SPAM emails from my own Domain


I have a question, we are using NethServer as our primary mail server. Everything was working perfectly but from the past few days, I am receiving SPAM emails from my own domain.

Even though I already implemented SPF, DKIM, & DMARC for my domain. Is there any way to block such SPAM emails?

I am very thankful to you.

Kind Regards,



AFAIK, no. No mail server will block it’s own legit user from sending a mail to themself.
It “sees” that as internal.

After all, it could be you sending it from a mobile phone to your PC at the office…

Usually, they stop within 1-2 weeks…

My 2 cents

Hi @Andy_Wismer,

Thank you for your quick reply, when I inspect the header of the email it came from another server.

Received: from ( [])
by (Postfix) with ESMTPS id 68798CCCF56F
for; Thu, 25 Nov 2021 15:37:20 +0100 (CET)
Received: from ( [])
by (Postfix) with ESMTP id 2A0BD3F1D80
for; Thu, 25 Nov 2021 08:37:06 -0600 (CST)
Received: from ([])
by cmsmtp with SMTP
id qFs2mvxW5zD3VqFs2msOM6; Thu, 25 Nov 2021 08:37:06 -0600
X-Authority-Reason: nr=8
Received: from [] (port=51490
by with esmtpa (Exim 4.94.2)
id 1mqFs1-002Fca-VS
for; Thu, 25 Nov 2021 11:37:06 -0300
Date: Thu, 25 Nov 2021 09:37:05 -0500
From: Jan
Reply-To: Jan
Subject: Dringende Anfrage_
X-Priority: 3
X-Mailer: PHPMailer ( [version ]
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=“iso-8859-1”
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-BWhitelist: no
X-Source-L: No
X-Exim-ID: 1mqFs1-002Fca-VS
X-Source-Sender: ( []:51490
X-Email-Count: 87
X-Source-Cap: Y2VudHIzMzk7Y2VudHIzMzk7YnIxMDE2Lmhvc3RnYXRvci5jb20uYnI=
X-Local-Domain: no
X-Rspamd-Queue-Id: 68798CCCF56F
X-Spamd-Result: default: False [0.00 / 20.00];
ASN(0.00)[asn:46606, ipnet:, country:US];
X-Rspamd-Pre-Result: action=no action;


Haben Sie eine Minute? Ich brauche Sie, um eine Aufgabe

f�r mich diskret abzuschlie�en.

P.S: Ich bin jetzt in einer Besprechung und kann nicht

sprechen, also antworte einfach.


Any way to stop stupid spoofed SPAM emails?.

Kind Regards,


You can use your firewall to block that whole subnet from accessing smtp on your server…

Or are you expecting russian, brasilian or other “funny” mail? :slight_smile:

Are you sure that your mail server isn’t acting as a open relay just to be sure go to do a “test email server” test

An experience. With some hints, considerations, side info.

1 Like

Hi @Shane_Treweek,

thank you for your message, I just find out that the “allow relay from trusted Network” was check marked. now I unchecked it.

1 Like

Hopefully should solve the issue

I hope so as well.

IMHO you should also check mark Enforce sender/login match and unchek Enable authentication on port 25. MUA should use only submission port (587)


I have another question, in the email filter tab do I need to whitelist my domain?
Allow from ==>

Kind Regards,

No I don’t believe so I know (at least on my nethserver) I don’t have mine whitelisted I’m fairly certain (and I may be completely wrong on this) if the nethserver your using as your mail server is the default mail server it treats itself as trusted unless you’ve blocked it in firewall by which case you wouldn’t be getting any messages let alone spam also if you mean by the first option on the above screenshot thats for allowing mail sent via ip not fqdn so lets say you had a static ip of which pointed to and you had say as a mailserver but wanted the mail server to be rather than

Okay Good to know, now I removed my own domain from whilisting. I am quite sure it will solve the SPAM emails problem.

BTW again thank you for your quick response.

Kind Regards,

1 Like

No problem happy to help

1 Like

Please, as a rule of thumb. Be confident, but check. A lot. Consider to install, if not already there, Fail2Ban.

And if the SPAM flow is arrested, go hunt the “bad spammer boy” into your network.


I think there is a postfix setting in that you can set that will only accept emails that are valid.

I suggest you look at the postfix docs regarding and “mydestination” setting.

1 Like

It almost seems like ghoulish gore here…

I’m just wondering why the localhost wasn’t trusted alone

Make sure your DKIM, SPF and Dmarc are all working correctly. This was happening to me, and even though I had all 3 of them set up, they wer not set up correctly.
Test your set up, by sending an email to and you will get immediate diagnostics.

Hope that helps.