Self sent spam

[Dante78]

Hello

Our clients are complaining that are receiving mails sent by them selves. On the sender it appears their e-mail adress. How can we stop this abuse?

Thanks

 

[Infopro]

In your cPanel > Mail section > Default Address, what is this set to?

 

[Dante78]

In your cPanel > Mail section > Default Address, what is this set to?

Send all unrouted email for:

Current Setting: :fail: No Such User Here


What is the connection between this setting and my issue? :D

 

[Infopro]

If that was set some other way, a spammer could send emails to that user all day long.

Is email authentication enabled?

 

[Dante78]

Hello

I guess i wasn't clear. Sorry for that. I'm trying to say that on a spam mail the sender is the same as the recipient. But the owner of the mail account didn't send that mail. The mail was sent from an external IP.

thanks

 

[storminternet]

Hello

Our clients are complaining that are receiving mails sent by them selves. On the sender it appears their e-mail adress. How can we stop this abuse?

Thanks

Have you scanned all accounts just to ensure there is no malware in any of the accounts or they are not hacked.
Hacked accounts or infected accounts can be one of the reason for the spamming.

 

[mtindor]

It's probably just a spammer forging the FROM address to be the same as the TO address. Pretty darned common. Very hard to block it if the content itself does not appear spammy enough to be ditched by spamassassin. Obviously you can't block the sender address.

On some mail systems you can tell the mailsystem not to accept mail from [email protected] if [email protected] exists, and certainly there would be a way to tell Exim to do the same. The problem is that [email protected] might want to legitimately send mail to themselves, and blocking mail from the user would prevent users from sending mail to themselves. I send email to myself on occasion, and I wouldn't want it blocked. But that leaves you depending upon SpamAssassin (or whatever antispam platform you are using) to be able to distinguish that it is spam based upon its content or the IP address it is coming from.

M