Prevent email spoofing with Messaging Gateway
search cancel

Prevent email spoofing with Messaging Gateway

book

Article ID: 177411

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

Symantec Messaging Gateway (SMG) permits external messages that appear to be sent from internal senders (spoofing).

Cause

One of the limitations of the original SMTP protocol is the lack of sender authentication capabilities. This is one of the enablers of spam messages, and allows the sender to spoof any email address, including your own domain.

Resolution

Remediation Steps:

Implement Sender Policy Framework (SPF), Sender ID, and content filters

Symantec recommends the creation of SPF records for your domain, and usage of sender authentication via SPF and Sender ID.

Configure Domain Key Identified Mail (DKIM) and content filters

Symantec recommends configuration of DKIM and content filters:

Configure Domain-based Message Authentication, Reporting & Conformance (DMARC) and content filters

DMARC adds upon SPF and DKIM technologies, including policies for handling false mail and reporting. Symantec recommends configuration of DMARC records and content filters.

Add your domain to the list of Local Bad Sender Domains

If the internal domain environment was designed no local email should be coming inbound, email can be safely deleted by adding local domains to the Local Bad Sender Domains list.

  1. In the SMG GUI, go to Reputation > Bad Senders > Local Bad Sender Domains.
  2. Click the Add button near the top of the page.
  3. Type the domain name without wildcard characters and click Save (e.g. domain.com, not *.domain.com).
  4. Click Save on the Local Bad Sender Domains page when complete.

Notes:

[1] Symantec Enterprise Support Services (ESS) does not support the creation or troubleshooting of sender authentication records, except for the DKIM functions integrated into the SMG. If further configuration help is warranted, Symantec offers Email Fraud Protection as a service, which configures all sender authentication methods. Contact Broadcom Sales for a trial and pricing.