This seems like a perfect object lesson on why you should use DKIM and
SPF and make sure the sending domain can set up a p=reject policy for
DMARC.
Mike
On 2/6/23 10:25 AM, Konrad Zemek wrote:
Hi Nanog,
It looks like someone with an axe to grind against our company has decided to
email every AS contact they could find on PeeringDB, impersonating us and
sometimes spoofing our domains.
We're aware of the emails and are sorry for the inconvenience. We've since
added SPF records to the domains we own but don't use (the perps have since
name-squatted some new ones). We're also actively working with law enforcement
on the matter.
Thanks
Konrad Zemek
CTO Path Network
AS396998
