[Postfix-br] Problemas com spam com email origem igual ao destino
Claudio Junior
csjunior em gmail.com
Quinta Novembro 27 10:06:06 BRST 2014
Ola pessoal
Hoje voltamos a receber emails que entram na caixa postal do usuário com a
origem e destino igual ao e-mail do usuário.
O que é possível fazer nestes tipos de email?
Vi que o sistema de spam rotulou ele de forma correta. Vou procurar fazer o
devido tratamento ali, mas existe mais alguma coias a se fazer? Gostaria de
barrar estes emails para que não entrassem no servidor.
Abaixo minhas smtpd restrictions:
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions =
smtpd_etrn_restrictions =
smtpd_helo_restrictions =
smtpd_recipient_restrictions = permit_mynetworks
reject_unauth_destination reject_non_fqdn_sender
reject_non_fqdn_recipient reject_unknown_sender_domain
reject_unknown_recipient_domain reject_unauth_pipelining
reject_rbl_client bl.spamcop.net reject_rbl_client zen.spamhaus.org
reject_rbl_client dnsbl.sorbs.net check_sender_access
cidr:/etc/postfix/cidr_koreia_china_nets check_policy_service inet:
127.0.0.1:60000 check_policy_service unix:private/policy-spf
smtpd_sender_restrictions =
Abaixo o cabeçalho do email com as informações.
Return-Path: <www-data at das27.cloudapp.net>
Delivered-To: wellington at XXXXXXXXX.com.br
Received: from localhost (localhost [127.0.0.1])
by srv03.XXXXXXXXX.com (Postfix) with ESMTP id 8498B7FCA4
for <wellington at XXXXXXXXX.com>; Thu, 27 Nov 2014 04:29:52 -0200
(BRST)
X-Virus-Scanned: Debian amavisd-new at srv03.XXXXXXXXX.com.br
X-Amavis-Alert: BAD HEADER SECTION, Non-encoded 8-bit data (char E1 hex):
Subject: ...ue seu ( CPF / CNPJ ) est\341 em fase de pro[...]
Received: from mail.XXXXXXXXX.com.br ([127.0.0.1])
by localhost (srv03.XXXXXXXXX.com.br [127.0.0.1]) (amavisd-new,
port 10024)
with ESMTP id NbQc8jsNO1X3 for <wellington at XXXXXXXXX.com>;
Thu, 27 Nov 2014 04:29:51 -0200 (BRST)
X-Greylist: delayed 455 seconds by postgrey-1.32 at srv03; Thu, 27 Nov 2014
04:29:46 BRST
Received-SPF: None (no SPF record) identity=mailfrom;
client-ip=168.61.8.93; helo=das27.das27.d4.internal.cloudapp.net;
envelope-from=www-data at das27.cloudapp.net; receiver=wellington at XXXXXXXXX.com
Received: from das27.das27.d4.internal.cloudapp.net (unknown [168.61.8.93])
by srv03.XXXXXXXXX.com (Postfix) with ESMTP id 9C1287FCA2
for <wellington at XXXXXXXXX.com>; Thu, 27 Nov 2014 04:29:45 -0200
(BRST)
Received: by das27.das27.d4.internal.cloudapp.net (Postfix, from userid 33)
id 9A36024582; Thu, 27 Nov 2014 06:18:43 +0000 (UTC)
To: wellington at XXXXXXXXX.com
Subject: Comunicamos que seu ( CPF / CNPJ ) est<E1> em fase de protesto.
(75753)
X-PHP-Originating-Script: 0:imo30.php
MIME-Version: 1.0
Content-type: text/html; charset=iso-8859-1
X-Mailer: Microsoft Office Outlook, Build 17.551210
Content-Transfer-encoding: 8bit
From: wellington at XXXXXXXXX.com
Reply-To: wellington at XXXXXXXXX.com
X-Mailer: iGMail [www.ig.com.br]
X-Originating-Email: wellington at XXXXXXXXX.com
X-Sender: wellington at XXXXXXXXX.com
X-iGspam-global: Unsure, spamicity=0.570081 - pe=5.74e-01 - pf=0.574081 -
pg=0.574081
Message-Id: <20141127061843.9A36024582 at das27.das27.d4.internal.cloudapp.net>
Date: Thu, 27 Nov 2014 06:18:43 +0000 (UTC)
Obrigado pela atenção
--
Claudio da Silva Junior
csjunior at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/postfix-br/attachments/20141127/2fb002ae/attachment.html>
More information about the Postfix-br
mailing list