Hi all,
some weeks ago the email/pc of a customer that has contact with my company was compromised and now we receive email with viruses.
I'll explain better the situation.
Server:
Exim 4.92
Easy Spam Figther - Installed
BlockCrarking - Installed
Spamassassin - Installed
Server is perfectly working but emails received by spammer are like:
As you can see, in the sender name is available the real email address of our customer ([email protected]) and the real email address of the sender [email protected]
Block single sender email is not a valid strategy cause we are receiving the same mail from different domains (I've report an abuse for 2 of thems) so I would like to check sender name.
any suggestion?
some weeks ago the email/pc of a customer that has contact with my company was compromised and now we receive email with viruses.
I'll explain better the situation.
Server:
Exim 4.92
Easy Spam Figther - Installed
BlockCrarking - Installed
Spamassassin - Installed
Server is perfectly working but emails received by spammer are like:
HTML:
From: "[email protected]" <[email protected]>
To: "Sales" <[email protected]>
Subject: RE: PASER-EASY START: INVIO CENTRALINA UDAB
Date: Mon, 30 Sep 2019 12:04:20 +0200
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_01A6_01D57788.4089FBE0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQJ1o0824VUX95M3xZx5gcgFjyLpyA==
Obviously attached there is a virus in DOC format that clamav doesn't recognize.im Anhang findet ihr das aktuelle Zertifikat.
Vielen Dank, gerne lesen wir noch von Ihnen.
Mit freundlichen Grüßen
[email protected]
[email protected]
As you can see, in the sender name is available the real email address of our customer ([email protected]) and the real email address of the sender [email protected]
Block single sender email is not a valid strategy cause we are receiving the same mail from different domains (I've report an abuse for 2 of thems) so I would like to check sender name.
any suggestion?