Discussion in 'ISPConfig 3 Priority Support' started by xanela, Nov 3, 2015.

  1. xanela

    xanela Member

    Hello everyone.

    I am getting spam from my own e, (I've reviewed passwords, potential virus and everything is fine)

    I decided to check the server on which it is intalador ISPconfig which is currently supported by Debian 7 Wheezy.

    After reviewing the logs being mais I encuntro many suspected impersonation lines like this:

    Nov 1 09:33:39 lince postfix/smtpd[23620]: NOQUEUE: filter: RCPT from unknown[]: <bounces+1678159-a73e-jroibas=pro****[email protected]>: Sender address triggers FILTER amavis:[]:10026; from=<bounces+1678159-a73e-jroibas=pro****[email protected]> to=<jroibas@pro****> proto=ESMTP helo=<>

    as I can block this type of spam?
    Thank you very much for your help
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Spammers often use the recipient address or recipient domain as sender address/domain, so this does not mean that the spam was sent trough your server, it is just received by your server like any other email. What you can do to make it easier for the spamfilter to detect such messages is that you add spf records for your domain in dns and add dkim records (see ispconfig dkim patch to add dkim support to ispconfig).
  3. xanela

    xanela Member

    servers are currently deployed as both dkim SPF records in the DNS.

    current records are:
    hostname: pro****
    v ptr = mx -all spf1

    hostname: I ****
    v = DKIM1; t = s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDw2jW0hJ68DEz3JJl2hR5iTRkf9g3+f7Xp+t5BPY4l****IkEOtSvwsnrJRQxhAWsvz3aBFoZ99GlE2qgrqpFRM+n7t6wkEpMo+/esBViMfFc0cP/BncXqKTyTHFVpHDs21taPGggcxKB7Ydg5BlKilMzjuxZDfJL6Zvnq/pxZrwQtQIDAQAB

    that other measures could be taken to avoid such mails?
    filters headers?

    I am looking forward to your response.

    thank you
  4. xanela

    xanela Member

    Now the messages are already marked as spam.
    As I can do so that messages marked as spam are automatically moved to the spam folder ???

    thank you
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    There is a checkbox for that in the mailbox settings in ispconfig.

Share This Page