If you could share the return-path of the offending message, I can have it
looked at.
Cheers,
Luke
On Tue, Jul 6, 2021 at 11:39 AM Brielle via mailop
wrote:
> Hello,
>
> Anyone here have a contact for Zoom in re of webinar spam being sent
> from their platform via Sendgrid owned IPs?
>
> I'm
On Tue 06/Jul/2021 20:28:16 +0200 Florian Effenberger via mailop wrote:
Alessandro Vesely via mailop wrote on 06.07.21 at 18:38:
I tried https://www.cyren.com/security-center/cyren-ip-reputation-check-gate
and it says "No Risk" for 188.34.176.133 and "Please enter a valid IP" for
On 7/7/21 13:08, Michael Peddemors via mailop wrote:
[snip]
You should consider adding some AUTH protections of course, to mitigate
compromised accounts, and better detection/rate limiters for when they do.
Encourage transparent 2FA, and options like country auth restrictions,
blocking AUTH
On 07.07.21 22:08, Michael Peddemors via mailop wrote:
> Start by including the IP(s) you are discussing ;)
mx-out-01.fh-muenster.de [185.149.214.63]
mx-out-02.fh-muenster.de [212.201.120.206]
> Compromised accounts are indeed the bane of the responsible
> administrator, and as you can see.. the
On 07.07.21 23:12, Jay Hennigan via mailop wrote:
>> Encourage transparent 2FA, and options like country auth restrictions,
>> blocking AUTH from cloud providers/hosting companies known for being a
>> haven for those types of attacks, (should make a blog post on best
>> practices for
Hey guys,
I have to take the walk of shame and report a spam outbreak on my
systems because of a phished user account and a loophole in the rate
limiting we do.
As soon as we got notifed, we stopped and cleaned the queues, blocked
the user, investigated the cause and fixed the rate limiting
It appears that Luke via mailop said:
>-=-=-=-=-=-
>-=-=-=-=-=-
>
>If you could share the return-path of the offending message, I can have it
>looked at.
I have a banking phish from dorfj-emigrant@dr.com sent to
nob...@johnlevine.com
and an invitation from m...@ippodogallery.com to an art
Start by including the IP(s) you are discussing ;)
Compromised accounts are indeed the bane of the responsible
administrator, and as you can see.. the rate limiting systems ARE
essential, you are unlikely to suffer a reputation issue, if only a few
escape (unless they have REALLY bad content,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Tue, 2021-07-06 at 23:59 +0300, Atro Tossavainen via mailop wrote:
> X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==
> Return-Path: https://list.mailop.org/listinfo/mailop