How to prevent email bounce attack in SMG (Symantec Messaging Gateway)

Problem:

Users has received bounced emails, although he never sent out emails to the senders of these emails. User mail box has getting bulk of failures mail from another domain and notifications from third party domain.

Overview:

In the event that the original recipient finds the message undelivered in his mail box, that mail server observes the produced “Mail From” respect as the first sender, and returns or “skips” the message to that objective or recipient. At the point when the focused on framework observes the server from which the message was reflected as a real sender, it acknowledges the message as an authentic non-deliverable receipt (NDR) message. Bouncer attacker identified that the sender message is genuine sender while sending the spam to original message. As that point attacker can be trigger the spam bouncer mail to genuine message sender.

Netsec bounce attack

For preventing the bounce attack for your mail system.

  • Login in your Symantec Messaging Gateway
  • Go to the “Administrator” –> Control Center –> Certificates
  • Bounce attack prevention seeds

11

  • Go to Administrator –> Users –> Policy Groups –> Spam
  • Enable the “Enable bounce attack prevention for this policy group” need to give action from Email policy. And save it.

12

Once you will enable the bounce attack prevention then after that observe bounce attack event in audits logs.

 

 

 

 

 

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: