This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 66%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Dear Helpers,
I have an issue. I have Exchanger 2016 and Sophos Spam blocker. Some spam user from gmail send mails to our workers (domain email) with different worker names. Like boss@Stuff .com and name with alice bible. So our employees continue write out spam emails. I already blocked this user. So my questions is that how i blocke these @Stuff spam emails. when i check sender IP, its always Gmail server IP. I already make a rule in Exchange server for blocking, but still with new spams comes to our server with employee names. If you have suggestion, please share with me. Thanks
Yea, thats the tough part, there is no real solution with Exchange itself. You could create transport rules, but that would be very difficult to manage for multiple users and probably not really be effective since you would have to account for every variation.
Third party software is really what should be used:
EOP/ ATP can do this:
Exchange itself is not very good at this and has really basic settings. Can you adjust the Sophos product in anyway to look for spoofing and check DMARC passing and SPF records?
Dear Andy,
Thanks for suggestion. We use Sophos Pure Message. I donot think so, we have option for Spoofing in Pure Message. SPF record is already configured but DMARC is not.
So these are spoofing the display names of actual users with a gmail.com address? If so, thats going to be almost impossible to block without third party software or using EOP/ATP with Microsoft.
Users can set their junk mail settings to Safe Senders Only and that would help at least.
For example:
Actual user is : Jopsh Krsitian and email is j.krsitian@ab***.com
SPAM email : Jopsh Krsitian and email is jopsh.kr***@Stuff .com
Still i didnot found any solution. Every time, subject, email , IP changes. So its very difficult how i do that. Did you know any solution for on-premise Exchange?