1 Topic by djfake (edited by djfake 2015-02-17 05:01:31)

  • djfake
  • Member
  • Offline
  • Registered: 2013-06-28
  • Posts: 61

Topic: Too much spam

==== Required information ====
- iRedMail version:  0.4
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MSQ
- Linux/BSD distribution name and version: Ubuntu
- Related log if you're reporting an issue:
====

I get a lot of spam each day, and it all has my domain in the return path. How can I get all of this to properly filter into spam? Here is a typical header of the SPAM:

Return-Path: <life-webmaster-webmaster=MYDOMAIN.com@racuzen.com>
Delivered-To: webmaster@MYDOMAIN.com
Received: from localhost (localhost [127.0.0.1])
    by MYDOMAIN.com (Postfix) with ESMTP id 6A1816253E
    for <webmaster@MYDOMAIN.com>; Mon, 16 Feb 2015 13:32:58 -0600 (CST)
X-Virus-Scanned: Debian amavisd-new at MYDOMAIN.com
Authentication-Results: MYDOMAIN.com (amavisd-new);
    dkim=fail (1024-bit key) reason="fail (body has been altered)"
    header.d=racuzen.com
Received: from MYDOMAIN.com ([127.0.0.1])
    by localhost (MYDOMAIN.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id h5An9tNRBFIo for <webmaster@MYDOMAIN.com>;
    Mon, 16 Feb 2015 13:32:57 -0600 (CST)
Received: from because.racuzen.com (because.racuzen.com [178.251.230.18])
    by MYDOMAIN.com (Postfix) with ESMTP id 22BFC6253A
    for <webmaster@MYDOMAIN.com>; Mon, 16 Feb 2015 13:32:54 -0600 (CST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=dkim; d=racuzen.com;
    h=MIME-Version:Content-Type:Date:Message-Id:Subject:From:To; i=life-webmaster@racuzen.com;
    bh=rZe9fX+//2/cQ3Md7R/a10Y1it8=;
    b=F7Ou6QBTE/fEPemntJKvXD2GSpefe2wPMaQmoMnIqMoC26VEdFkcimWXATv8E+yma7XSNsmH8htx
    hsgse33ugeN8UkoEr3MueRXCLcjTaSFl9QDBr0DKSZds2ThxIh2hFpYuIlKlHRJhRy5OUfE+4t7R
    bViqLOji/ZXjRKZMNZk=
Received: by because.racuzen.com id hs92oc0001g3 for <webmaster@MYDOMAIN.com>; Mon, 16 Feb 2015 14:11:12 -0500 (envelope-from <life-webmaster-webmaster=MYDOMAIN.com@racuzen.com>)
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="cafa98e063a9811b0c4d497e80a226"
Date: Mon, 16 Feb 2015 14:11:12 -0500
Message-Id: <5Wg4bHq2FUDKJ11gke6bkkCgpreG1t@racuzen.com>
Subject: =?UTF-8?B?JDI1MGsgbGlmZSBpbnN1cmFuY2UgZm9yICQxNS9tb250aA==?=
From: PlanSelect <life-webmaster@racuzen.com>
To: webmaster@MYDOMAIN.com

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,793

Re: Too much spam

Looks like backscatter. Reference: http://www.postfix.org/BACKSCATTER_README.html