Am Freitag, 10. Oktober 2025, 18:00:01 UTC+00:00:01 schrieb Michael Peddemors via mailop: > Someone has either a broken bot, or using it for mail server probing.. > Seems like a bot that checks for email servers, then attempts to do > 'username' only password guessing, probably from compromised databases.. To me it seems more like intentional user name estimation + dict and random+dict brute approaches.
i.e. many email operators today use email-like user names or a (primary) email address as the user name, makes it easy to find it for attackers, if the email address is known (for which lot of data sources exist). Where addresses are not known, they create typical address combinations. I saw NO real existing username yet in their traffic to us. > Google should REALLY shut these actors down of course.. In the meantime, > our DRE systems are catching them.. Thankfully the bot operators are > sloppy.. If Google really don't care about a sender reputation going bad (temporarily or longer term - more and more other operators WILL take measures against this) - just bet on beeing a "big player", let them do this. There is still a market for reliable email services / hosting operators ß). cheers, niels. -- --- Niels Dettenbach Syndicat IT & Internet https://www.syndicat.com PGP: https://syndicat.com/pub_key.asc --- _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
