Hi everyone,
we detected phishing spam mails are being sent at high rate from our single Exchange Server
Messages are sent by: "******@*******citibank.com", with this subject: "Your Credit Card Has Been Limited" from various External IPs.
We now deployed some network security filters, but I have one concern:
How do spammers use our Exchange connector to send mail as an external unmanaged domain ?
Why is it possible by default ? How to avoid it and allow messages sent by internal domain only ?
Thanks for helping !