jonatitom

These days I was finding out about spoofing and why these emails were arriving in my inbox and I realized that in Postfix I was missing some configurations and I added this configuration /main.cf # Sender restrictions: smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain Now these spoofing emails reach SPAM I wish this thread could be left open for future errors. And if you could help us, what configurations are recommended for Postfix? Thank You Sandeep B.

.

Email headers Return-Path: <violated@my-business.com> Delivered-To: contact@my-business.com Received: from sv11.my-business.com by sv11.my-business.com with LMTP id wGeNBKFjA2VjQgAA7dXWpA for <contact@my-business.com>; Thu, 14 Sep 2023 16:48:49 -0300 Received: from localhost (unknown [127.0.0.1]) by sv11.my-business.com (Postfix) with ESMTP id 01D0663A72 for <contact@my-business.com>; Thu, 14 Sep 2023 19:48:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=my-business.com; s=default; t=1694720929; bh=tU9vg9RxGclAz8+zuxWsGSOe8VjO2S+LNvV8MVem7Nk=; h=Reply-To:From:To:Subject:Date; b=PEdJhu9GMvk8pZHoVPIGjMqZx8rKQH/DsXPmzvYIYmqNW3Fh/Skt+1vC1kfKfenrv o3oCkltiWOmfgL0QVoVIVeg48pCzEItXXSXRdSHfyyDu86OPJRqqtir1/QTJ2il2AL wjZsk1O+S8T/rbU+ZShG7txg7Ut72O9Yl5ay6t6s= X-Virus-Scanned: amavisd-new at my-business.com X-Spam-Flag: NO X-Spam-Score: 5.674 X-Spam-Level: ***** X-Spam-Status: No, score=5.674 tagged_above=2 required=6.2 tests=[FORGED_SPF_HELO=1, KHOP_HELO_FCRDNS=0.001, OBFU_BITCOIN=1, PDS_BTC_ID=0.001, RCVD_IN_PSBL=2.7, SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.972, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no Received: from sv11.my-business.com ([127.0.0.1]) by localhost (sv11.my-business.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CM3323HKmlVf for <contact@my-business.com>; Thu, 14 Sep 2023 16:48:47 -0300 (-03) Received: from x9.theworkpc.com (mta0.x9.theworkpc.com [213.142.149.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv11.my-business.com (Postfix) with ESMTPS id 2F6C663A34 for <contact@my-business.com>; Thu, 14 Sep 2023 16:48:47 -0300 (-03) Received: by x9.theworkpc.com for <contact@my-business.com>; Thu, 14 Sep 2023 14:48:45 -0500 (envelope-from <violated@my-business.com>) Reply-To: contact@my-business.com From: violated@my-business.com To: contact@my-business.com Subject: Waiting for payment Date: 14 Sep 2023 13:48:43 -0600 Message-ID: <20230914134843.9E895AA123FB7CA3@my-business.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable

The first thing I did was change passwords and scan for viruses. For caution but I think this is not due to malware, but due to configuration It will be necessary to deactivate php mail because these emails are Phishing. Email Spoofing

dear Sandeep B. how are you ? I have had a problem for a few days with my emails. I am receiving an email from my own email account I have configured My host has: rDns Ok dkim: ok spf: ok Dmarc: Ok Ip: Ok when looking at the headers I noticed that the ip is not from my server. I don't know what I should do to stop these scam emails from arriving. Thank You. the scam email is the following ----------------------------------------------------------------------------------------- **Message removed**