Symantec Messaging Gateway (SMG) permits external messages that appear to be sent from internal senders (spoofing).
One of the limitations of the original SMTP protocol is the lack of sender authentication capabilities. This is one of the enablers of spam messages, and allows the sender to spoof any email address, including your own domain.
Add your domain to the list of Local Bad Sender Domains
If the internal domain environment was designed no local email should be coming inbound, email can be safely deleted by adding local domains to the Local Bad Sender Domains list.
In the SMG GUI, go to Reputation > Bad Senders > Local Bad Sender Domains.
Click the Add button near the top of the page.
Type the domain name without wildcard characters and click Save (e.g. domain.com, not *.domain.com).
Click Save on the Local Bad Sender Domains page when complete.
 Symantec Enterprise Support Services (ESS) does not support the creation or troubleshooting of sender authentication records, except for the DKIM functions integrated into the SMG. If further configuration help is warranted, Symantec offers Email Fraud Protection as a service, which configures all sender authentication methods. Contact Symantec Sales for a trial and pricing.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe