How to prevent mail spoofing?

Questions regarding the Mail Server
Dovecot, Exim, RoundCube
NikoCodey
Posts: 4
Joined: Sat Sep 09, 2017 12:29 pm

How to prevent mail spoofing?

Postby NikoCodey » Sat Sep 09, 2017 12:33 pm

Hello,

I'm having difficulties figuring out how to prevent mail spoofing, i heard SPF is a good idea, however i have no idea how to set it up.

In other words, I'd like to block fake email such as emkei.cz or phpmail from reaching my inbox

Can anyone help?

Thanks.
Last edited by NikoCodey on Sun Oct 22, 2017 10:24 pm, edited 1 time in total.

NikoCodey
Posts: 4
Joined: Sat Sep 09, 2017 12:29 pm

Re: How to prevent mail spoofing?

Postby NikoCodey » Sun Oct 22, 2017 10:23 pm

Hello,

I had to bump this due to no response and no help from searching :(

mehargags
Moderators
Posts: 785
Joined: Sat Sep 06, 2014 9:58 pm
Contact:

Re: How to prevent mail spoofing?

Postby mehargags » Mon Oct 23, 2017 7:20 am

Take a good read at topics in the MAIL SERVER Section of the forums
The first few sticky posts address your typical issue

You can enable these filtering rules in your EXIM/SpamAssasin to fail if :
1. rDNS PTR records not match "mail from domain"
2. SPF records not published/matched
3. DKIM signatures not present/fail

This is a fine tuning process and will require much reading and trial

NikoCodey
Posts: 4
Joined: Sat Sep 09, 2017 12:29 pm

Re: How to prevent mail spoofing?

Postby NikoCodey » Mon Oct 23, 2017 9:01 pm

mehargags wrote:Take a good read at topics in the MAIL SERVER Section of the forums
The first few sticky posts address your typical issue

You can enable these filtering rules in your EXIM/SpamAssasin to fail if :
1. rDNS PTR records not match "mail from domain"
2. SPF records not published/matched
3. DKIM signatures not present/fail

This is a fine tuning process and will require much reading and trial


Thanks for the reply mehargags, I've noticed that clamav and spamassassin were not installed on the server, did some digging and figured out that it does not automatically install on a server with less than 3 gb of ram.

I've installed clamav and spamassassin and i installed the rules from this thread - http://forum.vestacp.com/viewtopic.php?f=12&t=11271

However, when i send a fake mail, it still does not get rejected. In the headers it says:
-1.0 SPF_HELO_PASS SPF: HELO matches SPF record
1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

Any help?

NikoCodey
Posts: 4
Joined: Sat Sep 09, 2017 12:29 pm

Re: How to prevent mail spoofing?

Postby NikoCodey » Mon Oct 23, 2017 11:23 pm

Just thought I'd update my progress.

Managed to get it to detect the bad SPF, it moves the message to junk, however,
rewrite_header Subject *****SPAM*****

in the spamassassin configuration does not work.

Any help?

mehargags
Moderators
Posts: 785
Joined: Sat Sep 06, 2014 9:58 pm
Contact:

Re: How to prevent mail spoofing?

Postby mehargags » Tue Oct 24, 2017 9:59 am

I'm not much knowledgable about SA and filtering so just wait for some more appropriate responses.
meantime just check this link https://www.lifewire.com/spamassassin-m ... am-1166252


Return to “Mail Server”



Who is online

Users browsing this forum: No registered users and 11 guests