On 07/04/2018 08:46 AM, John Bourke wrote: > I believe that this was a targeted malicious attack on my mailbox > via an old email service, which I had stopped using in 2015. There > are no MX records pointing at it, although the POP and SMTP server > are still active. I believe that the attacker must also have had > prior knowledge of my old email infrastructure.
Thank you John for the update and sorry you were a victim of this. > Not sure how this email got onto the list or if everyone on the list > got it. The list told me it was blocked and offered me the > opportunity to cancel, which I did. I have heard there were four > emails, so maybe only one got blocked (due to size). To be clear, the list auto-moderates any postings above a certain size and various common attachments, that's what happened here and the dodgy posting did not make it out to the list. > The recipient addresses where addresses on emails which were held on > the old mail service. It indeed seems that mail addresses of people who have posted to the list were harvested from John's inbox during this compromise, and then also spammed directly. Certainly I got one copy at each e-mail address I have ever posted to UKNOF on. Keith
