We had a Social Engineering vulnerability assessment performed recently and one of the parts of this assessment was a spoofed e-mail with a link to a fake website. It was a test to see how many employees would click on the link and go to this website and put their windows password in.
The spoofed e-mail came from our vendor, but in the e-mail headers they made it look like it came from us HR@xyzcompany.com for example, if we are xyzcompany.com.
Is there a way on the IronPort to prevent this type of spoofed e-mail coming inbound? I don't see why any e-mail from our domain should be coming inbound. E-mail with our domain in it should only be coming from internally going outbound.
I think the old Barracuda e-mail filter that we used to use prior to IronPort did this, but I forget the terminology or what the setting was called.