The user was trying to send a mail from internal to external domain but it is blocking by sinkhole because it is showing as malicious traffic, however, we are able to receive from that malicious domain, Can we block reverse mail from an external server to internal using DNS license. In my case, it has received.
Eg- User mail is email@example.com and trying to send malicious domain i.e firstname.lastname@example.org ====blocked by sinkhole policy in NGFW
However, user email@example.com received mail from malicious domain i.e firstname.lastname@example.org === can I control using DNS license.
User should not receive an email from any malicious domain so can I control in NGFW using DNS security.
DNS really doesn't come into play when you receive an email from an outside email system*. If the IP itself is a known malicious address within any of the PAN lists you could configure a security policy blocking that traffic inbound (and you should), but on a shared/hosted email platform that's not going to be an option.
This is really a job for an email security gateway or a transport rule on your email system. Your firewall can do limited inspection on SMTP traffic and some basic filtering, but you're really going to want to have an actual email security product in place.
* A lot of email security products and email systems will attempt to resolve the source address if properly configured to figure out if the source is in the SPF or DKIM records. That doesn't mean it's going to resolve back to mybaddomain.abc or anything like that, and that doesn't mean that all systems do that if they aren't configured to do so.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!