McAfee SMEFCE-AI-DA Administration Guide - Page 164
System Configuration, Answer, Overview
View all McAfee SMEFCE-AI-DA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 164 highlights
Email Protection Administrator Guide Question: I'm receiving spam email from my own email address and I know I didn't send it. What's happening and how do I stop it? Answer: A spammer has "spoofed" your email address. Spoofing means that the "From:" address in emails has been falsified to be an address other than the real source of the emails. The intent is to trick the recipient into opening the email because it appears to be from a trusted source. In your case, they made the mistake of using your own email address as the spoofed address and you realized that you had not sent the email. Spoofing is illegal according to the CAN-SPAM Act of 2003; however, it is still a common tactic used by spammers. You can do any of the following in Email Protection to block these types of emails. • Confirm that your own email address is not in an Allow list. It is possible that the spoofed email would be caught by normal spam filtering; however, if your email address is in an Allow list, spam filtering will be disabled. If necessary, remove your email address from any Allow lists to make sure spam filtering is performed. • Add your own email address to your user-level Deny list This policy will automatically deny any emails received from your email address. It will apply to all emails received from the Internet into Email Protection that are filtered and then sent to you. It will affect only emails sent to your address. • Add your own email address or entire Domain name to your policy set Sender Deny list This policy will do the same as above, but will apply all user accounts subscribed to that policy set. If the Domain name is used, then all emails from that Domain will be filtered. Note: Using a Deny list as a filtering tactic in this situation will succeed only if your corporate email is not sent into the Internet cloud before delivery to other addresses in your Domain name. The assumption is that your corporate email is delivered within your internal network without filtering by Email Protection. If your organization does deliver your corporate email using a delivery method that includes sending it into the Internet, it is possible that valid corporate emails will be filtered if you make the above policy changes. System Configuration Question: I just redirected my MX Record. How can I make sure that my email is coming through Email Protection? Answer: Once the MX Record has been redirected and the entities (Reseller, Customer, Domain, and user accounts) have been configured, emails can be sent from a sender outside of the system to a user provisioned on the Domain. To see if the email was received in your system from Email Protection, monitor email processing flow in the Overview window. You should be aware that email servers do not always accept changes immediately after the redirection of the MX Record. This means that some email servers may still send email directly to your inbound servers and not to the redirected MX Record for the first 2-3 days after the redirection. 156 Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012