this is what I have on my DNS for the txt value I have v=DMARC1; p=none; fo=1; rua=mailto:j...@italy1.com; ruf=mailto:j...@italy1.com; rf=afrf; pct=100;aspf=s;adkim=s
host I have _dmarc Hope this helps. you can do dig txt yourdomainname.com <http://yourdomainname.com/> (example) > On Aug 27, 2020, at 6:49 PM, Miguel Angel Amable Ventura > <mvent...@compu-tecnia.com> wrote: > > That corresponds to the dns record, for example: > > this text is from your dns SPF records: > > "v=spf1 a mx ip4:xxx.xxx.xxx.xxx -all" > > for a Dmark record Remo can provide us a dns record for no Dmark > configuration of our qmailtoaster server. > > Thank you in advance Remo! > > El 27/08/2020 a las 08:23 p. m., nowuk...@gmail.com > <mailto:nowuk...@gmail.com> escribió: >> You may want to share the headers of the incoming message for anyone to have >> a better idea of what is there. >> >> Mask/remove email and IP addresses and share the rest of the headers before >> the message starts. Perhaps someone will spot anything there. Otherwise, it >> is just a guessing game. >> >> >> >> On 8/27/20 2:50 PM, Remo Mattei wrote: >>> I suggest SPF and DMARK >>> >>>> On Aug 27, 2020, at 11:39 AM, Miguel Angel Amable Ventura >>>> <mvent...@compu-tecnia.com <mailto:mvent...@compu-tecnia.com>> wrote: >>>> >>>> If that is not the case then you can just set spf record of your >>>> mailserver known as MX record in your dns server. And that will stop other >>>> servers from using your domain's email. >>>> >>>> Best regards! >>>> >>>> El 27/08/2020 a las 01:31 p. m., Miguel Angel Amable Ventura escribió: >>>>> Hi, >>>>> >>>>> Surely the spammer took you an user account and he is masquerading your >>>>> compromised account so you can't detect the source account, you need to >>>>> change that account's password and to find it you have to search in your >>>>> maillogs. >>>>> >>>>> I am not certain if you server has just a backdoor installed but first of >>>>> all i will proceed with the above explained. >>>>> >>>>> Good look guys! >>>>> >>>>> >>>>> >>>>> El 27/08/2020 a las 06:01 a. m., Eric Broch escribió: >>>>>> I'm not sure how to help you guys with this. Have you thought about >>>>>> asking on the spamdyke or spamassassin mailing lists? >>>>>> >>>>>> On 8/27/2020 3:56 AM, ChandranManikandan wrote: >>>>>>> Hi Tahnan, >>>>>>> >>>>>>> Am also facing a similar problem, and I am running both spamdyke & >>>>>>> spamassassin. >>>>>>> is there any misconfiguration on my server and any tighten the rule. >>>>>>> I Appreciate anyone helping me. >>>>>>> >>>>>>> On Sat, Aug 22, 2020 at 8:28 PM Tahnan Al Anas <tah...@gmail.com >>>>>>> <mailto:tah...@gmail.com>> wrote: >>>>>>> Dear Eric, >>>>>>> >>>>>>> Recently I have observed all of my servers getting spoofed display name >>>>>>> spam mail. Which mean someone spoofing my user display name only and >>>>>>> sending lots of spam which my user thinking came from their boss or >>>>>>> someone important in the organization. Is there any rule which can stop >>>>>>> spoof display name spam in spamassasine? >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> -- >>>>>>> >>>>>>> Best Regards >>>>>>> Muhammad Tahnan Al Anas >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Regards, >>>>>>> Manikandan.C >>>