Hi,
some spammers do send emails to my users that seem to be originating from our internal domains and sometimes from their own email addresses (sender email = recipient email).
PMG has two network interfaces, one in the lan and the other on the dmz accepting email from internet and from our mx backup server provided by our isp (this mx backup is listed in many blacklists and have to be explicitely whitelisted, because an important part of our correspondents (senders) do not have spf records for their email domains and send explicitely through his email servers beeing also their isp). How could i reject email coming on the dmz interface but originting from outside the company with sender address email beeing in my own company email domain without rejecting legitimate email coming from servers (cron and the likes ) located in the dmz ? For network considerations my spf record is set to SoftFail and can't be changed to hard fail, for now.
some spammers do send emails to my users that seem to be originating from our internal domains and sometimes from their own email addresses (sender email = recipient email).
PMG has two network interfaces, one in the lan and the other on the dmz accepting email from internet and from our mx backup server provided by our isp (this mx backup is listed in many blacklists and have to be explicitely whitelisted, because an important part of our correspondents (senders) do not have spf records for their email domains and send explicitely through his email servers beeing also their isp). How could i reject email coming on the dmz interface but originting from outside the company with sender address email beeing in my own company email domain without rejecting legitimate email coming from servers (cron and the likes ) located in the dmz ? For network considerations my spf record is set to SoftFail and can't be changed to hard fail, for now.