Author Topic: zombie attack target email account  (Read 1561 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
zombie attack target email account
« on: May 25, 2023, 06:48:30 PM »
Help please

a single email account is receiving around 30 to 50 emails from Undelivered Mail Returned to Sender
FROM: <MAILER-DAEMON@server.xxxxxxxxxxxx.xxx.xxx> TO: <xxxxxxxxx@xxxxxxxxxxxxxxx.xxxx.xxxx>
from different recipients.
but the email is not being used for sending, I believe it is a zombie attack, how to prevent sending emails using your email outside the server?

https://suporte.hostgator.com.br/hc/pt-br/articles/360015544414-O-que-é-um-ataque-de-e-mail-spoofing-
« Last Edit: May 25, 2023, 06:59:12 PM by djfininho »

Offline
*****
Re: zombie attack target email account
« Reply #1 on: May 26, 2023, 01:00:08 AM »
Are your SPF and DMARC DNS records set up properly to restrict sending to your own domain and server IP address?

Offline
*
Re: zombie attack target email account
« Reply #2 on: May 27, 2023, 11:55:56 AM »
Are your SPF and DMARC DNS records set up properly to restrict sending to your own domain and server IP address?

hello overseer

Yes they are configured and validated

Offline
*****
Re: zombie attack target email account
« Reply #3 on: May 27, 2023, 05:17:15 PM »
And have you hardened your postfix installation to prevent relaying? Pay particular attention to the $mynetworks and $relay_domains directives. Do you have UCE controls properly implemented in Postfix? Don't trust the defaults -- they are just a starting point. You should be much more restrictive than what CWP provides as an initial basis.

Offline
*
Re: zombie attack target email account
« Reply #4 on: May 29, 2023, 07:37:17 PM »
And have you hardened your postfix installation to prevent relaying? Pay particular attention to the $mynetworks and $relay_domains directives. Do you have UCE controls properly implemented in Postfix? Don't trust the defaults -- they are just a starting point. You should be much more restrictive than what CWP provides as an initial basis.


Hello overseer.

Yes yes, and I am also monitoring more often.

Thank you for your attention.