Why?

For we must first find the source of the scammers to prevent e-mail spoofing. In general it can be categorized as follows.

• Spoofing of e-mail from a trusted domain or the same as a user domain
• Spoofing of e-mail from known user name with a remote domain

Spoofing e-mail from trusted domains: sometimes see spoofed emails look like they come from trusted domains or the same as your domain, but not. Spammers can the From address easy to falsify. Thus the user "contoso. com 'e-mails the attacker can receive the header xyz@contoso.com. For this kind of spoofing to prevent you DKIM (DomainKeys Identified Mail), SPF (Sender Policy Framework), etc. Configure.

Spoofing of e-mail from external domains in certain other cases, attackers register a domain for a business that they mimic. For example, "conteso. com "instead of" contoso. com. Because e-mail is from a valid domain, DKIM can not identify the spam e-mail. As a safety measure, it is good to warn your organization members when they receive e-mail from an external source.

To prevent spoofing of e-mail names, you can notify users by the methods to be used.

1. Put "External" before the subject line for incoming external emails
2. Warning / disclaimer external sender

You can use the Exchange Transport line to external e-mails highlighting.

How?

External mail alert subject and toolbar

Step 1: Log on EAC and go to e-mail stream. Click "+" to create a new rule.

Step 2: Enter a name for the rule. Ex .: warning line for remote e-mail

Step 3: In the 'Apply this rule as "select" the sender is in "- outside the organization. And add even clicking a line from the bottom of the pop-up window "More options ...". Then click 'Add Condition' to add the host file.

Step 4: Set "Put the subject of the message before" as Remote.

1. Mail flow
2. "" Create new rule
3. Called "Remote Mail Alert"
4. apply the rule as
5. "Transmitter" - "Within the organization"
6. Click "More Options"
7. Click "Add Condition"
8. "The recipient" is "internal / external" - "Outside the organization"
9. In "Do this" click "Post subject precede by ..." -> "EXTERNAL"
10. Choose "Add Action"
11. In "Do this" choose "" -> "Disclaimer apply the message" -> "Disclaimer before adding
13. Right click "Enter text" as in this example
14. Right click "Select option" -> "Packaging"
    • <p><div style=”background-color:#FFEB9C; width:100%; border-style: solid; border-color:#9C6500; border-width:1pt; padding:2pt; font-size:10pt; line-height:12pt; font-family:’Calibri’; color:Black; text-align: left;”><span style=”color:#9C6500″; font-weight:bold;>CAUTION:</span> This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.</div><br></p>
15. Right click "Select option" -> "Packaging"
16. "Save" to apply

Inference

Setting a mail flow control is not difficult, but it protects us effectively against phishing attempts as spoofed domains, spoofing names, etc. However, this is not a perfect solution. Microsoft is constantly defending these types of attacks.

Companies with Office 365 Enterprise E5 or Advanced Threat Protection (ATP) have access to the spoofing information in the Office 365 Security and Compliance Center.