On Tue, 23 Apr 2019, Ian Jones wrote:
I am getting emails like the one below, in which the header from is my own address. The emails contain text in a jpg image and claims my account has been hacked and demands $1000 paid to a bitcoin account. I would like to find a way to reject emails from my own addresses except from my own servers, but so far I have not succeeded. :-( The relevant parts of my configuration are below. I am probably duplicating some actions, since I have recently added restrictions in the hope of preventing these emails.
In case you find this interesting, I think most such e-mails always include a bogus List-Id header. Given that the number of mailing lists (and hence possible valid List-Id fields) is usually limited and rather static, one could use header checks to implement a kind of white list for this.
(I haven't tried this myself, since I rarely receive such e-mails, and just can just delete them..)
Cheers.
