hi There,
My organization's CEO's email address was spoofed by an external source, due to which our CEO started receiving NDR's from whom the spoofer has sent the emails to. As I have identified the source IP from header(NDRs header), I would like to know how black
list the source IP.
Many blogs and websites says to ignore the spoof or to modify the email address or to create rules to delete the NDR emails that are specifically coming from that recipient. but I'm little hesitate to say this to my management as the affected user is CEO.