that's a week that many accounts on my zimbra servers (all 8.8.9 patch4) receive spam email from his address.
for example test@example.org receive a spam email from test.example.org (but from a different ip address):
that's source of email :
Code: Select all
Return-Path: <test@example.org>
Received: from mail.example.org (LHLO mail.example.org)
(192.168.3.190) by mail.example.org with LMTP; Tue, 25 Sep 2018
14:35:28 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
by mail.example.org (Postfix) with ESMTP id 1D6196C6DC7
for <test@example.org>; Tue, 25 Sep 2018 14:35:28 +0200 (CEST)
X-Virus-Scanned: amavisd-new at example.org
X-Spam-Flag: NO
X-Spam-Score: 5.949
X-Spam-Level: *****
X-Spam-Status: No, score=5.949 required=6.6 tests=[BAYES_00=-1.9,
DATE_IN_FUTURE_06_12=1.947, HTML_MESSAGE=0.001,
RCVD_IN_BRBL_LASTEXT=1.449, RCVD_IN_RP_RNBL=1.31,
RCVD_IN_SORBS_DUL=0.001, RDNS_NONE=0.793, SPF_NEUTRAL=0.779,
URIBL_BLOCKED=0.001, XPRIO=1.568] autolearn=no autolearn_force=no
Received: from mail.example.org ([127.0.0.1])
by localhost (mail.example.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id xpXi16HYCyrx for <test@example.org>;
Tue, 25 Sep 2018 14:35:27 +0200 (CEST)
Received: from [123.21.101.9] (unknown [123.21.101.9])
by mail.example.org (Postfix) with ESMTP id 214B76C6DC6
for <test@example.org>; Tue, 25 Sep 2018 14:35:27 +0200 (CEST)
that's mynetworks
Code: Select all
[zimbra@mail ~]$ postconf mynetworks
mynetworks = 127.0.0.0/8 [::1]/128 192.168.3.0/24 185.95.212.73/32
Thanks