Over the last few months I've seen a lot of spam being generated with the From: address being my own email address.
Any email that uses this seems to just slip through Spamassassign with no problem at all and I have no idea how to block / stop this from happening. (I'm a photographer who likes running their own web / email server - so I'm no SysAdmin wizard!)
I've religously checked that I'm not an "open relay" etc.
Any suggestions at all would be greatly appreciated. Example oh header supplied at end.
Suse 11.1 / Virtualmin GPL / sendmail / spamassassign / razor / dovecot / Apache . his-web-site - just substituded my real domain name.
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on apache-web-server.his-web-site.com
X-Spam-Status: No, score=-90.6 required=3.0 tests=AWL,HTML_IMAGE_RATIO_04, HTML_MESSAGE,MIME_HTML_ONLY,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100, RAZOR2_CHECK,RCVD_IN_PBL,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL, URIBL_SC_SURBL,URIBL_WS_SURBL,URI_HEX,USER_IN_WHITELIST autolearn=no version=3.2.5
Received: from c-151-27.fox.com.br (c-151-27.fox.com.br [188.8.131.52] (may be forged)) by apache-web-server.his-web-site.com (8.14.3/8.14.3/SuSE Linux 0.8) with ESMTP id n6TLrNvQ019285 for email@example.com; Wed, 29 Jul 2009 15:53:24 -0600
Date: Wed, 29 Jul 2009 15:53:23 -0600
From: "Stepnowski Michelina" firstname.lastname@example.org
Subject: Your order details
Content-Type: text/html; charset="utf-8"