Prevent spoofing.

dritanbdritanb
in Firebox - Proxies

I do have a smtp proxy setup with prevent spoofing in it enabled. Mentime secure email is being used and all secure emails from/to internal users are being blocked. Is any way to add exceptions on prevent spoofing for specific domain or something....
here are the logs:
2019-05-03 12:25:39 Allow 205.218.54.6 100.12.162.41 smtp/tcp 55811 25 3-FIOS-VZ 1-Trusted ProxyAllow: SMTP spamBlocker exception was matched (SMTP-proxy IN ACMH-00) SMTP-Incoming.Standard.acmh proc_id="smtp-proxy" rc="590" msg_id="1BFF-001E" proxy_act="SMTP-Incoming.Standard.acmh" from="do_not_reply@voltage.com" to="username@domain.org" geo_src="USA" geo_dst="USA" Traffic
2019-05-03 12:25:39 Deny 205.218.54.6 100.12.162.41 smtp/tcp 55811 25 3-FIOS-VZ 1-Trusted ProxyDrop: SMTP header (SMTP-proxy IN ACMH-00) SMTP-Incoming.Standard.acmh proc_id="smtp-proxy" rc="594" msg_id="1BFF-0003" proxy_act="SMTP-Incoming.Standard.acmh" rule_name="Prevent Spoofing" header="From: "username@domain.org via SecureMail" do_not_reply@voltage.com" geo_src="USA" geo_dst="USA" Traffic
2019-05-03 12:25:39 Allow 205.218.54.6 50.74.4.38 smtp/tcp 32786 25 0-TW 1-Trusted ProxyAllow: SMTP spamBlocker exception was matched (SMTP-proxy IN ACMH-00) SMTP-Incoming.Standard.acmh proc_id="smtp-proxy" rc="590" msg_id="1BFF-001E" proxy_act="SMTP-Incoming.Standard.acmh" from="do_not_reply@voltage.com" to="username@domain.org" geo_src="USA" geo_dst="USA" Traffic
2019-05-03 12:25:39 Deny 205.218.54.6 100.12.162.41 smtp/tcp 51990 25 3-FIOS-VZ 1-Trusted ProxyDrop: SMTP header (SMTP-proxy IN ACMH-00) SMTP-Incoming.Standard.acmh proc_id="smtp-proxy" rc="594" msg_id="1BFF-0003" proxy_act="SMTP-Incoming.Standard.acmh" rule_name="Prevent Spoofing" header="From: "username@domain.org via SecureMail" do_not_reply@voltage.com" geo_src="USA" geo_dst="USA" Traffic
2019-05-03 12:25:39 Deny 205.218.54.6 50.74.4.38 smtp/tcp 32786 25 0-TW 1-Trusted ProxyDrop: SMTP header (SMTP-proxy IN ACMH-00) SMTP-Incoming.Standard.acmh proc_id="smtp-proxy" rc="594" msg_id="1BFF-0003" proxy_act="SMTP-Incoming.Standard.acmh" rule_name="Prevent Spoofing" header="From: "username@domain.org via SecureMail" do_not_reply@voltage.com" geo_src="USA" geo_dst="USA" Traffic
2019-05-03 12:25:39 Deny 205.218.54.6 50.74.4.38 smtp/tcp 45766 25 0-TW 1-Trusted ProxyDrop: SMTP header (SMTP-proxy IN ACMH-00) SMTP-Incoming.Standard.acmh proc_id="smtp-proxy" rc="594" msg_id="1BFF-0003" proxy_act="SMTP-Incoming.Standard.acmh" rule_name="Prevent Spoofing" header="From: "username@domain.org via SecureMail" do_not_reply@voltage.com" geo_src="USA" geo_dst="USA" Traffic

Comments

  • Bruce_BriggsBruce_Briggs

    What exactly are your Prevent Spoofing settings?

  • dritanbdritanb
    edited May 2019

    Mail from rule: rule settings - pattern match : *@domain.org Action : drop
    Header Rule: rule settings - pattern match : *@domain.org * Action : drop

    I think i did follow WG resources for it.

  • Bruce_BriggsBruce_Briggs

    From: =
    username@domain.org via SecureMail" do_not_reply@voltage.com
    So you need a rule above Mail from and header rule allowing @domain.org via SecureMail

Sign In to comment.