KB Article | Forcepoint Support

Problem Description

My end users are receiving spam messages that appear to originate from our own domains. How can I block these bogus emails?


Spam messages often spoof the envelope sender or "From" address to match the recipient's own domain. This common spam characteristic is designed to mislead end users into thinking the message originated within their own organization.

To protect against this threat you can enable the Filter messages that spoof internal domains setting on the Antispam tab of your policies. See Spoofed message detection in the Forcepoint Email Security Cloud help for more details.

Note: if you use a third party to send mail to your users that appears to be from your own domain (such as a cloud CRM or support company), use the Allow spoofing from these sources setting to whitelist the third party's domains or IP addresses. 

Spoofing detection

Keywords: spoofing; phishing and spam mail; email blocking; whitelist issue; blacklist issue; email security settings

Article Feedback

Thank you for the feedback and comments.