hi friends,
As per Uxbod suggestion
SPAM sourced from virtual domain user to same user
i have done following...
su - zimbra
Create a file under /opt/zimbra/conf called spoofprotection with the following content
mydomain.com REJECT we never email ourself from outside so go away!
then Zimbra needs to know to look at it so we need to change /opt/zimbra/conf/postfix_recipient_restrictions.cf and add
check_sender_access hash:/etc/postfix/spoofprotection
this need to go after the permit_mynetworks so the file looks like
reject_non_fqdn_recipient
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
reject_unlisted_recipient
check_sender_access hash:/opt/zimbra/conf/spoofprotection
%%contains VAR:zimbraMtaRestriction reject_invalid_hostname%%
postfix reload
but i am still gettings such SPAM bellow is sample SPAM
Return-Path:
yangonnw24@roviss.com
Received: from mail.mydomain.com (LHLO
mail.mydomain.com) (192.168.0.200) by
mail.mydomain.com with LMTP; Mon, 12 Jul 2010 22:42:45 +0530
(IST)
Received: from localhost (localhost.localdomain [127.0.0.1])
by mail.mydomain.com (Postfix) with ESMTP id 096C4167800D;
Mon, 12 Jul 2010 22:42:45 +0530 (IST)
X-DSPAM-Result: Innocent
X-DSPAM-Class: Innocent
X-DSPAM-Confidence: 1.00
X-DSPAM-Probability: 0.0023
X-DSPAM-Signature: N/A
X-Virus-Scanned: amavisd-new at mydomain.com
X-Spam-Flag: NO
X-Spam-Score: 1.53
X-Spam-Level: *
X-Spam-Status: No, score=1.53 tagged_above=-10 required=6.6
tests=[BAYES_50=0.001, FH_HELO_EQ_D_D_D_D=0.001,
FORGED_OUTLOOK_TAGS=0.001, HELO_DYNAMIC_IPADDR=2.426,
HTML_MESSAGE=0.001, RDNS_DYNAMIC=0.1, DSPAM:Innocent=-1.000]
autolearn=no
Received: from mail.mydomain.com ([127.0.0.1])
by localhost (mail.mydomain.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id WZo0XLfExvUd; Mon, 12 Jul 2010 22:42:43 +0530 (IST)
Received: from pppoe-188-187-16-198.volgograd.ertelecom.ru (pppoe-188-187-16-198.volgograd.ertelecom.ru [188.187.16.198])
by mail.mydomain.com (Postfix) with ESMTP id F16F01678003;
Mon, 12 Jul 2010 22:42:40 +0530 (IST)
Received: from 188.187.16.198 by roviss.com; Mon, 12 Jul 2010 21:09:39 +0300
Message-ID: <000d01cb21e5$03790000$6400a8c0@yangonnw24>
From: "123greetings.com" <maninagar@mydomain.com>
To: <maninagar@mydomain.com>
Subject: You have received an Greeting eCard
Date: Mon, 12 Jul 2010 21:09:39 +0300
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0006_01CB21E5.03790000"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
This is a multi-part message in MIME format.
------=_NextPart_000_0006_01CB21E5.03790000
Content-Type: text/plain;
format=flowed;
charset="Windows-1252";
reply-type=original
Content-Transfer-Encoding: 7bit
Good day.
You have received an eCard
To pick up your eCard, open attached file.
Your card will be aviailable for pick-up beginning for the next 30 days.
Please be sure to view your eCard before the days are up!
We hope you enjoy you eCard.
Thank You!
------=_NextPart_000_0006_01CB21E5.03790000
Content-Type: text/html;
name="ecard.html"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="ecard.html"
How can i stop such SPAM mail?
Bugzilla
Wiki
Source
how to stop SPAM which having FROM address of my domain 
Linear Mode
