1

Topic: Spam problem rewrite from header

==== Required information ====
- iRedMail version: 0.8.1
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version:  debian 6
- Related log if you're reporting an issue:
====

Hi everybody

I have a spam problem.

If you look this header mail :
Received: from mx1.ice-dev.eu ([127.0.0.1])
    by localhost (mx1.ice-dev.eu [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id sp7sBHFrZplW; Tue, 12 Mar 2013 12:20:14 +0100 (CET)
Received: from [77.39.153.176] (unknown [77.39.153.176])
    by mx1.ice-dev.eu (Postfix) with ESMTP id 04F1637FC5;
    Tue, 12 Mar 2013 12:20:10 +0100 (CET)
Received: from apache by vcjgcichaif.canaca.com with local (Exim 4.63)
    (envelope-from <<cleger@achats-service.fr>,
    <nrabhi@achats-service.fr>,
    <info@achats-service.fr>>)
    id M686BW-08J9SH-RZ
    for <cleger@achats-service.fr>,
    <nrabhi@achats-service.fr>,
    <info@achats-service.fr>; Tue, 12 Mar 2013 12:22:29 +0100
Received: from localhost (mx1.ice-dev.eu [127.0.0.1])
    by mx1.ice-dev.eu (Postfix) with ESMTP id AF42537F8D;
    Tue, 12 Mar 2013 12:20:14 +0100 (CET)
Return-Path: <severczw3@gmail.com>

There is an envelope-from which rewrite the user adress from. How can i stop the rewrite header et kill this type of spam.

Thanks a lot

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Spam problem rewrite from header

ivanb69 wrote:

There is an envelope-from which rewrite the user adress from. How can i stop the rewrite header et kill this type of spam.

Do you mean below one?

Received: from apache by vcjgcichaif.canaca.com with local (Exim 4.63)
    (envelope-from <<cleger@achats-service.fr>,
    <nrabhi@achats-service.fr>,
    <info@achats-service.fr>>)
    id M686BW-08J9SH-RZ
    for <cleger@achats-service.fr>,
    <nrabhi@achats-service.fr>,
    <info@achats-service.fr>; Tue, 12 Mar 2013 12:22:29 +0100

It's rewritten by Exim, not Postfix.

I'm not sure how you want to stop it, but anyway, you can try Postfix parameter "header_checks" if you want to process with mail header. Reference: http://www.postfix.org/header_checks.5.html