• How to disallow email from people not in Domino directory

    By Allen Seifert 2 decades ago

    Much of the spam that gets past kSpam is "from" my own domain but from fake users that are not in the Domino directory. Is there some way to tell kSpam to reject any message from a person from my own domain but that is not in the Domino directory?

    • By Joerg Bingemer 2 decades ago

      messaging configuration document:

      Under Router/SMTP –> Restrictions and Controls –> SMTP Inbound controls:



      Inbound Intended Recipients Controls

      Verify that local domain recipients exist in the Domino Directory: Enabled

      Allow messages intended only for the following internet addresses:

      Deny messages intended for the following internet addresses:



      Is that what you are looking for ?



      Joerg

      • Domino Features

        By Nico Vis 2 decades ago

        Enforce Domino smtp security is always a first good step.

        Verify that the recpient exists is what you are looking for.

        Another possible restriction to minimize valide adresses (you should consider mail addresses as ports on a firewall and have just the necessary addresses available) is to choose a router lookup as the "fullname only".

        But with this option you have to pay attention on addresses (Firstname@Yourdomain.com, lastname@Yourdomain.com, firstname_lastname@Yourdomain.com ad so on) that are considered with other router lookups and eventually append the ones that you need as whole address in the fullname fiield.



        Regards.

      • By Allen Seifert 2 decades ago

        Thanks for responding Joerg.



        My Domino server is already set up to reject emails sent TO a person in my company that does not exist in the Domino Directory. What I'm looking for is a way to block messages that are supposedly "from" people in my company but in fact, are not. I think this is known as spoofing.



        Currently, I put my own domain (i.e. acme.com) into the From field of an Allow rule in kSpam. However, that means any spam that looks like it is from my own domain gets through.



        So for example, let's say "Bob" is a real id in my comany and "Sally" is not. If an email comes in to Bob@acme.com from Sally@acme.com, kSpam let's it through because of my allow rule. However, "Sally" is not in my Directory.

      • By Allen Seifert 2 decades ago

        Now that I think of it, maybe the problem is that I have an allow rule with my own domain name in the from field. Any legit emails from others in my own company would not come from another mail relay so would kSpam even look at such an email? If kSpam would only look at emails coming from outside my company then I could just remove my allow rule and things would work the way I want - does that sound right?