MIDAS KnowledgebaseMIDAS Knowledgebase

Emails sent from my MIDAS system contain a warning that they may be "spoofed"

If emails sent from your MIDAS system include a warning about them being "spoofed" or that "This sender failed our fraud detection checks and may not be who they appear to be" when they are received, this indicates that the domain relating to the email address the message was purportedly sent "from" isn't currently configured to authorize emails to be sent on its behalf from external/3rd party sources (i.e. the physical server where your MIDAS system resides).

Example Scenario:

In the above example, the receiving mail server on domain C queries domain B to check whether domain A is authorized to send mail on behalf of domain B. If it isn't the email is flagged as being potentially "spoofed" (i.e. domain A is "pretending" to be domain B).

This can be resolved in a number of ways, depending upon the level of access you have to the domains/servers in question:

A) If you own/administer "domain B" from the above scenario (i.e. your own organization's domain) - For example, if you've configured your MIDAS to send email from "noreply@yourdomain.com" and you also administer the root "yourdomain.com" domain, then you have two options:

1) Modify "yourdomain.com"'s SPF (Sender Policy Framework) DNS record to "whitelist" the server on which your MIDAS system resides (domain "A" in the above scenarios), so that it is authorized to send email on your own domain's behalf. For example, the domain's modified SPF record may look like this:

v=spf1 ip4:x.x.x.x a:your_midas_domain -all

...in the above SPF record example, your domain would only allow the IP address x.x.x.x or the domain "your_midas_domain" to send email on behalf of your domain.

TIP: If you run a cloud-hosted edition of MIDAS, you can find the IP address of the server hosting your MIDAS, by logging in and going to Statistics → MIDAS → Diagnostics → MIDAS Server IP

For more information on correct SPF record syntax, please see: http://www.openspf.org/SPF_Record_Syntax

Alternatively;

2) Configure your MIDAS email settings to send email directly via your domain's own SMTP servers. You can configure these settings via MIDAS Admin Options → Manage MIDAS → Email. Once correctly configured, all subsequent email sent from your MIDAS system will instead be relayed through your organization's own SMTP servers rather than be send directly from the server where your MIDAS resides, or another SMTP server. This will mean that there won't be a mis-match between the "virtual" email address(s) you're sending from and actual mail server they're being sent from.

B) If you don't own/administer "domain B" from the original scenario, then you have two options:

1) Configure your MIDAS email settings to send email directly via your domain's own SMTP servers. You can configure these settings via MIDAS Admin Options → Manage MIDAS → Email. Once correctly configured, all subsequent email sent from your MIDAS system will instead be relayed through your organization's own SMTP servers rather than be send directly from the server where your MIDAS resides, or another SMTP server. This will mean that there won't be a mis-match between the "virtual" email address(s) you're sending from and actual mail server they're being sent from.

Alternatively;

2) Change the email address(s) from which outgoing emails are being purportedly sent from in your MIDAS system. For example, if you're attempting to send emails purportedly to be from "domainX", and "domainX" itself prohibits sending of email from @domainX addresses from non-domainX servers, change the email address in MIDAS to instead be for a domain which will allow sending of email from external servers.

You might also be interested in...
MIDAS » KB » Support » Article 00171

← Return to Knowledgebase