Hi,
In the recent days we are receiving a lot of spam mails with spoofed "from:" sender addresses from internal addresses. The spam filter on our Astaro 6.3 marks them with a very high spam score but does nothing more with them. Other "conventional" spams are filtered out into the proxy content filter.
I first suspected to have an infected Workstation within our network, but the smtp log seems to show that the spam really comes from outside.
I tried to workaround the problem by putting our internal domains into the blacklist but that didn´t help at all.
Appeareantly Astaro regards internal domains as "trusted" and relays everything that seems to come from internal.
Can anybody explain this behaviour to me or help me to solve the problem?
This thread was automatically locked due to age.
