Antispoofing does not work when spoofing MIME address
We have received several very hard to spot spoofed addresses that get through the Antispoofing filter but show up in Outlook as a local account because the MIME information is using the internal domain. Antispoofing should be looking at not just the SMTP headers but also any MIME information and have the ability to block/mark/etc any emails with a spoofed domain in the MIME From information.
Frank Vilece commented
This is a very important and basic feature and should be acted upon immediately. I can't believe this feature has not been implemented. It was pointed out in 2015! Why in the world would GFI only concern itself with return path when the user will see the MIME FROM? We have clients failing Spoof testing and being advised by security consultants to rectify this ASAP, and so far GFI has not been able to solve this the way it should!
Simon Atkin commented
Also note previous "workarounds" involving white and blacklisting internal domains are not acceptable, both because that functionality has been removed by GFI anyway for local domains, and even if it hadn't, there are no exceptions based on e.g. SPF or antispoofing authorized IPs.