These still seem to be coming in quite consistently... Same Zoom
sendgrid account.
Any updates on whats going on with this, Luke?
On 7/6/21 2:44 PM, Brielle via mailop wrote:
Here's the two that they all share:
Return-path:
Return-path:
(original unmunged version sent directly to you,
That isn't one of the accounts reported by Micahel. However, it is being
investigated.
On Sun, Jul 11, 2021 at 8:12 AM Carl Byington via mailop
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On Thu, 2021-07-08 at 09:14 -0700, Luke via mailop wrote:
> > Both of the accounts
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thu, 2021-07-08 at 09:14 -0700, Luke via mailop wrote:
> Both of the accounts reported by Michael have been suspended.
DATE: 07/11/21 07:00:22 PDT
IP: o5.sg.zoom.us :::149.72.199.144
env_From: bounces+21079884-d4de-..
X-Entity-ID:
Thanks for this Hans-Martin,
This was definitely phish. Compromised account. The account was actioned
very quickly after the mail got out.
For what it's worth, 2FA *is* required now but as you probably know it is
not a silver bullet for preventing abuse. When customers expose their API
key(s) to
Am 08.07.21 um 18:14 schrieb Luke via mailop:
> Just so the group is aware, our team is looking into the Zoom traffic. We
> aren't sure what they are doing with that
> mail stream, but it doesn't look good.
>
> Both of the accounts reported by Michael have been suspended.
>
> Thanks, everyone.
>
Just so the group is aware, our team is looking into the Zoom traffic. We
aren't sure what they are doing with that mail stream, but it doesn't look
good.
Both of the accounts reported by Michael have been suspended.
Thanks, everyone.
Luke
On Thu, Jul 8, 2021 at 8:48 AM Michael Peddemors via
On 2021-07-08 8:20 a..m., Carl Byington via mailop wrote:
On Thu, 2021-07-08 at 09:31 +0300, Atro Tossavainen via mailop wrote:
That one is Zoom.us itself.
Received: from o5.sg.zoom.us (o5.sg.zoom.us [149.72.199.144])
Received: from o12.ptr3622.sg.zoom.us (o12.ptr3622.sg.zoom.us
And another bad for SendGrid compromises/spammers..
149.72.34.12(S) 19 wrqvnnhc.outbound-mail.sendgrid.net
149.72.34.115(RS) 1 wrqvnntp.outbound-mail.sendgrid.net
149.72.34.116(S) 16 wrqvnntq.outbound-mail.sendgrid.net
149.72.34.124
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thu, 2021-07-08 at 09:31 +0300, Atro Tossavainen via mailop wrote:
> That one is Zoom.us itself.
> Received: from o5.sg.zoom.us (o5.sg.zoom.us [149.72.199.144])
> Received: from o12.ptr3622.sg.zoom.us (o12.ptr3622.sg.zoom.us
> [167.89.93.232])
On Wed, Jul 07, 2021 at 04:08:42PM -0700, Carl Byington via mailop wrote:
>
> On Tue, 2021-07-06 at 23:59 +0300, Atro Tossavainen via mailop wrote:
> > X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==
>
> > Return-Path:
> That one has been trying to send spam here for at least a month.
That one is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Tue, 2021-07-06 at 23:59 +0300, Atro Tossavainen via mailop wrote:
> X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==
> Return-Path: https://list.mailop.org/listinfo/mailop
If you could share the return-path of the offending message, I can have it
looked at.
Cheers,
Luke
On Tue, Jul 6, 2021 at 11:39 AM Brielle via mailop
wrote:
> Hello,
>
> Anyone here have a contact for Zoom in re of webinar spam being sent
> from their platform via Sendgrid owned IPs?
>
> I'm
Over yesterday and today, the following X-Entity-IDs have sent us
mail that somehow related to .zoom.us:
X-Entity-ID: ApJYVCoyRSXXkzbu3h3uow==
X-Entity-ID: lURbVkUlQbFl9F6ROPqNUw==
X-Entity-ID: mDhfxq9OikvIkQieTwdfQA==
X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==
These
Here's the two that they all share:
Return-path:
Return-path:
(original unmunged version sent directly to you, Luke)
I've got zoom messages via sendgrid being rejected via a system filter
currently, so there should be a bit of bounce messages going back at
Zoom/Sendgrid, but yet they still
Hello,
Anyone here have a contact for Zoom in re of webinar spam being sent
from their platform via Sendgrid owned IPs?
I'm rather unhappy with the fact they're allowing people to spam with no
unsubscribe or report feature.
I know Sendgrid is a hot steaming pile of dog excrement these days
15 matches
Mail list logo
