What are you using for anti-spam/anti-phishing?
You really need to buy a 3rd party product or use a 3rd party SMTP gateway to accept mail first. The built-in Exchange abilities are very limited.
Our company is receiving a lot of spoof mails from various addresses. But biggest problem is these spoof mail domains are identical to our.
Today we got mail from "email@example.com" with "strange" links. We can block this ip but this will not prevent another mail like "firstname.lastname@example.org" from another ip and it's just matter of time someone clicks on something malicious.
Is it possible to block "*@our-domain.hr" mails coming from any other address then the one are in SPF or specifically defined ?