[pfx] Re: Spam mails seen in logfiles question

Bill Cole via Postfix-users: > On 2023-08-23 at 14:38:18 UTC-0400 (Wed, 23 Aug 2023 12:38:18 -0600) > IUL Support via Postfix-users > is rumored to have said: > > > I must be missing something in what you're saying. > > > > If the server receives a message for myu...@mydomain.com and myuser's >

[pfx] Re: Spam mails seen in logfiles question

Wednesday, August 23, 2023 9:17 AM To: IUL Support via Postfix-users Subject: [pfx] Re: Spam mails seen in logfiles question On 2023-08-23 at 05:22:21 UTC-0400 (Wed, 23 Aug 2023 03:22:21 -0600) IUL Support via Postfix-users is rumored to have said: Hi All, Have a legacy server that I&#x

[pfx] Re: Spam mails seen in logfiles question

f successful bounce management strategy to me. -Original Message- From: Bill Cole via Postfix-users Sent: Wednesday, August 23, 2023 9:17 AM To: IUL Support via Postfix-users Subject: [pfx] Re: Spam mails seen in logfiles question On 2023-08-23 at 05:22:21 UTC-0400 (Wed, 23 Aug 2023 0

[pfx] Re: Spam mails seen in logfiles question

On 2023-08-23 at 05:22:21 UTC-0400 (Wed, 23 Aug 2023 03:22:21 -0600) IUL Support via Postfix-users is rumored to have said: Hi All, Have a legacy server that I've just taken over maintaining. It's set up with postfix that handles a small handful of email users. In looking through the logfi

[pfx] Re: Spam mails seen in logfiles question

Dnia 23.08.2023 o godz. 03:22:21 IUL Support via Postfix-users pisze: > The email will be from > some_spammy_text-myuser=mydomain@notmydomain.com and addressed to > myu...@mydomain.com. > > The LHS always seems to have the same basic format ie. the underscores and > the equal sign so it seem

Re: spam emails with "to:" line missing

On Tue, Apr 19, 2022 at 09:45:12PM -0600, @lbutlr wrote: > On 2022 Apr 15, at 16:53, Viktor Dukhovni wrote: > > On Fri, Apr 15, 2022 at 04:30:19PM -0600, @lbutlr wrote: > > > >> However, it is *very* common for a BBC email to have a To header with > >> no email address in it at all, > > > > Thi

Re: spam emails with "to:" line missing

On 2022 Apr 15, at 16:53, Viktor Dukhovni wrote: > On Fri, Apr 15, 2022 at 04:30:19PM -0600, @lbutlr wrote: > >> However, it is *very* common for a BBC email to have a To header with >> no email address in it at all, > > This violates RFC5322 and earlier versions. No it does not. > The "To:" h

Re: spam emails with "to:" line missing

On 16/04/2022 10.53, Viktor Dukhovni wrote: > On Fri, Apr 15, 2022 at 04:30:19PM -0600, @lbutlr wrote: > >> However, it is *very* common for a BBC email to have a To header with >> no email address in it at all, > > This violates RFC5322 and earlier versions. The "To:" header must > contain at l

Re: spam emails with "to:" line missing

On Fri, 15 Apr 2022 11:06:35 +0200 Tinne11 wrote: > > > Am 15.04.2022 um 08:49 schrieb Fourhundred Thecat > > <400the...@gmx.ch>: > > > > Are there any legitimate cases where "to:" might be missing? > > > RFC 5322 says: "The only required header fields are the origination > date field and

Re: spam emails with "to:" line missing

On Fri, Apr 15, 2022 at 04:30:19PM -0600, @lbutlr wrote: > However, it is *very* common for a BBC email to have a To header with > no email address in it at all, This violates RFC5322 and earlier versions. The "To:" header must contain at least one address (or group). https://datatracker.ie

Re: spam emails with "to:" line missing

> On 2022 Apr 15, at 07:30, Benny Pedersen wrote: > > On 2022-04-15 10:47, Bernardo Reino wrote: > >> Many e-mails are sent to "BCC" lists, so they have no To: header (or >> have one with "undisclosed-recipients"). > > bcc does not remove or add to No, and that's not what what said. However

Re: spam emails with "to:" line missing

On Fri, 15 Apr 2022, Benny Pedersen wrote: On 2022-04-15 10:47, Bernardo Reino wrote: Many e-mails are sent to "BCC" lists, so they have no To: header (or have one with "undisclosed-recipients"). bcc does not remove or add to I didn't say that :) (maybe the "so they have no.." implied so

Re: spam emails with "to:" line missing

On 2022-04-15 10:47, Bernardo Reino wrote: Many e-mails are sent to "BCC" lists, so they have no To: header (or have one with "undisclosed-recipients"). bcc does not remove or add to So I'd be careful with rejecting/filtering only based on that. spammers does not know all that details :=)

Re: spam emails with "to:" line missing

On 2022-04-15 08:49, Fourhundred Thecat wrote: I am receiving spam emails, where the "to:" line is entirely missing in the email header. The header has "X-Original-To:" and "Delivered-To:", but no "to:" line. I have pasted the header here: https://ctxt.io/2/AABg30FRFQ How could I block such e

Re: spam emails with "to:" line missing

Dnia 15.04.2022 o godz. 02:21:46 li...@lazygranch.com pisze: > > The header doesn't look odd because the mailing list provides a TO > field. No, it doesn't. I don't see any "To:" field in the headers of Tinne11's message. I do see a "Cc:" field, but not "To:". And referring to the original quest

Re: spam emails with "to:" line missing

On 15/04/22 6:49 pm, Fourhundred Thecat wrote: I am receiving spam emails, where the "to:" line is entirely missing in the email header. The header has "X-Original-To:" and "Delivered-To:", but no "to:" line. I have pasted the header here: https://ctxt.io/2/AABg30FRFQ How could I block such em

Re: spam emails with "to:" line missing

On Fri, 15 Apr 2022, li...@lazygranch.com wrote: On Fri, 15 Apr 2022 11:06:35 +0200 Tinne11 wrote: Am 15.04.2022 um 08:49 schrieb Fourhundred Thecat <400the...@gmx.ch>: Are there any legitimate cases where "to:" might be missing? RFC 5322 says: "The only required header fields are the o

Re: spam emails with "to:" line missing

On Fri, 15 Apr 2022 11:06:35 +0200 Tinne11 wrote: > > > Am 15.04.2022 um 08:49 schrieb Fourhundred Thecat > > <400the...@gmx.ch>: > > > > Are there any legitimate cases where "to:" might be missing? > > > RFC 5322 says: "The only required header fields are the origination > date field and

Re: spam emails with "to:" line missing

> Am 15.04.2022 um 08:49 schrieb Fourhundred Thecat <400the...@gmx.ch>: > > Are there any legitimate cases where "to:" might be missing? RFC 5322 says: "The only required header fields are the origination date field and the originator address field(s).", i. e. the "Date:" and the "From:" head

Re: spam emails with "to:" line missing

On Fri, 15 Apr 2022, Fourhundred Thecat wrote: I am receiving spam emails, where the "to:" line is entirely missing in the email header. [...] Are there any legitimate cases where "to:" might be missing? Many e-mails are sent to "BCC" lists, so they have no To: header (or have one with "und

Re: Spam pass the filter

> "Girish" == Girish Venkatachalam writes: Girish> On 04:41 PM 17-Sep-21, Benny Pedersen wrote: >> On 2021-09-17 14:40, Christian Schmitz wrote: >> make a spamassassin rule to check dkim, make that dkim score 1000, if >> you reject high score spam there is nothing more to do Girish> In thi

Re: Spam pass the filter

On 2021-09-23 04:34, Girish Venkatachalam wrote: On 04:41 PM 17-Sep-21, Benny Pedersen wrote: On 2021-09-17 14:40, Christian Schmitz wrote: make a spamassassin rule to check dkim, make that dkim score 1000, if you reject high score spam there is nothing more to do In this day and age rspamd

Re: Spam pass the filter

On 23/9/2021 10:34 am, Girish Venkatachalam wrote: In this day and age rspamd is much better. I second that. P.V.Anthony

Re: Spam pass the filter

On 04:41 PM 17-Sep-21, Benny Pedersen wrote: On 2021-09-17 14:40, Christian Schmitz wrote: make a spamassassin rule to check dkim, make that dkim score 1000, if you reject high score spam there is nothing more to do In this day and age rspamd is much better. -- Gayatri Hitech, www.spamcheet

Re: Spam pass the filter

Christian Schmitz: Return-Path: On 17.09.21 12:09, Wietse Venema wrote: That is the envelope sennder address. my main.cf have the following rule: smtpd_recipient_restrictions = check_client_access regexp:/etc/postfix/spam/rcpt_cl_isp_prohibidos, And in the file i have the rule: /.

Re: Spam pass the filter

On 2021-09-17 14:40, Christian Schmitz wrote: DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=garena.com; q=dns/txt; s=mailo; t=1631836303; h=Content-Transfer-Encoding: Content-Type: MIME-Version: Message-ID: Date: Subject: To: From: Sender; ifplugin Mail::SpamAssassin::Plugin::DKIM

Re: Spam pass the filter

Christian Schmitz: > Return-Path: That is the envelope sennder address. > my main.cf have the following rule: > smtpd_recipient_restrictions = > check_client_access regexp:/etc/postfix/spam/rcpt_cl_isp_prohibidos, > > And in the file i have the rule: > /.*mailgun\.net.*/REJECT

Re: Spam pass the filter

On 2021-09-17 14:40, Christian Schmitz wrote: DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=garena.com; q=dns/txt; s=mailo; t=1631836303; h=Content-Transfer-Encoding: Content-Type: MIME-Version: Message-ID: Date: Subject: To: From: Sender; ... dkim blacklist :=) make a spamassass

Re: spam - Women Pictures an sharing Contact

On 05.04.21 14:06, Maurizio Caloro wrote: how i can stronger filter or ban E-Mail from Spamers like Hotmail, Outlook, or any other domains with a lot of women pictures. I will receive every day 10-20 Email like this….. Yes spamassassin, SPF, MX Record, Dkim, Dmarc, tls1.2+1.3, the hole reputa

Re: spam - Women Pictures an sharing Contact

Dnia 5.04.2021 o godz. 14:06:02 Maurizio Caloro pisze: > > how i can stronger filter or ban E-Mail from Spamers like Hotmail, Outlook, > or any other domains with a lot of women pictures. > > I will receive every day 10-20 Email like this….. As always, the best solution is to write your own con

Re: spam - Women Pictures an sharing Contact

On 2021-04-05 14:06, Maurizio Caloro wrote: how i can stronger filter or ban E-Mail from Spamers like Hotmail, Outlook, or any other domains with a lot of women pictures. postfix is not a content filter you can add rules to milter-reqex if you know what to search for in the spam mails i wi

Re: Spam relay problems - need some config assistance

On Mon, Jan 25, 2021 at 03:53:54AM +0100, Benny Pedersen wrote: > /etc/postfix/main.cf: > proxy_interfaces = 1.2.3.4 (the proxy/NAT external network address) This does not solve the issue at hand. It just prevents mail forwarding loops in the smtp(8) delivery agent. -- Viktor.

Re: Spam relay problems - need some config assistance

On 2021-01-25 01:22, P. Ik. wrote: Dec 29 06:48:27 mail postfix/qmgr[108]: 6A158635: from=, size=, nrcpt=20 (queue active) Dec 29 06:48:27 mail postfix/smtpd[4467]: B033063B: client=unknown[172.17.0.1] Dec 29 06:48:27 mail postfix/smtpd[4470]: C3D6F63C: client=unknown[172.17.0.1] Dec 29 06:4

Re: Spam relay problems - need some config assistance

On Sun, Jan 24, 2021 at 06:30:43PM -0600, P. Ik. wrote: > 172.17.0.* are the container ip's > .1 is the postfix host You have *source NAT* between the Internet and your MTA, so that all external connections appear to originate from the same source. With such a configuration, you MUST NOT trust a

Re: Spam relay problems - need some config assistance

172.17.0.* are the container ip's .1 is the postfix host On Sun, Jan 24, 2021 at 6:05 PM Richard wrote: > > > Date: Sunday, January 24, 2021 15:57:18 -0600 > > From: "P. Ik." > > > >> On Sun, Jan 24, 2021 at 9:05 AM Matus UHLAR - fantomas > >> wrote: > >> > >> > >> example could explain much.

Re: Spam relay problems - need some config assistance

Thanks for the info Benny, I will make those adjustments. I have mynetworks_style = subnet #mynetworks commented out Local apps that send mail are from other containerized apps on this host and from another host on the 192.168.* address range, but that will eventually go away. I added some log i

Re: Spam relay problems - need some config assistance

> Date: Sunday, January 24, 2021 15:57:18 -0600 > From: "P. Ik." > >> On Sun, Jan 24, 2021 at 9:05 AM Matus UHLAR - fantomas >> wrote: >> >> >> example could explain much. >> >> > postconf -n returns: >> >> > mynetworks_style = subnet >> >> > smtpd_relay_restrictions = permit_mynetworks, >

Re: Spam relay problems - need some config assistance

On 2021-01-24 01:26, P. Ik. wrote: -take mail in from internet for delivery only to local email addresses on this server (I have 3 total local addresses) -local addresses on this server can send mail to any address -local delivery is forwarded to a gmail account Forwarding and reception to gmai

Re: Spam relay problems - need some config assistance

Thanks for the reply Matus, another user also asked for similar. As I told them as well, I wasn't sure if based on what I was trying to accomplish someone would see a clear error in my config. I have the mail server shut down until I fix this, I dug out some examples here, I appreciate your assist

Re: Spam relay problems - need some config assistance

On 23.01.21 18:26, P. Ik. wrote: I've been using Postfix for quite some time and recently have installed it in a container but am getting a small amount of relay spam through and a lot of mail errors to unknown addresses (which signaled me to the config issue). example could explain much. pos

Re: SPAM attack from bounce techniques

Rafael Azevedo: > Guys, > According to this referente [1], one of the principal operations is to > discard or quarantine the message. > How should the MAIL FILTER respond to postfix so it could do such actions? EHLO blah 250 ok MAIL FROM: 250 ok RCPT TO: 250 ok DATA 351 blah header body . 250 ok Q

Re: SPAM attack from bounce techniques

Guys, According to this referente [1], one of the principal operations is to discard or quarantine the message. How should the MAIL FILTER respond to postfix so it could do such actions? Huge thanks, BR, Rafael [1] - http://www.postfix.org/FILTER_README.html Em ter., 29 de dez. de 2020 às 09:37

Re: SPAM attack from bounce techniques

Hi there, Thanks for the reply. Yes I do: smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_reverse_client_hostname, reject_unknown_client_hostname, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unauth_destination, #rejec

Re: spam uses my email address as sender in "header from"

> On Sep 15, 2020, at 7:33 PM, Benny Pedersen wrote: > > header_checks is incomming mails > > smtp_header_checks is outgoing mails Not exactly. All mail comes in, and then it goes out. * header_checks is before transport resolution and delivery scheduling * smtp_header_checks is during de

Re: spam uses my email address as sender in "header from"

Fourhundred Thecat skrev den 2020-09-15 20:39: My header checks work fine when I have it in main.cf (globally) header_checks = regexp:/var/local/postfix/maps/header_checks header_checks is incomming mails smtp_header_checks is outgoing mails

Re: spam uses my email address as sender in "header from"

Bill Cole skrev den 2020-09-14 21:50: SPF helps against forged envelope senders. DMARC helps against From: header forgery. half correct dmarc can be spf only you should not say dmarc when its dkim

Re: spam uses my email address as sender in "header from"

On 15 Sep 2020, at 14:39, Fourhundred Thecat wrote: On 2020-09-15 10:18, Nick wrote: On 2020-09-15 08:53 BST, Fourhundred Thecat wrote: yes, I am accepting authenticated senders on port 465, and port 25 is only for unauthenticated. But how do I ensure that header_checks only apply to port 25

Re: spam uses my email address as sender in "header from"

On 2020-09-15 19:39 BST, Fourhundred Thecat wrote: > > On 2020-09-15 10:18, Nick wrote: > > > But when I remove it from main.cf and add last line to master.cf: > > smtp inet n - n -- smtpd

Re: spam uses my email address as sender in "header from"

> On 2020-09-15 10:18, Nick wrote: On 2020-09-15 08:53 BST, Fourhundred Thecat wrote: yes, I am accepting authenticated senders on port 465, and port 25 is only for unauthenticated. But how do I ensure that header_checks only apply to port 25 ?

Re: spam uses my email address as sender in "header from"

On 2020-09-15 08:53 BST, Fourhundred Thecat wrote: > yes, I am accepting authenticated senders on port 465, and port 25 is > only for unauthenticated. > > But how do I ensure that header_checks only apply to port 25 ? HTH -- Nick

Re: spam uses my email address as sender in "header from"

> On 2020-09-14 14:54, Dominic Raferd wrote: On 14/09/2020 11:35, Fourhundred Thecat wrote: I am receiving spam, where the "header from" is my actual email (ie, the email that this spam is delivered to) The "envelope from" that I see in postfix logs is some random email. What mechanisms are th

Re: spam uses my email address as sender in "header from"

On 14 Sep 2020, at 6:35, Fourhundred Thecat wrote: Hello, I am receiving spam, where the "header from" is my actual email (ie, the email that this spam is delivered to) The "envelope from" that I see in postfix logs is some random email. What mechanisms are there to reject such messages, wh

Re: spam uses my email address as sender in "header from"

Durga Prasad Malyala skrev den 2020-09-14 13:10: Can I reject messages that have different envelope from and header from? if you do this you will reject your own postings to maillist here Or what would be the best approach ? add adsp to from domain in dns, that way spamasassin can track it

Re: spam uses my email address as sender in "header from"

On 14/09/2020 11:35, Fourhundred Thecat wrote: I am receiving spam, where the "header from" is my actual email (ie, the email that this spam is delivered to) The "envelope from" that I see in postfix logs is some random email. What mechanisms are there to reject such messages, which use my emai

Re: spam uses my email address as sender in "header from"

It has been suggested in the past that if the "From" header does not contain both the email address AND the name of its owner (see my address above) then it may be rejected - or at least flagged as suspect. Allen C On 14/09/2020 11:35, Fourhundred Thecat wrote: > Hello, > > I am receiving spam,

Re: spam uses my email address as sender in "header from"

Hi You can try implementing dmarc for your domain and use dmarc check while receiving mail. Cheers/DP On Mon, Sep 14, 2020, 16:06 Fourhundred Thecat <400the...@gmx.ch> wrote: > Hello, > > I am receiving spam, where the "header from" is my actual email (ie, the > email that this spam is delivered

Re: spam from own email address

man 5 header_checks DUNNO Pretend that the input line did not match any pattern, and inspect the next input line. This action can be used to shorten the table search. For backwards compatibility reasons, Postfix also accepts OK but

Re: spam from own email address

On 25/04/2019 00:21, Wietse Venema wrote: Mick: I thought header checks were carried out after all the other smtp restrictions had passed therefore I didn't see the harm in an 'OK' for a message header at this stage. Correct, but the OK action applies only to that header, not the message. Tha

Re: spam from own email address

Mick: > I thought header checks were carried out after all the other smtp > restrictions had passed therefore I didn't see the harm in an 'OK' for a > message header at this stage. Correct, but the OK action applies only to that header, not the message. The Postfix 3.2 PASS action applies to th

Re: spam from own email address

On 24/04/2019 21:51, Bill Cole wrote: On 24 Apr 2019, at 16:04, Mick wrote: On 23/04/2019 18:34, Bill Cole wrote: On 23 Apr 2019, at 11:46, John Peach wrote: On 4/23/19 11:39 AM, Paul wrote: Yes I agree with Kevin here, the best solution to this problem is an spf record set to reject mail f

Re: spam from own email address

On 24 Apr 2019, at 16:04, Mick wrote: On 23/04/2019 18:34, Bill Cole wrote: On 23 Apr 2019, at 11:46, John Peach wrote: On 4/23/19 11:39 AM, Paul wrote: Yes I agree with Kevin here, the best solution to this problem is an spf record set to reject mail from any ip that’s not in your allowed

Re: spam from own email address

On 23/04/2019 18:34, Bill Cole wrote: On 23 Apr 2019, at 11:46, John Peach wrote: On 4/23/19 11:39 AM, Paul wrote: Yes I agree with Kevin here, the best solution to this problem is an spf record set to reject mail from any ip that’s not in your allowed list of ips for your domain. Forging a f

Re: spam from own email address

On 23/04/2019 18:34, Bill Cole wrote: On 23 Apr 2019, at 11:46, John Peach wrote: On 4/23/19 11:39 AM, Paul wrote: Yes I agree with Kevin here, the best solution to this problem is an spf record set to reject mail from any ip that’s not in your allowed list of ips for your domain. Forging a f

Re: spam from own email address

On Tue, 23 Apr 2019 at 18:35, Bill Cole < postfixlists-070...@billmail.scconsult.com> wrote: > On 23 Apr 2019, at 11:46, John Peach wrote: > > > On 4/23/19 11:39 AM, Paul wrote: > >> Yes I agree with Kevin here, the best solution to this problem is an > >> spf record set to reject mail from any ip

Re: spam from own email address

On 23 Apr 2019, at 17:16, BlackIce_ wrote: I have had a significant backscatter issue in the past. lately I have been seeing the same issue you all are. I have Spamassassin and a postfix server setup and it works most of the time. Likely I need additional filter lines. I saw the KAM.cf menti

Re: spam from own email address

I have had a significant backscatter issue in the past. lately I have been seeing the same issue you all are. I have Spamassassin and a postfix server setup and it works most of the time. Likely I need additional filter lines. I saw the KAM.cf mentioned, but do not see a place to obtain it. A

Re: spam from own email address

> "Phil" == Phil Stracchino writes: Phil> On 4/23/19 2:40 PM, lists wrote: >> I would investigate using rspamd rather than spamassassin. At the moment >> I run neither since I have settled upon a nice mix of RBLs and check the >> reverse pointer. That Perl code to get rid of dynamic domains r

Re: spam from own email address

, and false positives are an issue. I would just mark the email as spam when I ran spamassassin, so I ended up looking at the spam email anyway.   Original Message   From: ph...@caerllewys.net Sent: April 23, 2019 11:50 AM To: postfix-users@postfix.org Subject: Re: spam from own

Re: spam from own email address

On 4/23/19 2:40 PM, lists wrote: > I would investigate using rspamd rather than spamassassin. At the moment > I run neither since I have settled upon a nice mix of RBLs and check the > reverse pointer. That Perl code to get rid of dynamic domains really > helps nuke spammers. > > Spamassassin tend

Re: spam from own email address

.  From: pm...@iljones.netSent: April 23, 2019 9:11 AMTo: postfix-users@postfix.orgSubject: Re: spam from own email

Re: spam from own email address

On 23 Apr 2019, at 11:46, John Peach wrote: On 4/23/19 11:39 AM, Paul wrote: Yes I agree with Kevin here, the best solution to this problem is an spf record set to reject mail from any ip that’s not in your allowed list of ips for your domain. Forging a from address is very easy and is one of

Re: spam from own email address

On Tue, 23 Apr 2019, Ian Jones wrote: I am getting emails like the one below, in which the header from is my own address. The emails contain text in a jpg image and claims my account has been hacked and demands $1000 paid to a bitcoin account. I would like to find a way to reject emails from m

Re: spam from own email address

* John Peach: > It is not meant to catch the envelope sender. That should be in your > normal checks. Which is why I mentioned check_sender_access as an addition, for the OP's benefit. -Ralph

Re: spam from own email address

On 4/23/2019 12:20 PM, Benny Pedersen wrote: > // maintainer hat on > > why are this rules not added to spamasassin core :( > Because masscheck and rule qa takes too long for the purposes we need the rules for. > \\ maintainer hat off > > or atleast a real spamassassin channel repo Time/money/en

Re: spam from own email address

It is not meant to catch the envelope sender. That should be in your normal checks. This is specifically for the data From:, which is what these are using. this will reject maillist posttings of your own unless the maillists takes over From: header and claims maillists breaks spf and dkim /

Re: spam from own email address

Kevin A. McGrail skrev den 2019-04-23 17:26: On 4/23/2019 10:02 AM, Ian Jones wrote: I am getting emails like the one below, in which the header from is my own address. Ian, are you using Apache SpamAssassin or something in the mix?  I've published a lot of rules for these sexploitation scams

Re: spam from own email address

Thanks for all the suggestions: - I have an SPF record, but postfix not rejecting these, presumably because the enveloper sender is valid - I am not using SpamAssassin, but I'm coming round to the idea! - John: this idea seems simple and effective, I will give it a try. Many thanks, Ian Le

Re: spam from own email address

On 4/23/19 11:54 AM, Ralph Seichter wrote: * John Peach: /^From:.*\@example\.com/ REJECT This header check will not catch the envelope sender, so I suggest adding "check_sender_access pcre:/path/to/sender_access" to the mix (file content according to your needs, of course). It is not meant

Re: spam from own email address

* John Peach: > /^From:.*\@example\.com/ REJECT This header check will not catch the envelope sender, so I suggest adding "check_sender_access pcre:/path/to/sender_access" to the mix (file content according to your needs, of course). -Ralph

Re: spam from own email address

On 4/23/19 11:39 AM, Paul wrote: Yes I agree with Kevin here, the best solution to this problem is an spf record set to reject mail from any ip that’s not in your allowed list of ips for your domain. Forging a from address is very easy and is one of the main purposes of why spf was created.

Re: spam from own email address

Paul: > Yes I agree with Kevin here, the best solution to this problem is > an spf record set to reject mail from any ip that?s not in your > allowed list of ips for your domain. Forging a from address is > very easy and is one of the main purposes of why spf was created. How does SPF block an add

Re: spam from own email address

Yes I agree with Kevin here, the best solution to this problem is an spf record set to reject mail from any ip that’s not in your allowed list of ips for your domain. Forging a from address is very easy and is one of the main purposes of why spf was created. Sent from my iPhone > On Apr 23, 2

Re: spam from own email address

On 4/23/2019 10:02 AM, Ian Jones wrote: > I am getting emails like the one below, in which the header from is my > own address. Ian, are you using Apache SpamAssassin or something in the mix?  I've published a lot of rules for these sexploitation scams in KAM.cf and with an SPF record, you really

Re: spam from own email address

Ian Jones: > Hello, > > I am getting emails like the one below, in which the header from is my > own address. The emails contain text in a jpg image and claims my > account has been hacked and demands $1000 paid to a bitcoin account. I > would like to find a way to reject emails from my own add

Re: spam from own email address

On 23/04/2019 15:02, Ian Jones wrote: Hello, I am getting emails like the one below, in which the header from is my own address. The emails contain text in a jpg image and claims my account has been hacked and demands $1000 paid to a bitcoin account. I would like to find a way to reject email

Re: spam with doutle at (fake@domain1@domain2)

On Fri, 18 Jan 2019 at 21:03, kazabe wrote: > My server is crying with a spam problem. we are receiving a lot of > fake messages with virus attached. > The messages coming from an account like > fakeu...@mydomain.com@spammerdomain.com with content very similar > to the messages sent by our rea

Re: spam with doutle at (fake@domain1@domain2)

kazabe skrev den 2019-01-18 22:01: My server is crying with a spam problem. we are receiving a lot of fake messages with virus attached. you say doubble @ is a virus ? the messages comming from an account like fakeu...@mydomain.com@spammerdomain.com with content very simlilar to the messa

Re: Spam Assasin score below 5

Thanks Kevin I realised it after I posted the content that i should not have posted it here.. However with replies from experts here are always valuable. Will adhere to the rules of the forum henceforth. -- Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html

Re: [SPAM?] Re: mitigating gmail spam traps: how does one add the required headers?8

On 9/1/17 6:23 AM, Tom Browder wrote: On Thu, Aug 31, 2017 at 21:44 Richard Damon > wrote: ... One point of information about Gmail, which may want you to change your test setup a bit. Gmail suppresses duplicate messages (as determined by the

Re: [SPAM?] Re: mitigating gmail spam traps: how does one add the required headers?8

On Thu, Aug 31, 2017 at 21:44 Richard Damon wrote: ... > One point of information about Gmail, which may want you to change your > test setup a bit. Gmail suppresses duplicate messages (as determined by > the Message-ID), and (unless the mailing list changes the message-id, > which is generally a

Re: [SPAM?] Re: mitigating gmail spam traps: how does one add the required headers?8

On 8/31/17 8:42 AM, Tom Browder wrote: On Wed, Aug 30, 2017 at 14:42 Dirk Stöcker > wrote: On Tue, 29 Aug 2017, Tom Browder wrote: > Gmail has a list of steps recommended to minimize spam identification, particularly mail sent as bulk mail (as from m

Re: [SPAM?] Re: Lists and spam prevention / use of Reply-To:

On 8/29/17 8:12 AM, Ralph Seichter wrote: On 29.08.2017 13:42, @lbutlr wrote: There are very good reasons for footers on many lists, and DKIM should be smart enough to figure this out. I disagree about "very good reasons for footers on many lists". Meta information belongs into the message hea

Re: Spam Quarantine Folder

On Mon, May 29, 2017 at 8:43 PM, Patrick Ben Koetter wrote: > * Henry : >> Firstly I am unsure if this question is related to Postfix, >> Spamassasin, Amavasid.. > > amavis > >> I am using Kolab for email and almost everything is working well with >> spam being partially filtered. >> >> My problem

Re: Spam Quarantine Folder

* Henry : > Firstly I am unsure if this question is related to Postfix, > Spamassasin, Amavasid.. amavis > I am using Kolab for email and almost everything is working well with > spam being partially filtered. > > My problem is when spam is moved to quarentine is it moved to > "/var/lib/amavis/v

Re: [SPAM?] Re: How to setup a no-answer email properly

On 3/18/17 11:39 AM, Wietse Venema wrote: Dirk St?cker: : host mail.remotemail.tld[X.X.X.X] said: 550-Verification failed for 550-Called: Y.Y.Y.Y 550-Sent: RCPT TO: 550-Response: 554 5.7.1 : Recipient address rejected: THis trac does not have an e-mail input function

Re: [SPAM] Re: forwarding email from files format postfix

I found the folder : /var/spool/postfix/maildrop I also found a postdrop example, but not very usefull ;) http://www.empire-woodworks.com/running_trim/post_drop.html if I use : postdrop mailname.eml I got a queueid85E11C0212 but it stay stuck here no log in the mail.log Stéphane Le 19/1

Re: [SPAM] Re: forwarding email from files format postfix

Hi, Thanks for your help ! can I just change the To header within the files and move the file in a postfix folder for it to "resend" it ? if so .. which folder ... Stéphane Le 18/11/2015 16:02, Noel Jones a écrit : On 11/18/2015 2:53 AM, Stéphane MERLE wrote: Hi, Someone made a little m

Re: spam filter for postfix

robert k Wild: > hi all, > > im running postfix+?dovecot for an email server and i want a spam filter to > go infront of postfix so it can filter out spam before it gets anywhere > near my email server > > also i imagine with spam filters you can set your own spam policies and > allow good sender

RE: spam fighting

e second one to manually block or whitelist certain Domains, IPs and Name Servers (mostly private). -Original Message- From: Terry Barnum [mailto:te...@dop.com] Sent: Tuesday, April 28, 2015 11:08 PM To: Marius Gologan Cc: postfix users Subject: Re: spam fighting > On Apr 28, 2015, at 12:33

Re: spam fighting

th 2 GB of RAM can easily handle 10k-15k messages a > day. Good info to hear. Thanks, -Terry > -Original Message- > From: Terry Barnum [mailto:te...@dop.com] > Sent: Tuesday, April 28, 2015 8:04 PM > To: Marius Gologan > Cc: postfix users > Subject: Re: spam fighting > >

  1   2   3   4   5   >