Email keeps filling up with Undelivered Mail Returned to Sender

Someone’s keep sending porn emails using my email address, and the return to my email folder saying i sent them and it clogging up my inbox and making the server work out on cpu cause they have pictures attached and they are being clam scanned , 2 days now. this is crazy ! how do I beat this?
i get the errors Undelivered Mail Returned to Sender

can someone please help me figure out how to not have these fill up my inbox? Undelivered Mail Returned to Sender

this may help
https://www.postfix.org/BACKSCATTER_README.html

I just saw at the bottom a note:
Note: these documents haven’t been updated since 2004, so they are useful only as a starting point.
so backup before changes

Make sure your SPF and DMARC is set up and correct in DNS. I think this should cause properly configured mail servers to drop it before accepting it and then bouncing it to you.

Set up SPF with StrictFail (-all) and DKIM immediately. Make sure all legit sending IP’s are represented in SPF.

About 24-48 hours after setting up SPF and DKIM, set up DMARC with pct=100 and p=reject.

After some time (probably months) you can try loosening up the settings a bit. SoftFail (~all) is what I usually use for SPF, and p=quarantine in DMARC. But when I know a user on the virtual server is being spoofed, I use the tighter settings.

Richard

I use an incoming mail server that filters, scans and virus checks all mail before passing it on to Vmin.

I added a really good tool called milter-regex that allows me to block stuff like that - and lot’s of other junk too.

While that server runs on Sendmail, I have read that you can use milter-regex with Postfix.

This is an example of the rules I use.

reject “Unsolicited This user does not accept DSN messages”

envrcpt /username@domain.com/ei and envfrom /^$/
envrcpt /username@domain.com/ei and envfrom /^<>$/
envrcpt /username@domain.com/ei and envfrom /mailer-daemon@/ei

have to dig around see where I can set those as you suggested, thanks guys, still learning, allot…
=),

https://archive.virtualmin.com/node/68798

found where to set the settings for DMARC policy to “reject”.
Server Configuration/DNS Options -

SPF and DKIM, set up DMARC with pct=100 and p=reject

pct? looking for where to make that change

Virtualmin does some of the work for you apart from Dmarc record.

image1843×375 78.5 KB

Info on DKIM
https://www.virtualmin.com/documentation/email/dkim/

DMARC
https://dmarc.org/overview/

SPF

100 is the default and no pct record is 100. That what you need isn’t it, 100% check.

sure, 100 check…still getting these spams blowing up my inbox. after i did the
DMARC policy to “reject”.
Server Configuration/DNS Options -
still trying to figure it out

Screenshot_20230418_2208091196×455 82.2 KB

that was the last 3 minutes

found records for the domain in
Webmin → Servers → Bind DNS Server → Choose domain → Choose type DMARC

dddd1580×459 48.7 KB

right, I use a external DNS so not sure, it has to be in the virtual server, Webmin is global,

thanks, very complicated for me…frustrating…im going to try
Procmail Spam Delivery to throw away now see if it stops sending to inbox =)

nope…still flooding inbox

I’ll delete it, I need to read it more,

Be careful editing procmail as its configured for Virtualmin, as it warns at the top of it config page.

Aslo have you checked your DMARC, SPF and DKIM config at Network Tools: DNS,IP,Email

Stupid me, usermin has filters, you should be able to create a rule for the user account.
https://www.virtualmin.com/documentation/tutorial/how-to-create-email-filter-in-usermin/

[quote=“RJM_Web_Design, post:5, topic:120328”]
SoftFail
[/quote] I been going in and out of the back end to find how to do that, you know how? for that user?

that link says for email filters and i cant find it in the server end of virtualmin…maybe they chaged to to something else?

You know how to get to usermin?