Spoofed Message Detection

Spoofed message detection is used to filter incoming messages where the sender’s address has been forged. The service can detect messages that spoof internal domains or external domains.

  • Messages that spoof internal domains are from forged addresses that appear to come from users within your organization. Internal domain validation uses Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) authentication, as well as checking the sender’s IP address against those configured as outbound routes in the policy.
  • Messages that spoof external domains are from forged addresses that appear to come from legitimate external organizations. External domain validation uses Domain-based Message Authentication, Reporting and Conformance (DMARC) authentication.