You may want to share the headers of the incoming message for anyone to
have a better idea of what is there.
Mask/remove email and IP addresses and share the rest of the headers
before the message starts. Perhaps someone will spot anything there.
Otherwise, it is just a guessing game.
On 8/27/20 2:50 PM, Remo Mattei wrote:
I suggest SPF and DMARK
On Aug 27, 2020, at 11:39 AM, Miguel Angel Amable Ventura
<[email protected] <mailto:[email protected]>> wrote:
If that is not the case then you can just set spf record of your
mailserver known as MX record in your dns server. And that will stop
other servers from using your domain's email.
Best regards!
El 27/08/2020 a las 01:31 p. m., Miguel Angel Amable Ventura escribió:
Hi,
Surely the spammer took you an user account and he is masquerading
your compromised account so you can't detect the source account, you
need to change that account's password and to find it you have to
search in your maillogs.
I am not certain if you server has just a backdoor installed but
first of all i will proceed with the above explained.
Good look guys!
El 27/08/2020 a las 06:01 a. m., Eric Broch escribió:
I'm not sure how to help you guys with this. Have you thought about
asking on the spamdyke or spamassassin mailing lists?
On 8/27/2020 3:56 AM, ChandranManikandan wrote:
Hi Tahnan,
Am also facing a similar problem, and I am running both spamdyke &
spamassassin.
is there any misconfiguration on my server and any tighten the rule.
I Appreciate anyone helping me.
On Sat, Aug 22, 2020 at 8:28 PM Tahnan Al Anas <[email protected]
<mailto:[email protected]>> wrote:
Dear Eric,
Recently I have observed all of my servers getting
spoofed display name spam mail. Which mean someone spoofing my
user display name only and sending lots of spam which my user
thinking came from their boss or someone important in the
organization. Is there any rule which can stop spoof
display name spam in spamassasine?
--
--
Best Regards
Muhammad Tahnan Al Anas
--
*/Regards,
Manikandan.C
/*
