Phone Lines icon GFI Support Home

Articles in this section

Enabling and configuring Anti-Spoofing

Author: Dennis Chege Updated

Overview

The Anti-Spoofing filter checks emails received with a sender email address claiming to originate from your own domain against a list of IP addresses known by MailEssentials. If the sender IP address is not on the list of own-domain IP addresses, the email is blocked as the sender information is forged.

This article outlines how to enable and configure this Anti-Spam filter.

Information

This filter is not enabled by default when MailEssentials is installed and has to be explicitly enabled by following the steps below.

Note

Do not whitelist internal users if enabling this feature otherwise this defeats the purpose of carrying out the Anti-Spoofing check.

Enabling and configuring Anti-Spoofing

  1. Open the MailEssentials Configuration UI.
  2. Navigate to Anti-Spam > Anti-Spam Filters > Anti-Spoofing.

    Enable_Anti-spoofing.png

  3. Select Enable Anti-Spoofing to enable the Anti-Spoofing filter.
  4. In the SMTP Server field, provide the SMTP server where GFI MailEssentials checks for email recipient addresses. Optionally, provide a description for the server in the Description field.
    Note

    The SMTP Server field supports the following types of entry:

    • A single IP Address
    • A CIDR range (for example, 192.0.2.1/24)
  5. Click Add SMTP Server to save SMTP server details.
    Note

    To remove previously added SMTP Servers, select an SMTP Server from the Authorized IP Address list section, and click Remove Selected. By default, Use authorized IP addresses from perimeter servers list is enabled. It is recommended that this option stays enabled.

Notes

  • If the MailEssentials server is NOT the first SMTP server that receives the email from the internet (i.e. the MX Record is NOT pointing to the machine where MailEssentials is installed), one or more Perimeter SMTP Servers have to be entered in the MailEssentials configuration as described in the Configuring Perimeter SMTP Servers article. Please note that an improperly configured Perimeter SMTP Server may lead to a type of undesired behavior, such as the one described in the Internal Emails Blocked by the Anti-Spoofing Filter article.
  • Sometimes spoofed emails may still pass through the anti-spam checks. Please follow the Blocking Spoof Emails article to minimize the risk of this happening.
  • The troubleshooting guide from the Determining why the Anti-Spoofing Filter blocked or allowed a message article, may help determine what is causing any type of unwanted behavior if the previous articles did not help.

 

Back to top

Related articles