1
I am running IBM Lotus Domino Email Server with Symantec Premium Antispam.
From past few days, I am receiving SPAM emails that pretend to coming from my own email address. example my email is JOHN@MYCOMPANY.COM , and in my inbox, i see spam email coming from JOHN@MYCOMPANY.COM. (and in header different ips or domains showed, subject is different everytime , see below code)
how can I prevent such spam emails. as sometimes they contains harmful .docm or sometimes it shows advertisements.
Following is full header.
Received: from dhcp-192-214-94.in2cable.com ([127.0.0.1])
by agpinf01.agp1 (Lotus Domino Release 8.5.3FP6)
with ESMTP id 2016070704200181-116326 ;
Thu, 7 Jul 2016 04:20:01 +0500
Message-ID: <454418365439223099674707@MYCOMPANY.COM>
From: <MYUSER@MYCOMPANY.COM>
To: <MYUSER@MYCOMPANY.COM>
Subject: Greetings
Date: 7 Jul 2016 08:35:58 +0400
MIME-Version: 1.0
X-Mailer: Sblyue uphckcv
X-MIMETrack: Itemize by SMTP Server on agpinf01/AGP(Release 8.5.3FP6|November 21, 2013) at
07/07/2016 04:20:01 AM,
Serialize by Notes Client on syed jahanzaib/MYCOMAPNY(Release 8.5.3FP6|November
22, 2013) at 07/12/2016 08:57:32 AM,
Serialize complete at 07/12/2016 08:57:32 AM
X-TNEFEvaluated: 1
Content-type: multipart/alternative;
boundary="---8D7023F9ECDEAA36CB98425765118D70"
This is a multi-part message in MIME format.
-----8D7023F9ECDEAA36CB98425765118D70
Content-transfer-encoding: quoted-printable
Content-type: text/plain;
charset="cp-850"
Salutation
Let me present to you one of the largest worldwide enterprises where I =
work as a permanent manager of HR department.
Our company is well known in various fields as follows:
- real estate
- companies setting-up and winding-up
- supporting business in Europe and other countries=20
- etc.
We need employees:
- payment $5000 + bonus
- 1 - 2 working hours per day
- free timetable=20
If you are interested in this job please=20
visit our web page.
-----8D7023F9ECDEAA36CB98425765118D70
Content-transfer-encoding: quoted-printable
Content-type: text/html;
charset="cp-850"
<html><head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dcp-850"></head>
<body>Salutation<br><br>
Let me present to you one of the largest worldwide enterprises where I =
work as a permanent manager of HR department.<br><br>
<b>Our company is well known in various fields as follows:</b><br>=20
- real estate<br>- companies setting-up and winding-up<br>- supporting =
business in Europe and other countries <br>- etc.
<br><br>
<b>We need employees:</b><br>
- payment $5000 + bonus<br>
- 1 - 2 working hours per day<br>
- free timetable <br><br>
If you are interested in this job please <a =
href=3D"http://luixbeltzamoda.gestiondatos.com/cache/smarty/cache/blockne=
wproducts_tab/20160213/1/1/1/6/16/"><b>visit our web page</b></a>.
</body></html>
-----8D7023F9ECDEAA36CB98425765118D70--
Who manages your email gateway? They will be able to address this. – Paul – 2016-07-12T04:24:05.083
Email gateway? means email server? its resides in my office physically and connected to the internet via fiber line using FIX ip. i manage my email server myself. – Syed Jahanzaib – 2016-07-12T04:28:47.307
1Oh great. Does email get directly delivered to your email server? If so, do you have SPF or DKIM set up? – Paul – 2016-07-12T06:13:31.417
My domain is MYCOMPANY.COM which is hosted by hosting comapny , they pointed @/www to my fix public ip which is then configured in my email server. Exmaple: WWW > 1.2.3.4 @ + mail.mycompany.com > 5.6.7.8 (which is my email server
Email directly gets delivered to my email server. So when our user sends email to outer world, other party sees user@mycompany.com in there FROM tab. So what would be the SPF record?for my domain?
Something "v=spf1 a:MYCOMPANY.COM -all" – Syed Jahanzaib – 2016-07-12T06:28:31.837
Some reading here http://lifehacker.com/how-spammers-spoof-your-email-address-and-how-to-prote-1579478914
– Vojtěch Dohnal – 2016-07-12T07:24:48.550Something like
v=spf1 a:mailserver.MYCOMPANY.COM -all
should be more appropriate, it points to A record, so it is a host name. – Vojtěch Dohnal – 2016-07-12T08:01:16.213