Most ESPs allow forging of arbitrary domains (usually requiring just an email loop verification *to* any address in the domain). It's good for business. Their customers don't understand SPF/DKIM/DMARC, in their defense.
Plus, it's technically a misdeployment for any domain to publish DMARC if it houses users, so all bets are off. But that's a topic for another list. Jesse On Aug 20, 2020 9:57 PM, Philip Paeps via mailop <[email protected]> wrote: On 2020-08-21 00:26:37 (+0800), Brielle via mailop wrote: > Oops, hit the send keybind by accident while trying to paste... Lets > try this again. > > > On 8/19/2020 11:06 PM, Philip Paeps via mailop wrote: >> On 2020-08-18 20:23:37 (+0800), Atro Tossavainen via mailop wrote: >>> The SendGrid account sending these yesterday is 13999362. >> >> The one I've seen most often is 12340469 with 9789821 a close second >> and 8512936 in third place. > > I just started seeing 2019535 this morning. Luckily ClamAV's extra > rules seem to be snagging it. This is clearly a structural problem rather than one rogue customer... Philip -- Philip Paeps Senior Reality Engineer Alternative Enterprises _______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
_______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
