Skip to content
September 24, 2019

Sophos Email Appliance: How to block spoofed "From" names

Overview

This article describes how to block spoofed "From" names when the email address isn't from your own domain.

The following sections are covered:

Applies to the following Sophos products and versions
Sophos Email Appliance

Scenario

In this example, mail from Joe Smith is "spoofed" so that in Outlook his name is displayed as the sender. This is done to fool Tracy into purchasing something and sending it to the scammer. But when checking the actual From address, it is a valid external address.

From: Joe Smith
To: Tracy Barker

What to do

  1. Go to Configuration > Policy > Additional Policy > Inbound and then click Add.
  2. Under the Select rule type section, select Use only message attributes and then click Next.
  3. Under the Identify message attributes section, click Add. Select Header in the drop-down menu.
  4. In the Name field, enter "From" (the capital F is important) and select contains (substring match).
  5. In the Value field, enter the name of the person that needs to be filtered (i.e. Joe Smith) and then click Apply.

  1. Continue doing this for the users that are required to be added.
  2. Under Matching Logic, choose One of the message attributes must be present. Click Next.

  1. Click the Exclude Sender tab and select Custom groups.
  2. Enter **@validcompany.com and then click Add. Click Next.

  1. Under the Message actions section, select Quarantine. Click Next.
  2. Enter a Policy rule name, select Activate this rule and then click Save.

This rule will quarantine any email coming in with the display name Joe Smith if it is not also from the domain validcompany.com.

Related information

Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.

Feedback and contact

If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article.
This is invaluable to us to ensure that we continually strive to give our customers the best information possible.Article appears in the following topics

Previous article Advisory: Sophos Central Maintenance scheduled

More Sophos News Posts

See more

Featured collection

  • Sophos XGS 107 / 107 Wireless By Sophos - Buy Now - AU $782.76 At The Tech Geeks Australia
    Sophos XGS 107 / 107 Wireless By Sophos - Buy Now - AU $782.76 At The Tech Geeks Australia

    Sophos XGS 107 / 107 Wireless

    $782.76 - $1,173.39
    $782.76 - $1,173.39
    $782.76 - $1,173.39
    $782.76

    The Sophos XGS 107 Firewall Appliance is built upon a dual-processor architecture, combining a high-performance, multi-core CPU with a dedicated Xs...

    View full details
    $782.76 - $1,173.39
    $782.76 - $1,173.39
    $782.76 - $1,173.39
    $782.76
  • Sophos XGS 116 / 116 Wireless By Sophos - Buy Now - AU $997.55 At The Tech Geeks Australia
    Sophos XGS 116 / 116 Wireless By Sophos - Buy Now - AU $997.55 At The Tech Geeks Australia

    Sophos XGS 116 / 116 Wireless

    $997.55 - $1,867.19
    $997.55 - $1,867.19
    $997.55 - $1,867.19
    $997.55

    The Sophos XGS 116 Firewall Appliance is built upon a dual-processor architecture, combining a high-performance, multi-core CPU with a dedicated Xs...

    View full details
    $997.55 - $1,867.19
    $997.55 - $1,867.19
    $997.55 - $1,867.19
    $997.55
  • Sophos XGS 87 / 87 Wireless By Sophos - Buy Now - AU $596 At The Tech Geeks Australia
    Sophos XGS 87 / 87 Wireless By Sophos - Buy Now - AU $596 At The Tech Geeks Australia

    Sophos XGS 87 / 87 Wireless

    $596.00 - $984.69
    $596.00 - $984.69
    $596.00 - $984.69
    $596.00

    The Sophos XGS 87 Firewall Appliance is built upon a dual-processor architecture, combining a high-performance, multi-core CPU with a dedicated Xst...

    View full details
    $596.00 - $984.69
    $596.00 - $984.69
    $596.00 - $984.69
    $596.00
  • Sophos XGS 126 / 126 Wireless By Sophos - Buy Now - AU $1356.15 At The Tech Geeks Australia
    Sophos XGS 126 / 126 Wireless By Sophos - Buy Now - AU $1356.15 At The Tech Geeks Australia

    Sophos XGS 126 / 126 Wireless

    $1,356.15 - $2,487.62
    $1,356.15 - $2,487.62
    $1,356.15 - $2,487.62
    $1,356.15

    The Sophos XGS 126 Firewall Appliance is built upon a dual-processor architecture, combining a high-performance, multi-core CPU with a dedicated Xs...

    View full details
    $1,356.15 - $2,487.62
    $1,356.15 - $2,487.62
    $1,356.15 - $2,487.62
    $1,356.15
  • Sophos XGS 136 / 136 Wireless By Sophos - Buy Now - AU $1714.74 At The Tech Geeks Australia
    Sophos XGS 136 / 136 Wireless By Sophos - Buy Now - AU $1714.74 At The Tech Geeks Australia

    Sophos XGS 136 / 136 Wireless

    $1,714.74 - $3,916.17
    $1,714.74 - $3,916.17
    $1,714.74 - $3,916.17
    $1,714.74

    The Sophos XGS 136 Firewall Appliance is built upon a dual-processor architecture, combining a high-performance, multi-core CPU with a dedicated Xs...

    View full details
    $1,714.74 - $3,916.17
    $1,714.74 - $3,916.17
    $1,714.74 - $3,916.17
    $1,714.74
Shop collection