Jump to content

I received email from my own email account

Recommended Posts

dear Sandeep B.

how are you ?
I have had a problem for a few days with my emails.
I am receiving an email from my own email account

I have configured

My host has:
rDns Ok
dkim: ok
spf: ok
Dmarc: Ok
Ip: Ok

when looking at the headers I noticed that the ip is not from my server.

I don't know what I should do to stop these scam emails from arriving.


Thank You.


the scam email is the following


**Message removed**

Edited by Sandeep B.
Email Message body removed
Link to comment
Share on other sites

The first thing I did was change passwords and scan for viruses. For caution

but I think this is not due to malware, but due to configuration

It will be necessary to deactivate php mail

because these emails are Phishing.
Email Spoofing

Edited by jonatitom
Link to comment
Share on other sites

Email headers

Return-Path: <violated@my-business.com>
Delivered-To: contact@my-business.com
Received: from sv11.my-business.com
    by sv11.my-business.com with LMTP id wGeNBKFjA2VjQgAA7dXWpA
    for <contact@my-business.com>; Thu, 14 Sep 2023 16:48:49 -0300
Received: from localhost (unknown [])
    by sv11.my-business.com (Postfix) with ESMTP id 01D0663A72
    for <contact@my-business.com>; Thu, 14 Sep 2023 19:48:49 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=my-business.com;
    s=default; t=1694720929;
X-Virus-Scanned: amavisd-new at my-business.com
X-Spam-Flag: NO
X-Spam-Score: 5.674
X-Spam-Level: *****
X-Spam-Status: No, score=5.674 tagged_above=2 required=6.2
    PDS_BTC_ID=0.001, RCVD_IN_PSBL=2.7, SPF_HELO_PASS=-0.001,
    autolearn=no autolearn_force=no
Received: from sv11.my-business.com ([])
    by localhost (sv11.my-business.com []) (amavisd-new, port 10024)
    with ESMTP id CM3323HKmlVf for <contact@my-business.com>;
    Thu, 14 Sep 2023 16:48:47 -0300 (-03)
Received: from x9.theworkpc.com (mta0.x9.theworkpc.com [])
    (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
    (No client certificate requested)
    by sv11.my-business.com (Postfix) with ESMTPS id 2F6C663A34
    for <contact@my-business.com>; Thu, 14 Sep 2023 16:48:47 -0300 (-03)
Received: by x9.theworkpc.com for <contact@my-business.com>; Thu, 14 Sep 2023 14:48:45 -0500 (envelope-from <violated@my-business.com>)
Reply-To: contact@my-business.com
From: violated@my-business.com
To: contact@my-business.com
Subject: Waiting for payment
Date: 14 Sep 2023 13:48:43 -0600
Message-ID: <20230914134843.9E895AA123FB7CA3@my-business.com>
MIME-Version: 1.0
Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable


Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...