KB Article #157285

Spoofing allowed for made-up internal subdomains

Background

Let us assume MG is configured to route mail for the following two domains

domain1.com

domain2.com

 

Anti-spoofing option is enabled on both domains.

 

Problem

Mail sent from Internet to your recipients, sent from email addresses like:

user@subdomain.domain1.com

test@test.domain2.com

etc. is accepted, where it is expected to be dropped due to spoofing internal domains

 

By default MG will consider any unlisted domain as external. This is why mail sent from any made-up subdomain of any of the internal domains, is considered external domain.

 

Resolution

To prevent spoofing subdomains, you need the following entries as your internal domains, in addition to what you have:

.domain1.com

.domain2.com

Note the dot in front of the domain names.

 

For these domains you need to enable Anti-Spoofing (and Recipient verification as best practice)

 

At the end you should have the following domains listed as internal domains:

domain1.com

.domain1.com

domain2.com

.domain2.com

etc.

 

This way MG will treat any sudomains (due to the .) as internal and will apply Anti-Spoofing protection to them.

Still need help?

If this information wasn't helpful to you, just drop us a line. We'll get back to you as soon as possible.