On Sat, May 9, 2015 19:19, Jonathan Bees wrote:
> Hi,
>
> This might be a stupid question, but I recently received a email spam
> from one of my users u...@mydomain.com, which was spam. After asking
> her about it and afterwards checking logs, it turns out it came from
> some random Brazilian server (and she was not hacked *sigh of
> relief*). But the spam email from seemingly our own user got me to
> wondering how to prevent such situations happening in the future.
>
> I am aware of SPF, but is there a Postfix-way of stopping spammer
> sending emails with my own spoofed domain? Making Postfix aware not
> to accept emails from (supposedly) u...@example.com when not
> originating from a host listed in mynetworks ?
>
> Jonathan
>
We use this:
#/etc/postfix/main.cf
. . .
check_helo_access pcre:/etc/postfix/helo_checks.pcre
#/etc/postfix/helo_checks.prce
. . .
# Dopplegangers
/^(.*\.)?(hamilton\.)?halisp\.net$/
550 Do not use this domain/hostname
/^(.*\.)?(hamilton\.)?harte-lyne\.ca$/
550 Do not use this domain/hostname
/^(.*\.)?(hamilton\.)?harte-lyne\.com$/
550 Do not use this domain/hostname
/^\[?216\.185\.76\.28\]?$/
550 Spammer comes to me \
Greets me with my own IP \
His mail I shall not see.
. . .
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
James B. Byrne mailto:byrn...@harte-lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
