{"id":2282,"date":"2018-07-12T14:59:50","date_gmt":"2018-07-12T14:59:50","guid":{"rendered":"http:\/\/galhano.com\/blog\/?p=2282"},"modified":"2026-01-20T10:39:30","modified_gmt":"2026-01-20T10:39:30","slug":"how-to-prevent-internal-email-spoofing-in-an-exchange-organization","status":"publish","type":"post","link":"https:\/\/galhano.com\/blog\/?p=2282","title":{"rendered":"How to prevent internal email spoofing in an Exchange organization"},"content":{"rendered":"<p>Ensuring email security might be one of the most important and most difficult tasks an administrator must face. Every day, servers process thousands of emails and controlling such a big mail flow is not easy. No wonder hackers focus on this channel when they plan attacks. They use various tricks to make users think that opening a suspicious attachment is a good idea.<\/p>\n<p>One of the tricks they use is email spoofing.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2614 size-full lazyloaded\" src=\"https:\/\/www.codetwo.com\/admins-blog\/wp-content\/uploads\/2017\/06\/2017-06-22-Prevent_Spoofing_Blog_Image.jpg\" srcset=\"https:\/\/www.codetwo.com\/admins-blog\/wp-content\/uploads\/2017\/06\/2017-06-22-Prevent_Spoofing_Blog_Image.jpg 602w, https:\/\/www.codetwo.com\/admins-blog\/wp-content\/uploads\/2017\/06\/2017-06-22-Prevent_Spoofing_Blog_Image-300x156.jpg 300w\" alt=\"Prevent Internal Spoofing in Exchange organization\" width=\"602\" height=\"314\" data-lazy-src=\"https:\/\/www.codetwo.com\/admins-blog\/wp-content\/uploads\/2017\/06\/2017-06-22-Prevent_Spoofing_Blog_Image.jpg\" data-lazy-srcset=\"https:\/\/www.codetwo.com\/admins-blog\/wp-content\/uploads\/2017\/06\/2017-06-22-Prevent_Spoofing_Blog_Image.jpg 602w, https:\/\/www.codetwo.com\/admins-blog\/wp-content\/uploads\/2017\/06\/2017-06-22-Prevent_Spoofing_Blog_Image-300x156.jpg 300w\" data-lazy-sizes=\"(max-width: 602px) 100vw, 602px\" data-was-processed=\"true\" \/><\/p>\n<h2>What is email spoofing?<\/h2>\n<p>Email spoofing is a very popular attack method. The sender modifies message headers so that emails appear as sent from someone else. Hackers use it, for example, to impersonate employees of a company to obtain login credentials, personal data, or other confidential information. Two most common ways to protect your organization from external spoofing attacks are:<\/p>\n<ul>\n<li>An SPF record \u2013 a list of IP addresses which are authorized to send emails from a domain.<\/li>\n<li>DKIM check \u2013 an email authentication method. It enables you to sign and verify email messages using public and private keys. The public keys, published in the DNS records are used to verify if the message comes from the original sender. You cannot configure it on the Exchange Server natively \u2013 you require a plugin for SMTP gateway.<\/li>\n<\/ul>\n<p>Both ways give good results when fighting with external spoofing. The problem starts when we come across internal spoofing when one employee tries to impersonate a colleague. It might be a joke, or to achieve some benefits \u2013 either way, it can sabotage a company in a number of ways:<\/p>\n<ul>\n<li>Cause chaos,<\/li>\n<li>Induce material damage,<\/li>\n<li>Harm data integrity,<\/li>\n<li>Damage the company reputation.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>See Full article in <a href=\"https:\/\/www.codetwo.com\/admins-blog\/how-to-prevent-internal-email-spoofing-in-exchange\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.codetwo.com\/admins-blog\/how-to-prevent-internal-email-spoofing-in-exchange\/<\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ensuring email security might be one of the most important and most difficult tasks an administrator must face. Every day, servers process thousands of emails and controlling such a big mail flow is not easy. No wonder hackers focus on this channel when they plan attacks. They use various tricks to make users think that [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,22,2,14,42],"tags":[],"class_list":["post-2282","post","type-post","status-publish","format-standard","hentry","category-exchange","category-microsoft","category-truques-dicas","category-tutorials","category-utils","author-admin"],"_links":{"self":[{"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/2282","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2282"}],"version-history":[{"count":1,"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/2282\/revisions"}],"predecessor-version":[{"id":2283,"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/2282\/revisions\/2283"}],"wp:attachment":[{"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2282"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2282"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/galhano.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2282"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}