
The proxy is hitting a rule called "Prevent Spoofing" which is likely rejecting any email that has FROM as your domain.
If they have a reason to be sending email from your email domain, I'd suggest making a separate SMTP firewall rule FROM their mail server IP/IPs to your mail server, without that anti-spoofing rule in the SMTP proxy.
For example
Rule # - FROM - TO
1 - 1.2.3.4 - Exchange Server Static Nat.
2 - Any External - Exchange Server Static NAT
-James Carson
WatchGuard Customer Support
I have a rule in the SMTP Proxy - Address - Mail From - Called "Prevent Spoofing". Which has rule to deny email from the outside coming in with domain name equal to our domain: *@company.com
To stop Spam from outside the company faking domain email names looking like they came from us.
This legit email thou is defiantly from outside our Firewall and from a legit domain and company. Not sure why it would have the "X-DMZ-RCPT-TO: JDoe@company.com" in it.
I disabled the rule and now it comes thru but not sure that is a best thing to leave off.
Thanks,
Hi @SystemsA
The sender will either need to stop sending it that way, or you'll need to make a firewall rule from the sender's mail server IP with a proxy rule that allows that header.
-James Carson
WatchGuard Customer Support