1

Topic: Spoofing your own emails

Hello,

could we smth. do if spammers masking email with construction like this :
MAIL HEADERS -  From "Name Surname <name.surname@domain.tld>" <spammer@mrpmx.com>

Then users got this email - they are see only - Name Surname <name.surname@domain.tld> and they could think that email is safe ... often emails are with  DOC or XLS attacted file with malware macros...

Of cause you can block with clamav - OLE2: Blocking all VBA macros, but this option is global for all emails, with no exceptions...

So, the main question is how to prevent using your domain email address like name.surname@domain.tld (or another domain email address in the same mail server like name.surname@domain2.tld) than emails are with foreign email addresses like - spammer@mrpmx.com

2

Re: Spoofing your own emails

- iRedMail doesn't check this, sad.
- Could you please show us the AMavisd log (it logs to Postfix log file /var/log/maillog) related to this email? Does it log the matched SpamAssassin rules? Maybe we can use some SpamAssassin rule to block this kind of spams.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee