This might help shed some light on it: https://mxbin.io/E65Ds9
I created a catchall temporarily and allowed the email to flow in, so
that I could capture a few bounce emails. They all seem to tell the same
story, though I admittedly haven't spent as much time dissecting that
story as I have the logs.
On 2025-08-19 08:30, Julian Bradfield via mailop wrote:
On 2025-08-19, Benoit Panizzon via mailop <mailop@mailop.org> wrote:
Attacker sets up an free email account with Google or Microsoft and
activates forwarding to probably a couple of dozens 'target' support
email addresses.
I don't understand this. Gmail requires verification from the
forwardee to activate forwarding.
You could do it by pulling the replies from gmail and sending them out
to the target addresses through gmail, but I don't see how to do it
purely with Google's resources.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
