Dante78

Well-Known Member
May 1, 2010
59
0
56
Hello

Our clients are complaining that are receiving mails sent by them selves. On the sender it appears their e-mail adress. How can we stop this abuse?

Thanks
 

Dante78

Well-Known Member
May 1, 2010
59
0
56
In your cPanel > Mail section > Default Address, what is this set to?

Send all unrouted email for:

Current Setting: :fail: No Such User Here


What is the connection between this setting and my issue? :D
 

Dante78

Well-Known Member
May 1, 2010
59
0
56
Hello

I guess i wasn't clear. Sorry for that. I'm trying to say that on a spam mail the sender is the same as the recipient. But the owner of the mail account didn't send that mail. The mail was sent from an external IP.

thanks
 

storminternet

Well-Known Member
Nov 2, 2011
460
0
66
cPanel Access Level
Root Administrator
Hello

Our clients are complaining that are receiving mails sent by them selves. On the sender it appears their e-mail adress. How can we stop this abuse?

Thanks
Have you scanned all accounts just to ensure there is no malware in any of the accounts or they are not hacked.
Hacked accounts or infected accounts can be one of the reason for the spamming.
 

mtindor

Well-Known Member
Sep 14, 2004
1,363
65
178
inside a catfish
cPanel Access Level
Root Administrator
It's probably just a spammer forging the FROM address to be the same as the TO address. Pretty darned common. Very hard to block it if the content itself does not appear spammy enough to be ditched by spamassassin. Obviously you can't block the sender address.

On some mail systems you can tell the mailsystem not to accept mail from [email protected] if [email protected] exists, and certainly there would be a way to tell Exim to do the same. The problem is that [email protected] might want to legitimately send mail to themselves, and blocking mail from the user would prevent users from sending mail to themselves. I send email to myself on occasion, and I wouldn't want it blocked. But that leaves you depending upon SpamAssassin (or whatever antispam platform you are using) to be able to distinguish that it is spam based upon its content or the IP address it is coming from.

M