Page 1 of 3 123 LastLast
Results 1 to 20 of 55

Thread: Email Spams On My own Email Address

  1. #1
    Join Date
    Feb 2009
    Location
    Singapore
    Posts
    14

    Email Spams On My own Email Address

    hi All,

    i am facing some problems with my email recent. I have been receiving email spams from sales@cripperz.sg which sends to sales@cripperz.sg as receipient. Havent been having this problem for quite sometime until recently. Just a quick background, sales@cripperz.sg is just a forward address to multiple email account that has inbox / user in directadmin.

    Can someone advise how can i go about fixing this. I am using Ubuntu 8.04 LTS on latest directadmin and update exim, dovecot, etc. Using custombuild 1.2 at the moment.

    Please help.
    Last edited by cripperz; 03-21-2010 at 02:00 PM. Reason: background update

  2. #2
    Join Date
    Oct 2004
    Location
    London, UK
    Posts
    6,641
    have you checked if the server that is send the mail is your own servere? you can check on email header.

    Let us know
    SeLLeRoNe - Andrea Iannucci
    DevOps Engineer - System Administrator
    If you need my support write me an E-Mail to Support@CrazyNetwork.it

  3. #3
    Join Date
    Mar 2005
    Posts
    5,270
    You cannot stop a spammer from faking your email address.
    Floyd Morrissette Little Creek Solutions
    Web Hosting Solutions. XEN Virtual Private Servers, VMWare .....
    DirectAdmin Administration and Support
    Our focus is on quality customer support

  4. #4
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    What you can do is log in to your DirectAdmin user account and check the SPAM Filters, which will allow you to block mail from any email address or even any domain. The problem of course, is that you can then never send email to yourself using any other server besides your own. We don't recommend, but several of our clients use it.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  5. #5
    Join Date
    Feb 2009
    Location
    Singapore
    Posts
    14
    hi jlasman,

    noted =) ..thanks for the reply.

  6. #6
    Join Date
    Apr 2006
    Posts
    11
    You can implement BATV in exim.conf
    http://wiki.exim.org/BATV%20signed%2...ght=%28BATV%29

  7. #7
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    Unless I'm missing something this uses the same key for all emails. If so, then a spammer could easily learn it and start using it.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  8. #8
    Join Date
    Apr 2006
    Posts
    11
    Is not correct. Every outgoing mail have a key based on the one written in your exim.conf. Make a try:

    Using SpamBlocker 3.2.4 RC:
    Code:
    BATVKEY = sometext
    .
    .
    .
    #IN ACLs
    acl_check_recipient:
    
    # Bounces must only be returned to one recipient.
    deny message = bounce messages must contain only one RCPT
    	senders = :
    	condition = ${if >{$rcpt_count}{1}}
    # Empty sender (a bounce) to prvs address, check signature.
    deny message = invalid or expired BATV signature
    	senders = :
    	control = caseful_local_part
    	condition = ${prvscheck {$local_part@$domain}{BATVKEY}{1}}
    	!condition = $prvscheck_result
    	control = caselower_local_part
    .
    .
    .
    
    acl_check_message:
    
    # If this message is a true bounce (i.e. made it to DATA), and not just a
    # callout, require that the recipient not be unsigned.
    deny message = bounce messages must be returned to a BATV signed address
    	senders = :
    	!condition = ${prvscheck {$recipients}{BATVKEY}{true}}
    
    .
    .
    .
    #IN ROUTERS
    begin routers
    
    lookuphost:
      driver = dnslookup
      domains = ! +local_domains
      ignore_target_hosts = 127.0.0.0/8
      condition = "${perl{check_limits}}"
      transport = remote_smtp
      no_more
    
    # This router removes the BATV signature to return the original recipient
    # address.
    batv_redirect:
    	driver = redirect
    	data = ${prvscheck {$local_part@$domain}{BATVKEY}}
    
    .
    .
    .
    #IN TRANSPORTS
    # This transport is used for delivering messages over SMTP connections.
    remote_smtp:
      driver = smtp
      return_path = ${if match_address{$return_path}{*@*} {${prvs {$return_path} {BATVKEY}}} fail }
    Last edited by WiNeOS; 04-19-2010 at 09:31 AM. Reason: error in return_path copied from exim wiki.

  9. #9
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    Does it work?

    How does it handle emails it doesn't accept?

    Does it implement on stock version of exim without changes?

    How does it check the key? How does it know?

    Do my homework for me .

    Thanks!

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  10. #10
    Join Date
    Apr 2006
    Posts
    11
    Quote Originally Posted by jlasman View Post
    Does it work?

    How does it handle emails it doesn't accept?

    Does it implement on stock version of exim without changes?

    How does it check the key? How does it know?

    Do my homework for me .

    Thanks!

    Jeff
    It works for me and I'm using exim 4.7 now. I used it since exim 4.6.

    Basicly it does three things:

    1. If we're sending mail from a protected address such as
    info@someone.com, it rewrites the return-path to some magically
    generated address instead:
    Return-Path: prvs=2722692344=info@someone.com

    2. If we receive a bounce (empty reverse-path) addressed to one of
    those magically-generated addresses, it rewrites the destination back to
    the original info@someone.com using a router. (batv_redirect)

    3. Finally, if we receive a bounce addressed to the original protected address (info@someone.com), it rejects it if you want so is ACL based.

    For the rest of questions, you can read BATV draft on:
    http://mipassoc.org/batv/draft-levine-smtp-batv-01.html
    Last edited by WiNeOS; 04-16-2010 at 05:32 AM.

  11. #11
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    Quote Originally Posted by WiNeOS View Post
    It works for me and I'm using exim 4.7 now. I used it since exim 4.6.

    Basicly it does three things
    Thanks for the clarification; I may try it for myself. Is it better than my quick and easy new default in the current SpamBlocker Technology powered exim.conf file RC?
    For the rest of questions, you can read BATV draft on:
    http://mipassoc.org/batv/draft-levine-smtp-batv-01.html
    I wish I had time to study that.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  12. #12
    Join Date
    Apr 2006
    Posts
    11
    Quote Originally Posted by jlasman View Post
    Is it better than my quick and easy new default in the current SpamBlocker Technology powered exim.conf file RC?
    Well, BATV is very easy to implement in your config and will complement it a little more.

    Is not the thread to discuss it but i think that implement dkim (exim 4.7) in your SpamBlocker like you made with spamassassin will be great and is more important than batv. If you want i can download your last version and modify your config with this features.

    Greetz

  13. #13
    Join Date
    Mar 2005
    Posts
    5,270
    I thought exim had to be recompiled as well to include dkim. I did not think it was a simple configuration change.
    Floyd Morrissette Little Creek Solutions
    Web Hosting Solutions. XEN Virtual Private Servers, VMWare .....
    DirectAdmin Administration and Support
    Our focus is on quality customer support

  14. #14
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,123
    @WINeOS:

    I believe Floyd is correct. Which means that the change would have to be made by DirectAdmin in how Exim is managed; then it could be supported by the exim.conf file.

    Feel free to download my latest exim.conf beta, make changes you think would be helpful, and let me know where I can download a copy (ftp or httpd) and I'll be happy to look at your suggested changes.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  15. #15
    Join Date
    Oct 2003
    Location
    Switzerland
    Posts
    2,097
    Quote Originally Posted by floyd View Post
    I thought exim had to be recompiled as well to include dkim. I did not think it was a simple configuration change.
    I believe this is not true. Grep your mainlog file and you should see some DKIM verifications being performed.
    Simple verification is simple to do and the possibilities are pretty much endless.
    Olivier
    interfaCentre - We design custom hosting solutions

    Custom apps, scripts and configurations for easy and secure access to all hosting services
    Full Personal Information Management suite with mobile synchronisation
    PHP, Ruby, Node.js and Python hosting with 1-click app install

  16. #16
    Join Date
    Mar 2005
    Posts
    5,270
    Quote Originally Posted by interfasys View Post
    I believe this is not true. Grep your mainlog file and you should see some DKIM verifications being performed.
    Nothing in the exim mainlog for the last several days on one of my busiest servers.

    grep -i DKIM /var/log/exim/mainlog

    However I did find this:
    http://www.directadmin.com/forum/showthread.php?t=31493

    So how do we configure exim.conf to use DKIM?
    Last edited by floyd; 04-18-2010 at 10:44 AM.
    Floyd Morrissette Little Creek Solutions
    Web Hosting Solutions. XEN Virtual Private Servers, VMWare .....
    DirectAdmin Administration and Support
    Our focus is on quality customer support

  17. #17
    Join Date
    Oct 2003
    Location
    Switzerland
    Posts
    2,097
    And you're using 4.71?
    Olivier
    interfaCentre - We design custom hosting solutions

    Custom apps, scripts and configurations for easy and secure access to all hosting services
    Full Personal Information Management suite with mobile synchronisation
    PHP, Ruby, Node.js and Python hosting with 1-click app install

  18. #18
    Join Date
    Mar 2005
    Posts
    5,270
    4.67. I guess that is the problem. Let me see if there is an rpm to upgrade.
    Floyd Morrissette Little Creek Solutions
    Web Hosting Solutions. XEN Virtual Private Servers, VMWare .....
    DirectAdmin Administration and Support
    Our focus is on quality customer support

  19. #19
    Join Date
    Mar 2005
    Posts
    5,270
    Ok I have upgrade to da_exim-4.71-1

    Now what?
    Floyd Morrissette Little Creek Solutions
    Web Hosting Solutions. XEN Virtual Private Servers, VMWare .....
    DirectAdmin Administration and Support
    Our focus is on quality customer support

  20. #20
    Join Date
    Oct 2003
    Location
    Switzerland
    Posts
    2,097
    Now send yourself some emails from gmail and grep your log
    This official page has all the details: http://exim.org/exim-html-current/do...html/ch54.html

    But I think this should be discussed elsewhere in this forum.
    Olivier
    interfaCentre - We design custom hosting solutions

    Custom apps, scripts and configurations for easy and secure access to all hosting services
    Full Personal Information Management suite with mobile synchronisation
    PHP, Ruby, Node.js and Python hosting with 1-click app install

Similar Threads

  1. Can't receive email form default email address
    By sansak in forum General Technical Discussion & Troubleshooting
    Replies: 3
    Last Post: 11-20-2009, 12:10 PM
  2. Replies: 0
    Last Post: 01-01-2009, 02:33 AM
  3. Replies: 1
    Last Post: 02-27-2005, 12:05 PM
  4. Checking email without entering full email address
    By anewbie2 in forum DirectAdmin General Discussion
    Replies: 16
    Last Post: 10-20-2004, 04:51 AM
  5. [REQUEST] CC welcome email to our email address
    By SlashChick in forum Feedback & Feature Requests
    Replies: 3
    Last Post: 07-08-2004, 01:48 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •