asked on
Can someone explain me how to block this king of spam please
It's a spam that came from outside but look like it was send by a user in our domain to another user from our domain
Received: from MYSERVEREXCHANGE.mydomain.
MYSERVEREXCHANGE.mydomain.
(TLS) id 15.0.1076.9 via Mailbox Transport; Tue, 23 Aug 2016 13:53:35 -0400
Received: from MYSERVEREXCHANGE.mydomain.
MYSERVEREXCHANGE.mydomain.
(TLS) id 15.0.1076.9; Tue, 23 Aug 2016 13:53:35 -0400
Received: from mail.mydomain.ca (192.168.xx.xx) by MYSERVEREXCHANGE
(192.168.xx.xx) with Microsoft SMTP Server id 15.0.1076.9 via Frontend
Transport; Tue, 23 Aug 2016 13:53:35 -0400
Received: from localhost (localhost [127.0.0.1])
by mail.mydomain.ca (Postfix) with ESMTP id 56D127B81B2
for <accueil@mydomain.ca>; Tue, 23 Aug 2016 13:53:35 -0400 (EDT)
X-MTA-CheckPoint: {57BC8D9F-0-562A8C0-4A0207
X-Control-Analysis: str=0001.0A0B0202.57BC8D9F
Received: from p3plwbeout10-04.prod.phx3.
by mail.mydomain.ca (Postfix) with ESMTP id 2F0977B81A4
for <accueil@mydomain.ca>; Tue, 23 Aug 2016 13:53:35 -0400 (EDT)
Received: from localhost ([97.74.135.154])
by p3plwbeout10-04.prod.phx3.
id ahta1t0013L2auR01htaKy; Tue, 23 Aug 2016 10:53:34 -0700
X-SID: ahta1t0013L2auR01
Received: (qmail 15479 invoked by uid 99); 23 Aug 2016 17:53:34 -0000
Content-Transfer-Encoding:
Content-Type: text/html; charset="utf-8"
X-Originating-IP: 192.64.7.98
User-Agent: Workspace Webmail 6.4.6
Message-ID: <20160823105332.e1852152ce
From: " firstname lastname" <firstname.lastname@mydoma
X-Sender: info@objectifsurveillance.
Reply-To: " firstname lastname" <chiefexecutiveoficer@aol.
To: <accueil@mydomain.ca>
Subject: Bonjour
Date: Tue, 23 Aug 2016 10:53:32 -0700
MIME-Version: 1.0
Return-Path: info@objectifsurveillance.
X-MS-Exchange-Organization
X-MS-Exchange-Organization
Received-SPF: Fail (MYSERVEREXCHANGE.mydomain
firstname.lastname@mydomai
sender) receiver=MYSERVEREXCHANGE.
client-ip=192.168.xx.xx; helo=mail.mydomain.ca;
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
And second
Why these kind of porn spam is not block :)
Received: from MYSERVEREXCHANGE.mydomain.
MYSERVEREXCHANGE.mydomain.
(TLS) id 15.0.1076.9 via Mailbox Transport; Mon, 29 Aug 2016 09:49:29 -0400
Received: from MYSERVEREXCHANGE.mydomain.
MYSERVEREXCHANGE.mydomain.
(TLS) id 15.0.1076.9; Mon, 29 Aug 2016 09:49:29 -0400
Received: from mail.mydomain.ca (192.168.100.253) by MYSERVEREXCHANGE
(192.168.xx.xx) with Microsoft SMTP Server id 15.0.1076.9 via Frontend
Transport; Mon, 29 Aug 2016 09:49:29 -0400
Received: from localhost (localhost [127.0.0.1])
by mail.mydomain.ca (Postfix) with ESMTP id 285BB7F0670
for <firstname.lastname@mydoma
X-MTA-CheckPoint: {57C43D69-0-462A8C0-386307
X-Control-Analysis: str=0001.0A0B0208.57C43D69
Received: from server77-68-38-173.live-se
by mail.mydomain.ca (Postfix) with ESMTP id DDA987F0672
for <firstname.lastname@mydoma
Received: by server77-68-38-173.live-se
id B29A0E03836; Mon, 29 Aug 2016 14:49:22 +0100 (BST)
To: <firstname.lastname@mydoma
Subject: Watch Me Put My Whole Fist In My Snatch
X-PHP-Originating-Script: 33:footer12.php(1968) : eval()'d code
Date: Mon, 29 Aug 2016 14:49:22 +0100
From: Diane Martin <diane_martin@fguk.eu>
Message-ID: <6bb3402c9fe12eff2f5b0483e
X-Priority: 3
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_6bb3402c9fe12
Content-Transfer-Encoding:
Return-Path: diane_martin@fguk.eu
X-MS-Exchange-Organization
X-MS-Exchange-Organization
Received-SPF: None (MYSERVEREXCHANGE.mydomain
does not designate permitted sender hosts)
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
None;OrigIP:192.168.100.25
X-MS-Exchange-Organization
X-MS-Exchange-Organization
Thanks for your help
It's a spam that came from outside but look like it was send by a user in our domain to another user from our domain
Received: from MYSERVEREXCHANGE.mydomain.
MYSERVEREXCHANGE.mydomain.
(TLS) id 15.0.1076.9 via Mailbox Transport; Tue, 23 Aug 2016 13:53:35 -0400
Received: from MYSERVEREXCHANGE.mydomain.
MYSERVEREXCHANGE.mydomain.
(TLS) id 15.0.1076.9; Tue, 23 Aug 2016 13:53:35 -0400
Received: from mail.mydomain.ca (192.168.xx.xx) by MYSERVEREXCHANGE
(192.168.xx.xx) with Microsoft SMTP Server id 15.0.1076.9 via Frontend
Transport; Tue, 23 Aug 2016 13:53:35 -0400
Received: from localhost (localhost [127.0.0.1])
by mail.mydomain.ca (Postfix) with ESMTP id 56D127B81B2
for <accueil@mydomain.ca>; Tue, 23 Aug 2016 13:53:35 -0400 (EDT)
X-MTA-CheckPoint: {57BC8D9F-0-562A8C0-4A0207
X-Control-Analysis: str=0001.0A0B0202.57BC8D9F
Received: from p3plwbeout10-04.prod.phx3.
by mail.mydomain.ca (Postfix) with ESMTP id 2F0977B81A4
for <accueil@mydomain.ca>; Tue, 23 Aug 2016 13:53:35 -0400 (EDT)
Received: from localhost ([97.74.135.154])
by p3plwbeout10-04.prod.phx3.
id ahta1t0013L2auR01htaKy; Tue, 23 Aug 2016 10:53:34 -0700
X-SID: ahta1t0013L2auR01
Received: (qmail 15479 invoked by uid 99); 23 Aug 2016 17:53:34 -0000
Content-Transfer-Encoding:
Content-Type: text/html; charset="utf-8"
X-Originating-IP: 192.64.7.98
User-Agent: Workspace Webmail 6.4.6
Message-ID: <20160823105332.e1852152ce
From: " firstname lastname" <firstname.lastname@mydoma
X-Sender: info@objectifsurveillance.
Reply-To: " firstname lastname" <chiefexecutiveoficer@aol.
To: <accueil@mydomain.ca>
Subject: Bonjour
Date: Tue, 23 Aug 2016 10:53:32 -0700
MIME-Version: 1.0
Return-Path: info@objectifsurveillance.
X-MS-Exchange-Organization
X-MS-Exchange-Organization
Received-SPF: Fail (MYSERVEREXCHANGE.mydomain
firstname.lastname@mydomai
sender) receiver=MYSERVEREXCHANGE.
client-ip=192.168.xx.xx; helo=mail.mydomain.ca;
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
And second
Why these kind of porn spam is not block :)
Received: from MYSERVEREXCHANGE.mydomain.
MYSERVEREXCHANGE.mydomain.
(TLS) id 15.0.1076.9 via Mailbox Transport; Mon, 29 Aug 2016 09:49:29 -0400
Received: from MYSERVEREXCHANGE.mydomain.
MYSERVEREXCHANGE.mydomain.
(TLS) id 15.0.1076.9; Mon, 29 Aug 2016 09:49:29 -0400
Received: from mail.mydomain.ca (192.168.100.253) by MYSERVEREXCHANGE
(192.168.xx.xx) with Microsoft SMTP Server id 15.0.1076.9 via Frontend
Transport; Mon, 29 Aug 2016 09:49:29 -0400
Received: from localhost (localhost [127.0.0.1])
by mail.mydomain.ca (Postfix) with ESMTP id 285BB7F0670
for <firstname.lastname@mydoma
X-MTA-CheckPoint: {57C43D69-0-462A8C0-386307
X-Control-Analysis: str=0001.0A0B0208.57C43D69
Received: from server77-68-38-173.live-se
by mail.mydomain.ca (Postfix) with ESMTP id DDA987F0672
for <firstname.lastname@mydoma
Received: by server77-68-38-173.live-se
id B29A0E03836; Mon, 29 Aug 2016 14:49:22 +0100 (BST)
To: <firstname.lastname@mydoma
Subject: Watch Me Put My Whole Fist In My Snatch
X-PHP-Originating-Script: 33:footer12.php(1968) : eval()'d code
Date: Mon, 29 Aug 2016 14:49:22 +0100
From: Diane Martin <diane_martin@fguk.eu>
Message-ID: <6bb3402c9fe12eff2f5b0483e
X-Priority: 3
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_6bb3402c9fe12
Content-Transfer-Encoding:
Return-Path: diane_martin@fguk.eu
X-MS-Exchange-Organization
X-MS-Exchange-Organization
Received-SPF: None (MYSERVEREXCHANGE.mydomain
does not designate permitted sender hosts)
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
X-MS-Exchange-Organization
None;OrigIP:192.168.100.25
X-MS-Exchange-Organization
X-MS-Exchange-Organization
Thanks for your help
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 21 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Most Valuable Expert award recognizes technology experts who passionately share their knowledge with the community, demonstrate the core values of this platform, and go the extra mile in all aspects of their contributions. This award is based off of nominations by EE users and experts. Multiple MVEs may be awarded each year.
The Expert of the Year award recognizes an expert who helped improve Experts Exchange in the past year through high levels of contributions and participation on site. This award is given to the expert who has achieved the highest levels of participation, while maintaining quality contributions and professionalism.