Questions tagged [spam]
Unsolicited e-mail, comments or posts, often sent out in large volumes; possibly but not necessarily commercial in nature
1,411
questions
4
votes
1
answer
2k
views
Reject emails that fail reverse hostname resolution
My Postfix server is receiving spam from an ever changing set of domain names but with a consistent pattern in the log file starting with line warning: hostname X does not resolve to address Y. No ...
- 155
0
votes
2
answers
6k
views
Why did this incoming email get through Office 365 spam filters with a DKIM fail? What policy do I need to "tune"?
We use Office 365 mail, I got this spam email this morning so I checked the header to see if there was anything I could do. Here is the header with our receipt domain removed
Received: from ...
- 298
-1
votes
1
answer
2k
views
How to fix spam listing of IP due to SMTP HELO banner
Spamhaus has listed my IP a few times for an apparent problem. They are indicating:
A device using <ipv6 addr> is infected with malware and is emitting spam.
<ipv6 addr> is making SMTP ...
- 169
0
votes
1
answer
311
views
procmail rewrite subject line if email recipient user fails match test
I have a local procmail user "bob".
If an email arrives and matches [email protected], then no action should be taken.
However, if an email arrives and is [anything_else]@domain.com then I ...
- 221
0
votes
0
answers
227
views
GMail Sends Email from .uk.net Domains to Spam
Gmail always puts emails from domains ending with .uk.net into spam, despite SPF, DMARC, and DKIM being passed.
If we send emails from other domains, e.g. ending with .co.uk, from the same mail server ...
- 101
2
votes
1
answer
2k
views
Exchange 365 Spam Filter Policy Block Domain TLD
We migrated to cloud from on premise Exchange 2010. In Sonicwall ESA, I was able to block TLDs (Top Level Domains). In the Exchange Admin Center, I see I can set individual or additional "Rules&...
- 25
0
votes
1
answer
37
views
SPAM after activating WordPress plugin on Linux VPS
After activating a plugin I received an email that I had never recived before. What kind of miscellaneous code it might be? it's a coincidence? I received an email to my account Gmail that I never ...
- 1
1
vote
1
answer
690
views
Can't Receive Email - Postfix iRedMail Server Using Spamhaus & Unbound / BIND9 DNS Servers
iRedMail server configured using ISP's DNS servers. Running several years without issue. Moving from current ISP to Starlink. It appears Starlink uses Cloudflare's public DNS. Currently have both ISPs ...
- 11
0
votes
0
answers
190
views
DNS lookup spam running up Route 53 bill
Throughout 21 we saw around 15M DNS queries/month. In January 2022 we saw almost 300M and I didn't notice.... then February almost 1 BILLION...... and I noticed because of the bill. Amazon isn't ...
- 1
1
vote
2
answers
283
views
How to block spoofed mail from *.host.com
I'm currently running a centOS server with directadmin and custombuild.
I keep getting spoofed phishing mails with spoofed from addresses that have SPF setup properly.
Spamassassin gives it a score 1....
- 131
2
votes
1
answer
196
views
Privacy-friendly Postfix bounce messages for remote rejects
The topic of handling bounce message for remote rejects has been brought up at least three times (1, 2, 3), and it looks as if there is no real solution. I wonder, though, if the bounce template can ...
- 267
-1
votes
1
answer
611
views
How do I remove my domain from spam lists after abused credential incident?
Recently the email account of one of my users was hijacked to send a lot of spam and phishing mails. Once I realized the problem I did solve it, but only after my domain was marked as spammer by many ...
- 1
1
vote
0
answers
108
views
spamassasin unable to read Japanese when it is html encoded
I would like to block some emails which contains certain Japanese words, but spamassassin fails to detect such words when the email is HTML encoded, for example:
This is a multi-part message in MIME ...
- 469
0
votes
1
answer
816
views
Send email from Heroku server using gmail account and PHPMailer
I have a Heroku app which has a php script that send out an email. The email sent always goes to spam.
Let's say the heroku app is mywebsite.herokuapp.com and my email is [email protected]. Based on ...
- 101
1
vote
1
answer
195
views
Confused about SPF Records
I thought that ?all in SPF should not be used.
Then I examinated SPF records of some local email provider companies and I found this:
v=spf1 mx ip4:77.75.78.0/23 ip4:77.75.76.0/23 ip6:2a02:598::/32 ?...
- 11
0
votes
0
answers
124
views
Do email providers junk all email from certain IP address ranges?
TLDR: Outlook.com appear to be junking all our emails from new VPS - nothing has an effect so questioning if IP address range reputation is the issue.
We used to host all our websites (five) and email ...
0
votes
0
answers
268
views
Postfix Maildrop Directory Generating Unsolicited Email
I have recently set up up a Postfix Mail Server on Ubuntu 20.04. This server is used mainly to relay messages from authenticated users to the outside world. This is so applications such as payroll ...
2
votes
2
answers
1k
views
What exactly can I conclude from "High scoring spam message has been dropped (in reply to end of DATA command)"?
I operate a web site that offers user registrations. Users get automatic registration success e-mails, sent through a professional e-mail hosting company (not directly from our own server). This has ...
- 153
0
votes
1
answer
147
views
Google putting all mail to spam
This question is related to some software for schools and one part is for the schools to send information to students and parents. But all mail end up in Gmail spam folders.
If i look at the google ...
- 115
5
votes
0
answers
2k
views
systemd-udevd spams systemd-udevd[1523120]: veth20996a5: Failed to get link config: No such device
I have setup my server logging with graylog and now I see that my logs are being spamed by level: 3 errors like these:
systemd-udevd[1523120]: veth20996a5: Failed to get link config: No such device
I ...
- 151
1
vote
0
answers
154
views
Continuous SPAM from certain IP/s hosting provider, how to report them if not responding at [email protected]
last maybe 4 weeks is coming SPAM e-mails from various domains. In common is that when i paste the source code of the e-mail to
https://www.spamcop.net
is detected this provider and their mailbox: ...
- 536
1
vote
1
answer
76
views
Outbound email restriction
We have a project to set up around 5,000 plus email IDs for an educational institution. Emails are meant mostly for receiving mails, and the instituition wants to set up some rule that no email id can ...
- 685
1
vote
1
answer
194
views
After adding a new DNSBL to Sendmail, how can I resubmit an email to see if it will be rejected?
TL;DR
How can I fool my own sendmail into thinking an email comes from a particular ip address, so that it rejects the message due to a DNSBL match?
Details:
I run my own mail server, and most spam is ...
- 73
0
votes
3
answers
291
views
Tag External Emails from NEW external addresses
We work with a giant company that prepends an email tag to every externally originating (to them) email that goes something like:
"Warning, this email originated outside your organization - don't ...
- 113
0
votes
0
answers
1k
views
DMARC, DKIM, or SPF? Emails going into quarantine
I have never had to deal with DKIM, DMARC, or SPF records before; however, our SPF record is full (10, Cloudflare) and I have a vendor whose emails aren’t making it to our mailboxes.
I made ...
- 1
0
votes
1
answer
370
views
How to stop spammer spoofing my domain for emails
I've scanned all my code and even changed the passwords to my google apps account such that the SMTP password has changed. However, spammers are still sending emails from June24-eBay-USA-contactmsg-...
- 302
0
votes
1
answer
440
views
Postfix identify the true sender
Recently my server has many spam emails generated. I looked for information in an example message but the sender is apparently faked, and there is no postfix user ID in the message header as well. ...
- 15
1
vote
1
answer
319
views
How to minimize chances of one's domain being falsely blacklisted (uribl)
My side job is to admin my wife's company domain. It's only used as a domain name for Google mail and tools (slides, docs, etc...).
Although she used her domain for email for many years without any ...
- 113
0
votes
0
answers
259
views
E-mail servers keep being blacklisted by Spamhaus
We are running a (webbased) application that is being used by many companies. This application generates large volumes of e-mail, almost all of them have a PDF attachment. These are e-mails the users ...
- 113
1
vote
0
answers
5k
views
Mail loop between spam filter and 365
I was wondering if anyone has seen this before. We have our own spam filter cluster that emails go through before being sent on to 365. When emailing from our company domain (365 hosted) to another ...
- 11
0
votes
1
answer
394
views
Postfix: Optimising order of spam checks?
I have a mail server (postfix v3.3) on a VPS running Ubuntu 18.04, processing both inbound and outbound mail (I have some websites sending mail, and some SASL auth users with accounts on the machine) ...
- 507
5
votes
1
answer
569
views
How to match Japanese in spamassassin?
I live in Japan. Recently there has been a lot of spam coming from China with messages written in Chinese. As spamassassin does not contain rules for Chinese, most of those emails pass with low score.
...
- 469
3
votes
1
answer
2k
views
Why does rspamd consider an odd number of URIs in an email to be an indicator of spam?
Rspamd has many email spam heuristics, and one of them is URI_COUNT_ODD. This heuristic seems to just count how many URIs are in the body of the email, and adds 1 to the score if the number is odd. ...
- 139
0
votes
2
answers
495
views
Configure Postfix external relay for UCEPROTECTL3 rejection
Is it possible to configure MTA Postfix server to bypass UCEPROTECTL3 rejection ?
Example when my server connect to recipient server then I get information:
Diagnostic-Code: smtp; 554 5.7.1 You are ...
- 51
0
votes
1
answer
592
views
What to do if a specific postfix/dovecot user's account is hacked and being used to send spam?
I'm running a postfix/dovecot mail server. This morning, I discovered it was unresponsive. Turned out, /var/log was full. It appears one of the users has had their account hacked and it's being used ...
- 419
1
vote
0
answers
294
views
Google Postmaster: IP reputation of subdomain and main domain identical
We have a main domain, example.com. We use this to send regular emails via Google GSuite.
We also have a subdomain, say sub1.example.com. We use this to send campaign emails through an email marketing ...
- 111
0
votes
0
answers
380
views
DKIM validation fails only on Outlook
I'm configuring OpenDKIM to sign miltiple domains with the same key on Pstfix. I followed this tutorial with s=mail and d=example.com.
SigningTable:
* mail._domainkey.example.com
KeyTable:
...
- 11
-1
votes
1
answer
446
views
Is it possible to scan local drive folder for SPAM Mails? [closed]
I want to check a postfix mailbox folder directly on the Server. The server OS is Debian.
Is this possible?
- 101
1
vote
0
answers
590
views
how to block emails from helo=localhost.localdomain
at my email server postfix, dovecot, amavis, spamassassin are blocking spam well, but some spam emails with bad HELO (helo=localhost.localdomain / Received-spf ....envelope-from=<>; receiver=<...
- 11
0
votes
0
answers
212
views
Discard an email in postfix when the reply-to address is different from that of sender
I've setup virtualmin and the emails are working fine with the Postfix server. However I'd like to add a feature where, in case somebody tries to abuse the server and tries to send an email with a ...
- 1
25
votes
5
answers
8k
views
Does DKIM alone not solve the spam issue? Why do I need SPF?
FINAL EDIT : I was completely wrong about DKIM it seems, the signing domain does not have to be the same as the sender domain, thus the whole premise for my question is flawed. A lot of thanks to Paul ...
- 521
0
votes
1
answer
61
views
What is a good way to send user-generated newsletters/emails to thousands of subscribers?
I know many services these days are doing newsletter,example - Mailchimp, Revue, MailerLite.
I'm very curious to know how do they manage to send that amount of emails and not being shutted down by ...
- 103
0
votes
1
answer
69
views
Is it ok (regarding spam) to use yahoo to send email from our domain [email protected]?
I m enough of seeing my email arriving in spam folder. I would like now to send my emails not from my smtp server but from yahoo mail server. When you have a yahoo account, you can choose to send ...
- 133
0
votes
0
answers
2k
views
Allowing Messages from IP Address DMARC
I'm still learning infrastructure stuff and need to ask a question which relates to DMARC. A user in the organisation has an app which is sending marketing messages to staff within the business. The ...
- 615
0
votes
1
answer
152
views
Compare url link and url text in email body and reject as SPAM
Email body:
... <a href="url">text</a> ...
Is it possible check if text is url in email body, then compare url and text and reject as SPAM if they differ?
1
vote
1
answer
1k
views
How to analyze cause of postfix server sending spam
A client of mine has a server hosting postfix as well as nginx with several websites, including an nginx installation with several subdomains / websites.
Since a couple of days the /var/spool/postfix ...
- 125
-2
votes
1
answer
265
views
Identifying the spam source on my Centos6.9 smtp sendmail server
The server has also httpd with PHP services running
I did read the guide here: https://a1websitepro.com/find-track-filthy-spammer-block/
I did install EXIM
My client complains they never had this ...
- 109
0
votes
0
answers
18
views
My postfix is used for spamming [duplicate]
I need your help.
My postfix is sending spam mails.
I checked my main.cf and it should be fine.
In the following a snippet of my mail.log
Jan 3 22:35:41 mail postfix/pickup[104179]: 866352963F01: uid=...
- 1
2
votes
0
answers
1k
views
How to solve '521 5.7.1 Service unavailable; client x.x.x.x blocked using Return-Path'?
How to solve or interpret following error? I'm not sure if anything should be done on client (sender or sending account of a domain) or ask remote postmasters for help.
<[email protected]> (...
- 597
0
votes
1
answer
778
views
Postfix: How to malware & spam scan outgoing SMTP SASL auth users?
Although I have found two answers to this, I can't work out how to actually implement them, and at least one of them doesn't actually answer the question. So if anyone has any experience to share I'd ...
- 507