To prevent sender forgery, you can specify a sender domain within the message header address and the allowed IP addresses for the domain.
Trend Micro Email Security provides a built-in default rule that has the lowest priority to ensure you receive a baseline level of protection. The default rule cannot be deleted.
You can create only one single rule for each Managed Domain. The default rule will be applied if no other rules are matched based on the Managed Domain.


  1. Go to Inbound ProtectionDomain-based AuthenticationSender IP Match.
  2. Click Add.
    The Add Sender IP Match Settings screen appears.
  3. Select a specific recipient domain from the Managed domain drop-down list.
  4. Select Enable Sender IP Match.
  5. Under Sender Domain-IP Paris, add one or multiple domain-IP pairs.
    1. Specify a sender domain using one of the following formats:
      • *
    2. Specify one or multiple IP addresses or IP/CIDR blocks to pair with the domain.
    3. Click Add.
  6. Under Intercept, specify the action to take if the sender IP address does not match the sender domain as you specified.
    • Delete entire message
    • Quarantine
  7. Under Notify, choose to send notifications and select at least one notification template.
  8. Click Add.