Mail is still being received from blacklisted domains (spoofed emails)


Considerations in blocking SPAM and how e-mail messages can be 'spoofed'  to appear to come from someone other than their actual sender.


Sometimes it is difficult to validate the actual origin of a mail message. The contents of the message (and how it is viewed in the mail client) has virtually nothing to do with where the message actually came from. The analogy is an envelope and a message. An envelope can be sent to a person, but the letter itself could contain a message for another person. If you throw the envelope away, then you have little proof as to who the message actually came from. This is very much what happens with mail. Spammers send a message and they envelope to your actual address, however, the message inside the envelope actually says that the message is from someone else.

Here is an example:

SMTP Server receives mail from User1 to

The contents of the message/message headers sent in the SMTP transaction contain the following:

Subject: This is spam

Message text

For example, it is possible to blacklist; but this will not block the incriminating e-mail, as you actually need to blacklist User1 (or the IP address that the
person is sending from).


The solution is to work out exactly who is sending these messages and what IP address they are sending them from. Unfortunately, when the message is received in the mailbox, virtually all envelope information has been lost. It only resides in the MailEnable logs (MailEnable does allow you to do reverse lookups on sender addresses and require PTR records - and this is the best way to get around this problem).

The domain blacklisting (as opposed to Reverse DNS Blacklisting) feature is not intended to fight spam. It is more to stop users receiving mail from legitimate (i.e.: non spoofed) domains. 
It has limited effectiveness in preventing SPAM from spammers who can masquerade their domains as whoever they want.


Blacklisting mechanisms: Article ME020084

Product:MailEnable (Custom: Custom: Custom: Custom: Custom: Custom: All Versions)
Class:INF: Product Information
Created:16/06/2003 8:53:00 PM
Revised:Wednesday, May 4, 2016