I received this type of spoofing how can I create rules to not pass? I have Dkim and active SPF...
The header...
Return-Path: <d.huebenthal@itex.de>
Received: from mail-01.my-domain.com (LHLO mail-01.my-domain.com)
(172.16.0.6) by mail-01.my-domain.com with LMTP; Sun, 6 Aug 2023 04:46:48
+0100 (WEST)
Received: from localhost (localhost [127.0.0.1])
by mail-01.my-domain.com (Postfix) with ESMTP id 537A3200E72E3
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:46:48 +0100 (WEST)
X-Virus-Scanned: amavisd-new at my-domain.com
X-Spam-Flag: NO
X-Spam-Score: 3.991
X-Spam-Level: ***
X-Spam-Status: No, score=3.991 required=6.6 tests=[BAYES_50=0.8,
BITCOIN_SPAM_07=0.001, BOGUS_MIME_VERSION=1, FROM_EXCESS_BASE64=0.001,
HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001,
PDS_BTC_ID=0.467, RCVD_IN_MSPIKE_BL=0.001, RCVD_IN_MSPIKE_L4=0.001,
RCVD_IN_SORBS_DUL=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001,
SPF_SOFTFAIL=0.665, T_TVD_MIME_NO_HEADERS=0.01]
autolearn=no autolearn_force=no
Received: from mail-01.my-domain.com ([127.0.0.1])
by localhost (mail-01.my-domain.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 3RlJNAYwMTOv for <user.u.name@my-domain.com>;
Sun, 6 Aug 2023 04:46:47 +0100 (WEST)
Received: from mail.my-domain.com (unknown [10.10.192.5])
by mail-01.my-domain.com (Postfix) with ESMTPS id DA04F200DCB67
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:46:47 +0100 (WEST)
Received: from mail.my-domain.com (localhost [127.0.0.1])
by mail.my-domain.com (Proxmox) with ESMTP id 679BF100131
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:46:47 +0100 (WEST)
Received-SPF: pass (itex.de: 92.205.55.226 is authorized to use 'd.huebenthal@itex.de' in 'mfrom' identity (mechanism 'a' matched)) receiver=mail.my-domain.com; identity=mailfrom; envelope-from="d.huebenthal@itex.de"; helo=sh20212.ispgateway.de; client-ip=92.205.55.226
Received: from sh20212.ispgateway.de (sh20212.ispgateway.de [92.205.55.226])
by mail.my-domain.com (Proxmox) with ESMTPS id 67EAA1000F0
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:46:45 +0100 (WEST)
Received: from sh20212.ispgateway.de (php73.df_default [IPv6:fd00:dead:beef::a])
by sh20212.ispgateway.de (Postfix) with ESMTPS id 1AE79D06D2D0
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:56:39 +0200 (CEST)
Received: (from 503535@localhost)
by sh20212.ispgateway.de (8.15.2/8.15.2/Submit) id 3762udod1540140;
Sun, 6 Aug 2023 04:56:39 +0200
Date: Sun, 6 Aug 2023 04:56:39 +0200
Message-Id: <202308060256.3762udod1540140@sh20212.ispgateway.de>
X-Authentication-Warning: sh20212.ispgateway.de: 503535 set sender to d.huebenthal@itex.de using -f
To: user.u.name@my-domain.com
Subject: =?UTF-8?B?TsOjbyBwZW5zZSBxdWUgdm9jw6ogw6kgaW50ZWxpZ2VudGU=?=
X-PHP-Originating-Script: 503535:mails.php
From: =?UTF-8?B??= <user.u.name@my-domain.com>
MIME-Version: 1.0;
Content-type: multipart/mixed; boundary="--XXTEEmuIaR"
The header...
Return-Path: <d.huebenthal@itex.de>
Received: from mail-01.my-domain.com (LHLO mail-01.my-domain.com)
(172.16.0.6) by mail-01.my-domain.com with LMTP; Sun, 6 Aug 2023 04:46:48
+0100 (WEST)
Received: from localhost (localhost [127.0.0.1])
by mail-01.my-domain.com (Postfix) with ESMTP id 537A3200E72E3
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:46:48 +0100 (WEST)
X-Virus-Scanned: amavisd-new at my-domain.com
X-Spam-Flag: NO
X-Spam-Score: 3.991
X-Spam-Level: ***
X-Spam-Status: No, score=3.991 required=6.6 tests=[BAYES_50=0.8,
BITCOIN_SPAM_07=0.001, BOGUS_MIME_VERSION=1, FROM_EXCESS_BASE64=0.001,
HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001,
PDS_BTC_ID=0.467, RCVD_IN_MSPIKE_BL=0.001, RCVD_IN_MSPIKE_L4=0.001,
RCVD_IN_SORBS_DUL=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001,
SPF_SOFTFAIL=0.665, T_TVD_MIME_NO_HEADERS=0.01]
autolearn=no autolearn_force=no
Received: from mail-01.my-domain.com ([127.0.0.1])
by localhost (mail-01.my-domain.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 3RlJNAYwMTOv for <user.u.name@my-domain.com>;
Sun, 6 Aug 2023 04:46:47 +0100 (WEST)
Received: from mail.my-domain.com (unknown [10.10.192.5])
by mail-01.my-domain.com (Postfix) with ESMTPS id DA04F200DCB67
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:46:47 +0100 (WEST)
Received: from mail.my-domain.com (localhost [127.0.0.1])
by mail.my-domain.com (Proxmox) with ESMTP id 679BF100131
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:46:47 +0100 (WEST)
Received-SPF: pass (itex.de: 92.205.55.226 is authorized to use 'd.huebenthal@itex.de' in 'mfrom' identity (mechanism 'a' matched)) receiver=mail.my-domain.com; identity=mailfrom; envelope-from="d.huebenthal@itex.de"; helo=sh20212.ispgateway.de; client-ip=92.205.55.226
Received: from sh20212.ispgateway.de (sh20212.ispgateway.de [92.205.55.226])
by mail.my-domain.com (Proxmox) with ESMTPS id 67EAA1000F0
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:46:45 +0100 (WEST)
Received: from sh20212.ispgateway.de (php73.df_default [IPv6:fd00:dead:beef::a])
by sh20212.ispgateway.de (Postfix) with ESMTPS id 1AE79D06D2D0
for <user.u.name@my-domain.com>; Sun, 6 Aug 2023 04:56:39 +0200 (CEST)
Received: (from 503535@localhost)
by sh20212.ispgateway.de (8.15.2/8.15.2/Submit) id 3762udod1540140;
Sun, 6 Aug 2023 04:56:39 +0200
Date: Sun, 6 Aug 2023 04:56:39 +0200
Message-Id: <202308060256.3762udod1540140@sh20212.ispgateway.de>
X-Authentication-Warning: sh20212.ispgateway.de: 503535 set sender to d.huebenthal@itex.de using -f
To: user.u.name@my-domain.com
Subject: =?UTF-8?B?TsOjbyBwZW5zZSBxdWUgdm9jw6ogw6kgaW50ZWxpZ2VudGU=?=
X-PHP-Originating-Script: 503535:mails.php
From: =?UTF-8?B??= <user.u.name@my-domain.com>
MIME-Version: 1.0;
Content-type: multipart/mixed; boundary="--XXTEEmuIaR"
Last edited:
