1

Topic: "To" Tag in message is wrong

==== Required information ====
- iRedMail version: 0.9.6):
- Linux/BSD distribution name and version: Ubuntu 14.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? no
- Related log if you're reporting an issue:
====

Good afternoon!

How to delete messages that are not in my domain mydomain.ru ? "To" Tag in message is wrong!!!

Return-Path: <countrygascapital@soportemybb.es>
Delivered-To: <mail@mydomain.ru>
Received: from mail.mydomain.ru
    by mail.mydomain.ru (Dovecot) with LMTP id YedkCVaRmlitNQAAJAsnUA
    for <mail@mydomain.ru>; Wed, 08 Feb 2017 06:32:38 +0300
Received: from mail.mydomain.ru (localhost [127.0.0.1])
    by mail.mydomain.ru (Postfix) with ESMTP id 08DAD282270
    for <mail@mydomain.ru>; Wed,  8 Feb 2017 06:32:38 +0300 (MSK)
X-Virus-Scanned: Debian amavisd-new at mail.mydomain.ru
X-Spam-Flag: YES
X-Spam-Score: 8.032
X-Spam-Level: ********
X-Spam-Status: Yes, score=8.032 tagged_above=2 required=6.31
    tests=[BAYES_50=0.8, HTML_IMAGE_ONLY_04=1.172, HTML_MESSAGE=0.001,
    MIME_HTML_MOSTLY=0.428, MPART_ALT_DIFF=0.79,
    RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_PSBL=2.7, RDNS_NONE=0.793,
    URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.mydomain.ru ([127.0.0.1])
    by mail.mydomain.ru (mail.mydomain.ru [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id IneCBPd5UE9P for <mail@mydomain.ru>;
    Wed,  8 Feb 2017 06:32:37 +0300 (MSK)
Received: from saudisoft.ssmain.com (unknown [212.103.187.53])
    by mail.mydomain.ru (Postfix) with ESMTP id 94D4C280356
    for <mail@mydomain.ru>; Wed,  8 Feb 2017 06:31:55 +0300 (MSK)
Received: from svmz ([5.223.157.154]) by saudisoft.ssmain.com with Microsoft SMTPSVC(6.0.3790.4675);
     Wed, 8 Feb 2017 01:09:48 +0200
Message-ID: <A5A016454E9AB6E5393C75C82C2ED94E@soportemybb.es>
From: =?windows-1251?B?weXr5eLx6ujpIN3k8+Dw5A==?= <countrygascapital@soportemybb.es>
[b][color=#FF0000]To: = ?windows-1251?B?wuXw4A==?= <moroxxi@bigtelecom.ru>[/color][/b]
Subject: [SPAM]=?windows-1251?B?z/Du4/Dg7OzgICLQ4Ofi6PLo5SDy5evl8ODk?=
    =?windows-1251?B?6O7i5fng7ej/IOIg0O7x8ejp8eru6SDU5eTl?=
    =?windows-1251?B?8OD26Ogg7eAgMjAwOSAtIDIwMTgg4+7k+yI=?=
Date: Wed, 8 Feb 2017 00:35:25 +0300
MIME-Version: 1.0
Content-Type: multipart/related; boundary="be1c70d9291291317adc808cfaa9"
X-OriginalArrivalTime: 07 Feb 2017 23:10:07.0454 (UTC) FILETIME=[52B0F7E0:01D28197]


Feb  8 06:32:06 mail postfix/smtpd[13810]: 94D4C280356: client=unknown[212.103.187.53]
Feb  8 06:32:27 mail postfix/postscreen[13807]: close database /var/lib/postfix/postscreen_cache.db: No such file or directory (possible Berkeley DB bug)
Feb  8 06:32:29 mail postfix/cleanup[13826]: 94D4C280356: message-id=<A5A016454E9AB6E5393C75C82C2ED94E@soportemybb.es>
Feb  8 06:32:37 mail postfix/qmgr[19050]: 94D4C280356: from=<countrygascapital@soportemybb.es>, size=41212, nrcpt=1 (queue active)
Feb  8 06:32:37 mail amavis[12298]: (12298-03) ESMTP:[127.0.0.1]:10024 /var/lib/amavis/tmp/amavis-20170208T050101-12298-Tqgft9ya: <countrygascapital@soportemybb.es> -> <mail@mydomain.ru> SIZE=41212 Received: from mail.mydomain.ru ([127.0.0.1]) by mail.mydomain.ru (mail.mydomain.ru [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <mail@mydomain.ru>; Wed,  8 Feb 2017 06:32:37 +0300 (MSK)
Feb  8 06:32:37 mail amavis[12298]: (12298-03) Checking: IneCBPd5UE9P [212.103.187.53] <countrygascapital@soportemybb.es> -> <mail@mydomain.ru>
Feb  8 06:32:37 mail amavis[12298]: (12298-03) p004 1 Content-Type: multipart/related
Feb  8 06:32:37 mail amavis[12298]: (12298-03) p005 1/1 Content-Type: multipart/alternative
Feb  8 06:32:37 mail amavis[12298]: (12298-03) p001 1/1/1 Content-Type: text/plain, size: 0 B, name: 
Feb  8 06:32:37 mail amavis[12298]: (12298-03) p002 1/1/2 Content-Type: text/html, size: 276 B, name: 
Feb  8 06:32:37 mail amavis[12298]: (12298-03) p003 1/2 Content-Type: image/gif, size: 28719 B, name: taht.gif
Feb  8 06:32:38 mail amavis[12298]: (12298-03) mangling NO: 0 (was: disclaimer), discl_allowed=0, <countrygascapital@soportemybb.es> -> <mail@mydomain.ru>
Feb  8 06:32:38 mail amavis[12298]: (12298-03) spam-tag, <countrygascapital@soportemybb.es> -> <mail@mydomain.ru>, Yes, score=8.032 tagged_above=2 required=6.31 tests=[BAYES_50=0.8, HTML_IMAGE_ONLY_04=1.172, HTML_MESSAGE=0.001, MIME_HTML_MOSTLY=0.428, MPART_ALT_DIFF=0.79, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_PSBL=2.7, RDNS_NONE=0.793, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Feb  8 06:32:38 mail postfix/smtpd[13840]: connect from localhost[127.0.0.1]
Feb  8 06:32:38 mail postfix/smtpd[13840]: 08DAD282270: client=localhost[127.0.0.1]
Feb  8 06:32:38 mail postfix/cleanup[13826]: 08DAD282270: message-id=<A5A016454E9AB6E5393C75C82C2ED94E@soportemybb.es>
Feb  8 06:32:38 mail postfix/smtpd[13840]: disconnect from localhost[127.0.0.1]

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: "To" Tag in message is wrong

Sample:
To: = ?windows-1251?B?wuXw4A==?= <moroxxi@bigtelecom.ru>

3

Re: "To" Tag in message is wrong

How to remove the incoming messages that tag "To" contains no domain "@mydomain.ru"?

4

Re: "To" Tag in message is wrong

You can use Postfix header_checks(5) to check mail headers and reject.
http://www.postfix.org/header_checks.5.html