On Tue, 9 Jul 2019, @lbutlr wrote:
> On 9 Jul 2019, at 10:25,
[hidden email] wrote:
>> I am facing a problem that someone is spoofing my domain address and sending emails to my own domain users.
>
> Why are you accepting remote mail claiming to come from your server?
There are lots of things that will violate this. Mailing lists,
link-sharing services, people with an incorrect mail client configuration
(i.e. they have a From set for domain X, but send via SMTP server Y).
That said, turning on DKIM lockdown mode and saying "sorry, SPF is strict
for my own domain" is the right answer here. When your users complain,
whitelist them. Notify them in advance. Tell them the (true) story that
other people like gmail and whatnot are also filtering on this.
This may not be fully a postfix answer. DKIM/SPF fail can be used as a
scoring metric in many spam filters. And if they're doing things like
spoofing MUAs you've never used, or email addresses you don't use, that's
usable too.
Best,
-Dan
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
FB: fb.com/DanielMahoneyIV
LI: linkedin.com/in/gushi
Site:
http://www.gushi.org---------------------------