How to prevent mail spoofing?
How to prevent mail spoofing?
Hello,
I'm having difficulties figuring out how to prevent mail spoofing, i heard SPF is a good idea, however i have no idea how to set it up.
In other words, I'd like to block fake email such as emkei.cz or phpmail from reaching my inbox
Can anyone help?
Thanks.
I'm having difficulties figuring out how to prevent mail spoofing, i heard SPF is a good idea, however i have no idea how to set it up.
In other words, I'd like to block fake email such as emkei.cz or phpmail from reaching my inbox
Can anyone help?
Thanks.
Last edited by NikoCodey on Sun Oct 22, 2017 10:24 pm, edited 1 time in total.
Re: How to prevent mail spoofing?
Hello,
I had to bump this due to no response and no help from searching :(
I had to bump this due to no response and no help from searching :(
-
mehargags
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: How to prevent mail spoofing?
Take a good read at topics in the MAIL SERVER Section of the forums
The first few sticky posts address your typical issue
You can enable these filtering rules in your EXIM/SpamAssasin to fail if :
1. rDNS PTR records not match "mail from domain"
2. SPF records not published/matched
3. DKIM signatures not present/fail
This is a fine tuning process and will require much reading and trial
The first few sticky posts address your typical issue
You can enable these filtering rules in your EXIM/SpamAssasin to fail if :
1. rDNS PTR records not match "mail from domain"
2. SPF records not published/matched
3. DKIM signatures not present/fail
This is a fine tuning process and will require much reading and trial
Re: How to prevent mail spoofing?
Thanks for the reply mehargags, I've noticed that clamav and spamassassin were not installed on the server, did some digging and figured out that it does not automatically install on a server with less than 3 gb of ram.mehargags wrote:Take a good read at topics in the MAIL SERVER Section of the forums
The first few sticky posts address your typical issue
You can enable these filtering rules in your EXIM/SpamAssasin to fail if :
1. rDNS PTR records not match "mail from domain"
2. SPF records not published/matched
3. DKIM signatures not present/fail
This is a fine tuning process and will require much reading and trial
I've installed clamav and spamassassin and i installed the rules from this thread - http://forum.vestacp.com/viewtopic.php?f=12&t=11271
However, when i send a fake mail, it still does not get rejected. In the headers it says:
-1.0 SPF_HELO_PASS SPF: HELO matches SPF record
1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
Any help?
Re: How to prevent mail spoofing?
Just thought I'd update my progress.
Managed to get it to detect the bad SPF, it moves the message to junk, however,
rewrite_header Subject *****SPAM*****
in the spamassassin configuration does not work.
Any help?
Managed to get it to detect the bad SPF, it moves the message to junk, however,
rewrite_header Subject *****SPAM*****
in the spamassassin configuration does not work.
Any help?
-
mehargags
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: How to prevent mail spoofing?
I'm not much knowledgable about SA and filtering so just wait for some more appropriate responses.
meantime just check this link https://www.lifewire.com/spamassassin-m ... am-1166252
meantime just check this link https://www.lifewire.com/spamassassin-m ... am-1166252