Can someone explain me how to block this king of spam please
It's a spam that came from outside but look like it was send by a user in our domain to another user from our domain
Received: from MYSERVEREXCHANGE.mydomain.ca (192.168.xx.xx) by
MYSERVEREXCHANGE.mydomain.ca (192.168.xx.xx) with Microsoft SMTP Server
(TLS) id 15.0.1076.9 via Mailbox Transport; Tue, 23 Aug 2016 13:53:35 -0400
Received: from MYSERVEREXCHANGE.mydomain.ca (192.168.xx.xx) by
MYSERVEREXCHANGE.mydomain.ca (192.168.xx.xx) with Microsoft SMTP Server
(TLS) id 15.0.1076.9; Tue, 23 Aug 2016 13:53:35 -0400
Received: from mail.mydomain.ca (192.168.xx.xx) by MYSERVEREXCHANGE
(192.168.xx.xx) with Microsoft SMTP Server id 15.0.1076.9 via Frontend
Transport; Tue, 23 Aug 2016 13:53:35 -0400
Received: from localhost (localhost [127.0.0.1])
by mail.mydomain.ca (Postfix) with ESMTP id 56D127B81B2
for <accueil@mydomain.ca>; Tue, 23 Aug 2016 13:53:35 -0400 (EDT)
X-MTA-CheckPoint: {57BC8D9F-0-562A8C0-4A0207B6}
X-Control-Analysis: str=0001.0A0B0202.57BC8D9F.0083,ss=1,re=2.100,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0
Received: from p3plwbeout10-04.prod.phx3.secureserver.net (p3plsmtp10-04-2.prod.phx3.secureserver.net [97.74.135.188])
by mail.mydomain.ca (Postfix) with ESMTP id 2F0977B81A4
for <accueil@mydomain.ca>; Tue, 23 Aug 2016 13:53:35 -0400 (EDT)
Received: from localhost ([97.74.135.154])
by p3plwbeout10-04.prod.phx3.secureserver.net with bizsmtp
id ahta1t0013L2auR01htaKy; Tue, 23 Aug 2016 10:53:34 -0700
X-SID: ahta1t0013L2auR01
Received: (qmail 15479 invoked by uid 99); 23 Aug 2016 17:53:34 -0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset="utf-8"
X-Originating-IP: 192.64.7.98
User-Agent: Workspace Webmail 6.4.6
Message-ID: <20160823105332.e1852152ce3ce8b6263f1dba7a85bb31.cb26e90684.wbe@email10.godaddy.com>
From: " firstname lastname" <firstname.lastname@mydomain.ca>
X-Sender: info@objectifsurveillance.ca
Reply-To: " firstname lastname" <chiefexecutiveoficer@aol.com>
To: <accueil@mydomain.ca>
Subject: Bonjour
Date: Tue, 23 Aug 2016 10:53:32 -0700
MIME-Version: 1.0
Return-Path: info@objectifsurveillance.ca
X-MS-Exchange-Organization-PRD: mydomain.ca
X-MS-Exchange-Organization-SenderIdResult: Fail
Received-SPF: Fail (MYSERVEREXCHANGE.mydomain.ca: domain of
firstname.lastname@mydomain.ca does not designate 192.168.xx.xx as permitted
sender) receiver=MYSERVEREXCHANGE.mydomain.ca;
client-ip=192.168.xx.xx; helo=mail.mydomain.ca;
X-MS-Exchange-Organization-Network-Message-Id: e32d3cd2-b096-4c9c-9430-08d3cb7e67c8
X-MS-Exchange-Organization-Antispam-Report: ContentFilterConfigBypassedSender
X-MS-Exchange-Organization-SCL: -1
X-MS-Exchange-Organization-AuthSource: MYSERVEREXCHANGE.mydomain.ca
X-MS-Exchange-Organization-AuthAs: Anonymous
And second
Why these kind of porn spam is not block :)
Received: from MYSERVEREXCHANGE.mydomain.ca (192.168.xx.xx) by
MYSERVEREXCHANGE.mydomain.ca (192.168.xx.xx) with Microsoft SMTP Server
(TLS) id 15.0.1076.9 via Mailbox Transport; Mon, 29 Aug 2016 09:49:29 -0400
Received: from MYSERVEREXCHANGE.mydomain.ca (192.168.xx.xx) by
MYSERVEREXCHANGE.mydomain.ca (192.168.xx.xx) with Microsoft SMTP Server
(TLS) id 15.0.1076.9; Mon, 29 Aug 2016 09:49:29 -0400
Received: from mail.mydomain.ca (192.168.100.253) by MYSERVEREXCHANGE
(192.168.xx.xx) with Microsoft SMTP Server id 15.0.1076.9 via Frontend
Transport; Mon, 29 Aug 2016 09:49:29 -0400
Received: from localhost (localhost [127.0.0.1])
by mail.mydomain.ca (Postfix) with ESMTP id 285BB7F0670
for <firstname.lastname@mydomain.ca>; Mon, 29 Aug 2016 09:49:29 -0400 (EDT)
X-MTA-CheckPoint: {57C43D69-0-462A8C0-386307B6}
X-Control-Analysis: str=0001.0A0B0208.57C43D69.0071,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0
Received: from server77-68-38-173.live-servers.net (server77-68-38-173.live-servers.net [77.68.38.173])
by mail.mydomain.ca (Postfix) with ESMTP id DDA987F0672
for <firstname.lastname@mydomain.ca>; Mon, 29 Aug 2016 09:49:28 -0400 (EDT)
Received: by server77-68-38-173.live-servers.net (Postfix, from userid 33)
id B29A0E03836; Mon, 29 Aug 2016 14:49:22 +0100 (BST)
To: <firstname.lastname@mydomain.ca>
Subject: Watch Me Put My Whole Fist In My Snatch
X-PHP-Originating-Script: 33:footer12.php(1968) : eval()'d code
Date: Mon, 29 Aug 2016 14:49:22 +0100
From: Diane Martin <diane_martin@fguk.eu>
Message-ID: <6bb3402c9fe12eff2f5b0483ed7be5ae@fguk.eu>
X-Priority: 3
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_6bb3402c9fe12eff2f5b0483ed7be5ae"
Content-Transfer-Encoding: 8bit
Return-Path: diane_martin@fguk.eu
X-MS-Exchange-Organization-PRD: fguk.eu
X-MS-Exchange-Organization-SenderIdResult: None
Received-SPF: None (MYSERVEREXCHANGE.mydomain.ca: diane_martin@fguk.eu
does not designate permitted sender hosts)
X-MS-Exchange-Organization-Network-Message-Id: 8d03c9bb-3393-4bbc-c0d1-08d3d0134c87
X-MS-Exchange-Organization-SCL: 3
X-MS-Exchange-Organization-PCL: 2
X-MS-Exchange-Organization-Antispam-Report: DV:3.3.5705.600;SID:SenderIDStatus
None;OrigIP:192.168.100.253
X-MS-Exchange-Organization-AuthSource: MYSERVEREXCHANGE.mydomain.ca
X-MS-Exchange-Organization-AuthAs: Anonymous
Thanks for your help
We use Mimecast and have been extremely happy with the service.