Jump to content

question about mail rules and avoid spearhead phishing

Recommended Posts



Customer with Exchange 2013 CU23 was in email-discussion with a supplier.

"Supplier-mail-adress"  send an faked pdf-invoice with different bank-details.  (scam-mail)

From:  Field was right.

Reply-to: was the scammer with a strange-mail-domain.

SMTP Sender IP  was strange and not the Supplier


In ESET Mail Security I could create Mail-Rules in case "SPF failed" or "rDNS is missing" , but as far as I know I don´t have much other opportunities to avoid such scam.


Thx for you oppinion!




Link to comment
Share on other sites

  • ESET Staff


your customer can use additional rules with conditions: SMTP Sender's domain, Sender's IP address, From header - address, to check if emails with From: "supplier-mail-address" have also corresponding IP address range or SMTP Sender.

Note: we plan to add the Sender Spoofing Protection feature to the upcoming vNext version of EMSX, to help to automate tasks like these.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...