主题: 最近被新类型的信件(广告,病毒 都有) 给搞惨了
最近被以下这一类型的信件(广告,病毒 都有) 给搞惨了
mail header 如下.
X-Virus-Scanned: amavisd-new at 我的邮件网域名称.ltd
Authentication-Results: 我的邮件网域名称.ltd (amavisd-new); dkim=pass (2048-bit key)
header.d=f.xxx.com
Received: from 我的邮件网域名称.ltd ([127.0.0.1])
by localhost (我的邮件网域名称.ltd [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id QKqrNPDJwAkv for <bruce@我的邮件网域名称.ltd>;
Tue, 20 Nov 2018 18:33:48 +0800 (CST)
X-Original-Helo: srv.xxx.xxx
Received: from srv.xxx.xxx (unknown [49.50.x.x])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by 我的邮件网域名称.ltd (iRedMail: http://www.iredmail.org/) with ESMTPS id 190701A0ED4
for <bruce@我的邮件网域名称.ltd>; Tue, 20 Nov 2018 10:33:45 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=f.xxx.com
; s=default; h=Content-Type:MIME-Version:Subject:Message-ID:To:From:Date:
Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive;
bh=oeKpNXzelCcu0Pa2JZ/kEccBY9jBf7XUbeiA+zDBB0Y=; b=ZPlhjtkzYLHgdoqK7HlWnbgDHA
GeQrNUQTlDBhLF1T+LxZRf5Np9zkr6tXGrhikSmT0qaCQcYFtGOu6dLdwmYF6eqNMqXRHBug24vKu
kht7/9BF9XWeaVcy51TFG9DuMjQLP3D+nBv57Gin2PCv7C4MpYf9Mgp8SFvJuA9++s1mcPx9WonWC
b9JxOQnDgokuP1qM9GGvclyUiJzYNZwY7fdfNfYF8Oic1+J+DNYOIgnHQgLWeSWvdXQ+RZZFEgk5g
l5YeJq79kyW/5YmqMJUTlupc6ZDqVocFWvHxMb7JjegGkRW45bbqYPRERYfLzL+sJrK9qi61EX18v
L237kRFw==;
Received: from 59-124-x-x.xxx.xxx.net ([59.124.x.x]:22194 helo=10.8.9.10)
by srv.xxx.xxx with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.91)
(envelope-from <nafees.ahmad@f.xxx.com>)
id 1gP3LI-000RCM-RQ
for bruce@我的邮件网域名称.ltd; Tue, 20 Nov 2018 16:03:17 +0530
Date: Tue, 20 Nov 2018 02:33:21 -0800
From: Boss <boss@我的邮件网域名称.ltd> <nafees.ahmad@f.xxx.com>
To: bruce@我的邮件网域名称.ltd
Message-ID: <10343280482126316992.119B469581C5721A@我的邮件网域名称.ltd>
亮点在 From 的格式, 系统会抓到实际发信者nafees.ahmad@f.xxx.com , 所以不会被判断成是本机的寄件者(boss@我的邮件网域名称)发信,
但收件者端的收件者,收信软体(Outlook)上却是显示Boss <boss@我的邮件网域名称> . 让收件者以为是自己内部的人寄来的信..
另类的伪造内部寄件者发信,请问这有办法阻挡或是过滤吗?
系统为: iRedMail 0.7.3
以上,感谢!