On Wed, Feb 06, 2019 at 11:42:19AM +0100, Mischa wrote:
> Hi All,
> 
> There has been a new scam going around for some time now where you get an 
> email from your own email address to your email address.
> For people that don't know better it's scares the s**t out of them as the 
> email is like:
> 
> Hey I hacked your account as you can see since I am sending this email from 
> your own account.
> etc..
> 
> Is there a quick way to filter email where the sender and rcpt-to are the 
> same?
> Has anybody created a filter already to easily do this?
> 
> Thanx!
> 

I used to have a rule to reject any mail from my domain but which were
not originating from trusted machines nor authenticated users.

not tested here but something along the lines of:

    match !from local mail-from "@opensmtpd.org" reject
    match !auth from any mail-from "@opensmtpd.org" reject

there are other ways too

-- 
Gilles Chehade                                                 @poolpOrg

https://www.poolp.org                 tip me: https://paypal.me/poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Reply via email to