Z Services Cloud Anti-Spoofing
Email spoofing is the creation of an email with a forged sender address to intentionally mislead the recipient about its origin. This technique is often used in phishing campaigns and generally attempts to get a user to click a link and share their credentials or reply with sensitive information.
Z Services Cloud offers functionality to help prevent email spoofing. There are two types of From addresses in an email, both of which can be spoofed:
Envelope From: This is sent during the MAIL FROM command. Envelope From is straight forward to protect and isn't commonly used for legitimate mail to spoof. This is generally protected using SPF (Sender Policy Framework).
Mime-Encoded From: This is sent during the DATA command. It is not protected by any SMTP mechanism and as such is open to spoofing.
Go to Filter Rules > Anti-Spoofing Settings to access Z Services Cloud's anti-spoofing functionality. If you are a Domain Group Administrator, the Anti-Spoof Domains window displays showing a list of your domains:
Check the box 
to the left of the domain you want to edit and click the edit 
icon or Edit button. Check multiple boxes to edit multiple domains at once.
The Anti-Spoof Settings window displays for your selected domain(s). If you are a Domain Administrator, the Anti-Spoof window is your default view:
Follow the steps below to enable and modify your anti-spoof settings.
By default, anti-spoof settings are not enabled. Click Enable and the display expands:
Use SPF Record for IP Validation: Enable this option to use your SPF record to determine if a sender is valid instead of specifying IPs in the IP List. By default, this option is not enabled.
IP List: If you have not enabled Use SPF Record for IP Validation, you can add a list of CIDR notation ranges here that are allowed to send email using your domain. Click Add... to add an entry. Once added, click the edit
icon to edit an IP, or the delete 
icon to delete an IP from the list.Using IP List is more secure than using Hostname List. Generally, try to use Hostname List only if you are not using SPF and a service you are using has too many IPs to list.
Hostname List: Click Add... to enter hostnames that are allowed to send email using your domain, e.g. www.example.com.
Enter example.com to include any sub-domains such as support.example.com, mail.example.com, docs.example.com, etc.
Regular expression patterns can be used here, but are not necessary. If using regular expression, note that the more generic the expression, the easier it is to bypass spoofing.
If logged in as Domain Group Administrator and editing multiple domains, click Save to save changes to all domains and return to the Anti-Spoof Domains window.
Warning
If you do not click Save when editing multiple domains, only changes to the first domain checked will be saved.
Related Articles
Anti-Spam Engine
Z Services Cloud has extensive content scanning and message filtering capabilities that allow you to apply corporate filtering policies to all messages that enter or leave your organization on a per-domain or per-recipient basis. Go to the Anti-Spam ...Z Services Cloud Setup
A Domain Group Administrator can follow the steps below to complete their Z Services Cloud setup and initial configuration. The following information is required to complete the setup: Z Services Cloud login credentials for the Domain Group ...Z Services Merale Cloud Email Flow
Z Services Merale Cloud provides anti-spam defenses using a multi-layered approach that detects over 99% of spam. See the diagram below for an overview of the flow of email through the Cloud. Filter rules and policies allow you to enforce your ...In-App Help for Z Services Cloud
In-app help is available on most screens in Z Services Cloud. Click on the in-app help icon where visible for information specific to the screen you are currently viewing:Z Services Pattern Filtering
In Z Services cloud, pattern filters allow you to block or accept emails based on filter rules that can be applied to an email. Pattern filtering is generally not needed, but occasionally it may be necessary to define filters that block or accept ...