It's being sent from mailxxxxxx.megamailservers.com, where xxxxx is changing. The whole IP range (69.49.96.0/19) is allocated to Internet Names For Business Inc. from CA, USA. I have already reported this to the abuse contact associated with this IP range. -- Kind regards, David Brůha Virtis s.r.o. U Boroviček 255/8 Praha 6, 163 00 e-mail: d.bruha@virtis.cz Dne středa 9. října 2024 18:01:23 CEST, Tobias Fiebig via members-discuss napsal(a):
Moin,
I have attached the email, I didn’t click on it.
I would like to raise some attention to the nicely placed yellow checkmark next to TLS, under the point 'Security'; This is likely there because the delivering MTA submitted with STARTTLS.
I would bet that some phishing mail with S/MIME from an attacker controlled domain, or possibly even just DKIM alignment might net this a green version.
What webinterface is this? Outlook/M365? Gmail workspaces?
In any case, whoever designed this, clearly seems to have a heart for making phishing easier.
With best regards, Tobias ----- To unsubscribe from this mailing list or change your subscription options, please visit: https://mailman.ripe.net/mailman3/lists/members-discuss.ripe.net/ As we have migrated to Mailman 3, you will need to create an account with the email matching your subscription before you can change your settings. More details at: https://www.ripe.net/membership/mail/mailman-3-migration/