Yet another spam tactic
To get through spam filters, spammers are more frequently spoofing From: addresses in e-mails to use the domain of the receiving organization. For instance, they will send messages from joe@example.com to doe@example.com because many organizations whitelist any mail coming from their own domain.
To combat this, I recently decided to blacklist all email from @mbgsd.org to @mbgsd.org. Internal emails still work fine, but anything that comes from the outside to our spam filter with @mbgsd.org in the from field is rejected to block all of that spam. This change immediately reduced the spam tactic’s effectiveness, but it “breaks” features like “emailing to a friend” found on many websites because those websites actually spoof (in a less unsolicited way) the From: address to look like their messages came from the person originating the request.
So it’s a tradeoff: block tons of spam and lose the ability to use the “email this” features found on some websites, or let the spam in and keep those features.
Leave a Reply