View unanswered posts | View active topics


Board index » Support » General discussions



Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 
  Print view Previous topic | Next topic 
Author Message
tomtom76
 Post subject: Spam with own Email Adress?
PostPosted: 2012-06-06 07:00 
New user
New user

Joined: 2012-04-05 16:16
Posts: 7
I am running the domain meinefirma.at
hmailserver is in front of our exchange server.

i dont know why hmail accepts incoming mails with "from" adresses regarding my local users?
is there a way to configure hmailserver to not accepts such mails with local from adresses?

Our users are only sendung from the local server, so there should be no way to get mails from outside with local from adresses.

i didnĀ“t find any setting to change this.

by the way, the from field in this examples looks really strange, but there are coming in a lot of this mails.

thank you for support



We are getting tons of spam mails like this:

Quote:
Received: from mail.meinefirma.at ([172.0.16.26] RDNS failed) by
mail.meinefirma.at with Microsoft SMTPSVC(6.0.3790.4675); Tue, 5 Jun 2012
10:33:01 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_003_01CD42F5.D1545C80"
Received: from static-15-144-85-188.ipcom.comunitel.net ([188.85.144.15]) by
mail.meinefirma.at ; Tue, 5 Jun 2012 10:32:57 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Received: from apache by vcvgvbbbhdhcxee.mthai.com with local (Exim 4.67)
(envelope-from <<maria@meinefirma.at>, <mes@meinefirma.at>,
<michael@meinefirma.at>, <nicole.humel@meinefirma.at>, <office@meinefirma.at>,
<officenn@meinefirma.at>, <renmair@meinefirma.at>, <rimus@meinefirma.at>,
<sandra.brunnbauer@meinefirma.at>, <simone.krenmair@meinefirma.at>,
<smbhoffice@meinefirma.at>, <tabakbestellung@meinefirma.at>, <tabak@meinefirma.at>
Return-Path: <pustulest396@bmacapital.com>
X-OriginalArrivalTime: 05 Jun 2012 08:33:01.0493 (UTC) FILETIME=[D19F9650:01CD42F5]
X-Sender: <maria@meinefirma.at>,<mes@meinefirma.at>,<michael@meinefirma.at>,<nicole.humel@meinefirma.at>,<office@meinefirma.at>,<officenn@meinefirma.at>,<renmair@meinefirma.at>,<rimus@meinefirma.at>,<sandra.brunnbauer@meinefirma.at>,<simone.krenmair@meinefirma.at>,<smbhoffice@meinefirma.at>,<tabakbestellung@meinefirma.at>,<tabak@meinefirma.at>
X-PHP-Script: vcvgvbbbhdhcxee.eoriginal.com/sendmail.php for 188.85.144.15
Content-Class: urn:content-classes:message
Subject: Looking for remote assistants, paid $ 100 per hour helping other people
Date: Tue, 5 Jun 2012 10:33:00 +0200
Message-ID: <RUFGMD-K2N46S-W5@vcvgvbbbhdhcxee.buxrud.se>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
thread-topic: Looking for remote assistants, paid $ 100 per hour helping other people
Thread-Index: Ac1C9dG5zBdH1z+6QcCoON++4GL4MA==
X-Priority: 1
Importance: high
From: <maria@meinefirma.at>
To: Maria birngruber <maria@meinefirma.at>, <mes@meinefirma.at>, Michael birngruber
<michael@meinefirma.at>, <nicole.humel@meinefirma.at>, Christian Breuer
<christian.breuer@meinefirma.at>, <officenn@meinefirma.at>,
<renmair@meinefirma.at>, <rimus@meinefirma.at>, <sandra.brunnbauer@meinefirma.at>,
Simone Krenmair <simone.krenmair@meinefirma.at>, <smbhoffice@meinefirma.at>,
Linda Wimmer <linda.wimmer@meinefirma.at>, Linda Wimmer
<linda.wimmer@meinefirma.at>
CC: Maria birngruber <maria@meinefirma.at>, <mes@meinefirma.at>, Michael birngruber
<michael@meinefirma.at>, <nicole.humel@meinefirma.at>, Christian Breuer
<christian.breuer@meinefirma.at>, <officenn@meinefirma.at>,
<renmair@meinefirma.at>, <rimus@meinefirma.at>, <sandra.brunnbauer@meinefirma.at>,
Simone Krenmair <simone.krenmair@meinefirma.at>, <smbhoffice@meinefirma.at>,
Linda Wimmer <linda.wimmer@meinefirma.at>, Linda Wimmer
<linda.wimmer@meinefirma.at>, <xm0eo1-dw30q2-a7@meinefirma.at>, <Tue>,
<00 +0100>, <xm0eo1-dw30q2-a7@meinefirma.at>, <xm0eo1-dw30q2-a7@meinefirma.at>,
<xm0eo1-dw30q2-a7@meinefirma.at>
Top
 Profile  
 
Bill48105
 Post subject: Re: Spam with own Email Adress?
PostPosted: 2012-06-06 07:09 
Developer

Joined: 2010-04-24 23:16
Posts: 4778
Location: Michigan, USA
Are you confusing SMTP from & 'from' header? From the message you posted the smtp from was Return-Path: <pustulest396@bmacapital.com> which I assume is not your own address.. The from header is just text & part of the email & can be easily spoofed. If you wanted to you could check the from header in a rule or script but you are in for an uphill battle & likely to break things since often legit emails spoof the headers.
Bill

_________________
hMailServer build I'm using LIVE on my servers: 5.4-B2013040501
Latest test builds at: http://www.hmailserver.com/forum/viewtopic.php?f=10&t=21420

Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 

Board index » Support » General discussions

Who is online

Users browsing this forum: No registered users and 3 guests


Search for:
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group