Re: spam from own email address

Tue, 23 Apr 2019 07:15:38 -0700 

On 23/04/2019 15:02, Ian Jones wrote:

Hello,
I am getting emails like the one below, in which the header from is my own address. The emails contain text in a jpg image and claims my account has been hacked and demands $1000 paid to a bitcoin account. I would like to find a way to reject emails from my own addresses except from my own servers, but so far I have not succeeded. :-( The relevant parts of my configuration are below. I am probably duplicating some actions, since I have recently added restrictions in the hope of preventing these emails. 

Assistance would be appreciated!

Regards

Ian

smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        check_helo_access hash:/etc/postfix/helo_access,
        reject_invalid_hostname,
        reject_non_fqdn_helo_hostname,
        permit
smtpd_recipient_restrictions =
        reject_unauth_pipelining,
        reject_non_fqdn_recipient,
        reject_unknown_recipient_domain,
        permit_mynetworks,
        permit_sasl_authenticated,
        #permit_auth_destination, #Use only for testing!
        reject_unauth_destination,
        check_recipient_access hash:/etc/postfix/recipient_access,
        permit
policy-spf_time_limit = 3600s
smtpd_client_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        check_helo_access hash:/etc/postfix/helo_access,
        reject_unauth_destination,
        check_policy_service unix:private/policy-spf,
        reject_rbl_client zen.spamhaus.org,
        reject_rbl_client all.spam-rbl.fr,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client bl.blocklist.de,
        reject_unknown_client

smtpd_sender_restrictions =
        permit_sasl_authenticated,
        permit_mynetworks,
        reject_sender_login_mismatch,
        reject_unauth_pipelining,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        reject_unlisted_sender,
        check_sender_access hash:/etc/postfix/sender_access,
        permit




Return-Path:    <v...@adacity.net>
X-Original-To:  pm...@iljones.net
Delivered-To:   pm...@iljones.net
Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=91.102.224.58; helo=mail.adacity.net; envelope-from=v...@adacity.net; receiver=<UNKNOWN> Authentication-Results: red0.crumjones.net; dmarc=none (p=none dis=none) header.from=iljones.net Authentication-Results: red0.crumjones.net; spf=pass smtp.mailfrom=v...@adacity.net 
Authentication-Results:         red0.crumjones.net; dkim=none; dkim-atps=neutral
Received: from mail.adacity.net (mail.adacity.net [91.102.224.58]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by red0.crumjones.net (Postfix) with ESMTPS id 0D076C01C1 for <pm...@iljones.net>; Tue, 23 Apr 2019 08:47:30 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.adacity.net (Postfix) with ESMTP id 4308018AE31D for <pm...@iljones.net>; Tue, 23 Apr 2019 14:25:04 +0200 (CEST) Received: from mail.adacity.net ([127.0.0.1]) by localhost (mail.adacity.net [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id aB8mQQGGkYlX for <pm...@iljones.net>; Tue, 23 Apr 2019 14:25:03 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by mail.adacity.net (Postfix) with ESMTP id E25A565F570 for <pm...@iljones.net>; Tue, 23 Apr 2019 13:20:13 +0200 (CEST) 
X-Virus-Scanned:        amavisd-new at mail.adacity.net
Received: from mail.adacity.net ([127.0.0.1]) by localhost (mail.adacity.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id fkEgjqwfsnrz for <pm...@iljones.net>; Tue, 23 Apr 2019 13:20:13 +0200 (CEST) Received: from [host114.190-226-46.telecom.net.ar] (host117.190-226-46.telecom.net.ar [190.226.46.117]) by mail.adacity.net (Postfix) with ESMTPSA id 3FB5D1761420 for <pm...@iljones.net>; Tue, 23 Apr 2019 12:30:07 +0200 (CEST) 
X-CSA-Complaints:       complai...@adacity.net
Message-ID:     <ik78p8ezfq47$5o713nzm$0g2b55t2$@adacity.net>
List-Subscribe:         <https://adacity.net/lists/?p=subscribe>
Errors-To:      mai...@adacity.net
X-Abuse-Reports-To:     ab...@mailer.adacity.net
Date:   Tue, 23 Apr 2019 12:30:09 +0200
Abuse-Reports-To:       <ab...@adacity.net>
Subject:        pmlco
Content-Type: multipart/related; boundary="81736114377633610-DEDDA362CBDF286C47" 
MIME-Version:   1.0
X-Mailer:       Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
X-Sender:       <v...@adacity.net>
To:     pm...@iljones.net
List-Unsubscribe: <mailto:1860db43c67fea58bff33aa3ba1...@unsubscribe.adacity.net>, 
List-ID:        <335211.adacity.net>
User-Agent:     Outlook 260/wryuw
From:   pm...@iljones.net
I was trying to sort the same issue in this thread: http://postfix.1071664.n5.nabble.com/Is-it-possible-to-use-header-checks-on-multiple-headers-tp101022.html
This reply: http://postfix.1071664.n5.nabble.com/template/NamlServlet.jtp?macro=user_nodes&user=6129 looks really interesting but I have not had the time to try it out yet. 

Nick

Reply via email to