如何减少进入我的网络的欺骗电子邮件?

如何减少进入我的网络的欺骗电子邮件?

我的公司收到了很多欺骗性的电子邮件。例如。[电子邮件保护]收到来自[电子邮件保护]包含恶意软件或不良链接。

我的域名 mycompany.com 已设置 SPF 记录(我知道这是有效的)。因此,我们正在运行 Microsoft Exchange 2013,我认为只要我将 SenderID -SpoofedDomainAction 设置为“Reject”,所有邮件都应该顺利通过,但是,任何带有虚假发件人地址的来信都应该立即被拒绝。

我通过在 powershell 中输入以下内容来启用此设置:

设置 SenderIDConfig -SpoofedDomainAction 拒绝

接下来,我输入

获取发件人ID配置

结果如下:

+========================+=========================================================================================+
| RunspaceId             | 84d80932-a4e4-470e-a71d-35e88c0d3073                                                    |
+========================+=========================================================================================+
| SpoofedDomainAction    | Reject                                                                                  |
+------------------------+-----------------------------------------------------------------------------------------+
| TempErrorAction        | StampStatus                                                                             |
+------------------------+-----------------------------------------------------------------------------------------+
| BypassedRecipients     | {}                                                                                      |
+------------------------+-----------------------------------------------------------------------------------------+
| BypassedSenderDomains  | {}                                                                                      |
+------------------------+-----------------------------------------------------------------------------------------+
| Name                   | SenderIdConfig                                                                          |
+------------------------+-----------------------------------------------------------------------------------------+
| Enabled                | True                                                                                    |
+------------------------+-----------------------------------------------------------------------------------------+
| ExternalMailEnabled    | True                                                                                    |
+------------------------+-----------------------------------------------------------------------------------------+
| InternalMailEnabled    | False                                                                                   |
+------------------------+-----------------------------------------------------------------------------------------+
| AdminDisplayName       |                                                                                         |
+------------------------+-----------------------------------------------------------------------------------------+
| ExchangeVersion        | 0.1 (8.0.535.0)                                                                         |
+------------------------+-----------------------------------------------------------------------------------------+
| DistinguishedName      | CN=SenderIdConfig,CN=Message Hygiene,CN=Transport Settings,CN=mydomain                  |
+------------------------+-----------------------------------------------------------------------------------------+
|                        | Contracting,CN=Microsoft                                                                |
+------------------------+-----------------------------------------------------------------------------------------+
|                        | Exchange,CN=Services,CN=Configuration,DC=internal,DC=mccoskers,DC=com,DC=au             |
+------------------------+-----------------------------------------------------------------------------------------+
| Identity               | SenderIdConfig                                                                          |
+------------------------+-----------------------------------------------------------------------------------------+
| Guid                   | 6e0ea226-f298-4b33-8d15-f8981f3f65ac                                                    |
+------------------------+-----------------------------------------------------------------------------------------+
| ObjectCategory         | internal.mydomain.com/Configuration/Schema/ms-Exch-Message-Hygiene-Sender-ID-Config     |
+------------------------+-----------------------------------------------------------------------------------------+
| ObjectClass            | {top, msExchAgent, msExchMessageHygieneSenderIDConfig}                                  |
+------------------------+-----------------------------------------------------------------------------------------+
| WhenChanged            | 16/12/2015 3:42:45 PM                                                                   |
+------------------------+-----------------------------------------------------------------------------------------+
| WhenCreated            | 19/03/2013 12:37:15 PM                                                                  |
+------------------------+-----------------------------------------------------------------------------------------+
| WhenChangedUTC         | 16/12/2015 5:42:45 AM                                                                   |
+------------------------+-----------------------------------------------------------------------------------------+
| WhenCreatedUTC         | 19/03/2013 2:37:15 AM                                                                   |
+------------------------+-----------------------------------------------------------------------------------------+
| OrganizationId         |                                                                                         |
+------------------------+-----------------------------------------------------------------------------------------+
| Id                     | SenderIdConfig                                                                          |
+------------------------+-----------------------------------------------------------------------------------------+
| OriginatingServer      | MCC-FS2.internal.mydomain.com                                                           |
+------------------------+-----------------------------------------------------------------------------------------+
| IsValid                | True                                                                                    |
+------------------------+-----------------------------------------------------------------------------------------+
| ObjectState            | Unchanged                                                                               |
+========================+=========================================================================================+

重新启动运输服务后,我去了http://www.anonymailer.net/并发送了一封欺骗性的电子邮件,然而它并没有被拒绝,并且在几分钟内就到达了我的收件箱。

我还需要做其他什么事情才能使其正常工作吗?

答案1

您是否真的尝试过从 Exchange 服务器对您自己的域进行 SPF 查找?在某些配置中 - 外部域也是您的内部 Windows 域的名称 - 您需要将 SPF 记录添加到您的内部 DNS 区域,这样 Exchange 才能真正看到它。

虽然我可能会建议您部署第三方工具来进行过滤,因为内置过滤器在没有 Edge 服务器的情况下非常弱。只需支付额外的 Exchange 和 Windows 许可证费用,您就可以获得具有更多功能和报告的第三方工具。

西蒙。

相关内容