Jump to content

I received email from my own email account


jonatitom
Go to solution Solved by jonatitom,

Recommended Posts

dear Sandeep B.

how are you ?
I have had a problem for a few days with my emails.
I am receiving an email from my own email account

I have configured

My host has:
rDns Ok
dkim: ok
spf: ok
Dmarc: Ok
Ip: Ok

when looking at the headers I noticed that the ip is not from my server.

I don't know what I should do to stop these scam emails from arriving.

 

Thank You.

 

the scam email is the following

-----------------------------------------------------------------------------------------

**Message removed**

Edited by Sandeep B.
Email Message body removed
Link to comment
Share on other sites

The first thing I did was change passwords and scan for viruses. For caution

but I think this is not due to malware, but due to configuration

It will be necessary to deactivate php mail

because these emails are Phishing.
Email Spoofing

Edited by jonatitom
Link to comment
Share on other sites

Email headers

Return-Path: <violated@my-business.com>
Delivered-To: contact@my-business.com
Received: from sv11.my-business.com
    by sv11.my-business.com with LMTP id wGeNBKFjA2VjQgAA7dXWpA
    for <contact@my-business.com>; Thu, 14 Sep 2023 16:48:49 -0300
Received: from localhost (unknown [127.0.0.1])
    by sv11.my-business.com (Postfix) with ESMTP id 01D0663A72
    for <contact@my-business.com>; Thu, 14 Sep 2023 19:48:49 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=my-business.com;
    s=default; t=1694720929;
    bh=tU9vg9RxGclAz8+zuxWsGSOe8VjO2S+LNvV8MVem7Nk=;
    h=Reply-To:From:To:Subject:Date;
    b=PEdJhu9GMvk8pZHoVPIGjMqZx8rKQH/DsXPmzvYIYmqNW3Fh/Skt+1vC1kfKfenrv
    o3oCkltiWOmfgL0QVoVIVeg48pCzEItXXSXRdSHfyyDu86OPJRqqtir1/QTJ2il2AL
    wjZsk1O+S8T/rbU+ZShG7txg7Ut72O9Yl5ay6t6s=
X-Virus-Scanned: amavisd-new at my-business.com
X-Spam-Flag: NO
X-Spam-Score: 5.674
X-Spam-Level: *****
X-Spam-Status: No, score=5.674 tagged_above=2 required=6.2
    tests=[FORGED_SPF_HELO=1, KHOP_HELO_FCRDNS=0.001, OBFU_BITCOIN=1,
    PDS_BTC_ID=0.001, RCVD_IN_PSBL=2.7, SPF_HELO_PASS=-0.001,
    SPF_SOFTFAIL=0.972, URIBL_BLOCKED=0.001]
    autolearn=no autolearn_force=no
Received: from sv11.my-business.com ([127.0.0.1])
    by localhost (sv11.my-business.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id CM3323HKmlVf for <contact@my-business.com>;
    Thu, 14 Sep 2023 16:48:47 -0300 (-03)
Received: from x9.theworkpc.com (mta0.x9.theworkpc.com [213.142.149.172])
    (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
    (No client certificate requested)
    by sv11.my-business.com (Postfix) with ESMTPS id 2F6C663A34
    for <contact@my-business.com>; Thu, 14 Sep 2023 16:48:47 -0300 (-03)
Received: by x9.theworkpc.com for <contact@my-business.com>; Thu, 14 Sep 2023 14:48:45 -0500 (envelope-from <violated@my-business.com>)
Reply-To: contact@my-business.com
From: violated@my-business.com
To: contact@my-business.com
Subject: Waiting for payment
Date: 14 Sep 2023 13:48:43 -0600
Message-ID: <20230914134843.9E895AA123FB7CA3@my-business.com>
MIME-Version: 1.0
Content-Type: text/plain;
    charset="utf-8"
Content-Transfer-Encoding: quoted-printable

 

Link to comment
Share on other sites

  • 3 weeks later...
  • Solution

These days I was finding out about spoofing and why these emails were arriving in my inbox and I realized that in Postfix I was missing some configurations and I added this configuration

 

/main.cf


# Sender restrictions:
smtpd_sender_restrictions =
    permit_mynetworks,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain

Now these spoofing emails reach SPAM


I wish this thread could be left open for future errors.

And if you could help us, what configurations are recommended for Postfix?

 

Thank You Sandeep B.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...