Email phishing

4 posts / 0 new
Last post
#1 Thu, 10/24/2019 - 05:15
karolis_

Email phishing

Hello.

We are using virtualmin as our email server. Everything works perfectly and fine, we love it, but we are getting to much spam mail from our domain name. For e.g. Im getting email from myself with letter that contain some spam or url to virus. How can i prevent Email phishing? Or maybe some can give me some more information because im green at this point.

Thu, 10/24/2019 - 06:25
Jfro

Forum guidelines read please? As for example versions.... https://www.virtualmin.com/node/53663

If using postfix you can get a lot of those things solved , by reading the POSTFIX docs themselves for more advanced use.

Also search the web with duckduckgo .

I understand green, but also you have to understand please somewhat more own work readling and searching , otherwise while playing / using Virtualmin and postfix are not for gras green users/admins and therefore i guess to dangerous to use only outof thebox configs without knowing what you have to do to make things more safe.

Thu, 10/24/2019 - 14:28
Dibs

Not withstanding Jfro's comments regarding it not being for grass green users\admins to play with Postfix, in hardening up Postfix I found the following site very useful:

https://www.linuxbabe.com/mail-server/block-email-spam-postfix

I didn't use the Greylisting one.

TOP TIPs:

  • Make copies of your files prior to changes
  • (Ideally) only make one change, reload Postfix config & restart it. Then test to see what effects it has.
  • Then make another change - I don't mean that literally, as in one word of code. use common sense.

I followed most of the things suggested on that link - and spam has almost zeroed over the last month.

You also need to understand the order in which PostFix restrictions clauses are applied - some are best applied when the client (the world) makes a connection and some after.

p.s. AND learn to read & understand the Mail.log - it's your biggest asset in dealing with spam and\or issues.

Fri, 11/01/2019 - 08:29
dimitrist

do mail headers ("Received") show your mail server as originating address? receiving phish from "your email address" is not necessarily coming from your own server.. "From" header can be easily spoofed.. there's SPF, DKIM, DMARC configuration options to prevent this..