postfix+opendkim подпись спуфингового письма

Return-Path: <pavel.kesler@expo-sochi.ru>
Delivered-To: me@mydomain.org
Received: by mail.mydomain.org (Postfix, from userid 115)
	id AF3E0FDE8F; Sun, 17 Feb 2019 02:32:38 +0300 (MSK)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mydomain.org; s=mail;
	t=1550359958; bh=sUf8VWPXX+cYhlkgNOetUuy2AhZpdYo9ZJg8iplVET4=;
	h=Date:Subject:To:From:From;
	b=koiFVqWusT3OSNN0KCEa8/VbK5Np1QbUN1APO0Z+7qtBrszqp56VOfrXtm0Ix7uqz
	 40veaFGcRv+u+onUrKv2xNdDKat5BNmV95G8wgbY3WJ7Ty1+XuAhvbZldYd20gFQDc
	 8yZYGHLVYlZmrKb6J02SLAeA0fsst1A29f612axo=
Received-SPF: None (mailfrom) identity=mailfrom; client-ip=80.250.219.18; helo=mail.expo-sochi.ru; envelope-from=pavel.kesler@expo-sochi.ru; receiver=<UNKNOWN> 
Received: from mail.expo-sochi.ru (unknown [80.250.219.18])
	(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.mydomain.org (Postfix) with ESMTPS id 82777FDE83
	for <me@mydomain.org>; Sun, 17 Feb 2019 02:32:35 +0300 (MSK)
X-Footer: ZXhwby1zb2NoaS5ydQ==
Received: from localhost ([127.0.0.1])
	by mail.expo-sochi.ru with ESMTPSA
	(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256 bits))
	for me@mydomain.org;
	Sun, 17 Feb 2019 02:31:09 +0300
Date: Sun, 17 Feb 2019 00:32:20 +0100
X-aid: 9584699490
Content-Transfer-Encoding: base64
Content-Type: text/plain; charset=UTF-8
X-Mailer: iPad Mail (15G77)
Message-ID: <hlavf5vp3fkl02f0lqddqc1rbghgjj085tya@www.expo-sochi.ru>
Organization: Lkxtmmedgzfpx
X-Sender: pavel.kesler@expo-sochi.ru
Subject: mail
To: me@mydomain.org
Errors-To: security@expo-sochi.ru
X-Complaints-To: <abuse@mail.expo-sochi.ru>
From: <me@mydomain.org>

Feb 19 00:51:40 mail postfix/smtpd[21759]: connect from mail.test.ru[0.0.0.0]
Feb 19 00:51:41 mail policyd-spf[21765]: prepend Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=0.0.0.0; helo=mail.test.ru; envelope-from=root@test.ru; receiver=<UNKNOWN>
Feb 19 00:51:41 mail postfix/smtpd[21759]: 4C620EC130: client=mail.test.ru[0.0.0.0]
Feb 19 00:51:41 mail postfix/cleanup[21766]: 4C620EC130: message-id=<20190218215102.A16B5607F5B@mail.test.ru>
Feb 19 00:51:41 mail opendkim[21564]: 4C620EC130: mail.test.ru [0.0.0.0] not internal
Feb 19 00:51:41 mail opendkim[21564]: 4C620EC130: not authenticated
Feb 19 00:51:41 mail opendkim[21564]: 4C620EC130: no signature data
Feb 19 00:51:41 mail postfix/qmgr[21314]: 4C620EC130: from=<root@test.ru>, size=746, nrcpt=1 (queue active)
Feb 19 00:51:41 mail spamd[20702]: spamd: connection from ::1 [::1]:47136 to port 783, fd 5
Feb 19 00:51:41 mail spamd[20702]: spamd: setuid to debian-spamd succeeded
Feb 19 00:51:41 mail spamd[20702]: spamd: creating default_prefs: /var/lib/spamassassin/.spamassassin/user_prefs
Feb 19 00:51:41 mail spamd[20702]: spamd: processing message <20190218215102.A16B5607F5B@mail.test.ru> for debian-spamd:115
Feb 19 00:51:41 mail postfix/smtpd[21759]: disconnect from mail.test.ru[0.0.0.0] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Feb 19 00:51:41 mail spamd[20702]: spamd: clean message (1.1/3.0) for debian-spamd:115 in 0.5 seconds, 696 bytes.
Feb 19 00:51:41 mail spamd[20702]: spamd: result: . 1 - DKIM_ADSP_ALL,RCVD_IN_DNSWL_NONE,SPF_PASS scantime=0.5,size=696,user=debian-spamd,uid=115,required_score=3.0,rhost=::1,raddr=::1,rport=47136,mid=<20190218215102.A16B5607F5B@mail.test.ru>,autolearn=no autolearn_force=no
Feb 19 00:51:41 mail postfix/pickup[21313]: E79C8ED2A6: uid=115 from=<root@test.ru>
Feb 19 00:51:41 mail postfix/pipe[21767]: 4C620EC130: to=<me@mydomain.org>, relay=spamassassin, delay=1.3, delays=0.77/0.02/0/0.52, dsn=2.0.0, status=sent (delivered via spamassassin service)
Feb 19 00:51:41 mail postfix/qmgr[21314]: 4C620EC130: removed
Feb 19 00:51:41 mail postfix/cleanup[21766]: E79C8ED2A6: message-id=<20190218215102.A16B5607F5B@mail.test.ru>
Feb 19 00:51:41 mail opendkim[21564]: E79C8ED2A6: DKIM-Signature field added (s=mail, d=mydomain.org)
Feb 19 00:51:41 mail spamd[20701]: prefork: child states: II
Feb 19 00:51:42 mail postfix/qmgr[21314]: E79C8ED2A6: from=<root@test.ru>, size=1080, nrcpt=1 (queue active)
Feb 19 00:51:42 mail postfix/qmgr[21314]: E79C8ED2A6: removed

milter_default_action = accept
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

smtpd_client_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 check_client_access hash:/etc/postfix/whitelist  
 warn_if_reject reject_unknown_client_hostname
 reject_rbl_client bl.spamcop.net
 reject_rbl_client zen.spamhaus.org
 permit
 
smtpd_helo_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 check_helo_access pcre:/etc/postfix/checks/helo_checks.pcre
 reject_invalid_helo_hostname
 reject_unknown_helo_hostname
 reject_non_fqdn_helo_hostname
 warn_if_reject reject_unknown_helo_hostname
 permit
 
smtpd_sender_restrictions =
 permit_mynetworks
 reject_non_fqdn_sender
 reject_unknown_sender_domain
 reject_sender_login_mismatch
 permit_sasl_authenticated
 permit
 
smtpd_recipient_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 reject_unauth_pipelining
 reject_non_fqdn_recipient
 reject_unknown_recipient_domain
 reject_unauth_destination
 check_policy_service unix:private/policy-spf
 reject_unlisted_recipient
 check_sender_access pcre:/etc/postfix/checks/sender_checks.pcre
 permit
 
smtpd_data_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 reject_unauth_pipelining
 permit
 
smtpd_end_of_data_restrictions =
 permit_mynetworks
 permit_sasl_authenticated
 reject_multi_recipient_bounce
 permit

Syslog			yes
KeyTable		file:/etc/postfix/dkim/keytable
SigningTable		file:/etc/postfix/dkim/signingtable
SubDomains              yes
LogWhy yes
SyslogSuccess	yes
Canonicalization        relaxed/simple
Mode                    sv
Socket                  inet:8891@localhost
ReportAddress           postmaster@mydomain.org
SendReports             yes
PidFile               /var/run/opendkim/opendkim.pid
UserID                opendkim