Domain facing massive e-mail spoofing attacks: Can something be done? by clement in c/[email protected]
[-] [email protected] 0 points 7 months ago

Hi, thank you for the answer, and sorry for the late reply :( ...

I analysed the logs thoroughly, and I can confirm my SMTP server hasn't sent any email aside the legitimate ones.
And u/voracitude 's answer confirmed my thoughts, being that the emails were sent from somewhere else.

I don't think it's that much unusual to use a "small" domain for spoofing: SMEs are "easy targets" usually, and if the recipient's anti-spam isn't configured properly then the attackers could benefit from a domain which may be small but has a good reputation.

Domain facing massive e-mail spoofing attacks: Can something be done? by clement in c/[email protected]
[-] [email protected] 4 points 7 months ago

@voracitude Thank you very much! This confirms my worries, not much can be done...

Domain facing massive e-mail spoofing attacks: Can something be done? by clement in c/[email protected]
[-] [email protected] 1 points 7 months ago

@wintermute_oregon
I tested on Mxtoolbox, it shows my server isn't an open relay.

Domain facing massive e-mail spoofing attacks: Can something be done? by clement in c/[email protected]
[-] [email protected] 1 points 7 months ago

@intelisense
Those are properly configured, I get a 10/10 on mail-tester dot com, as well as everything validated on mxtoolbox.

11
Domain facing massive e-mail spoofing attacks: Can something be done? (ck.villisek.fr)
submitted 7 months ago by [email protected] to c/[email protected]
13 comments fedilink

Domain facing massive e-mail spoofing attacks: Can something be done?

Hello,

I am running my own mailserver using Mailcow and I noticed, since mid-January, a huge rise of e-mail address spoofing attacks, in three ways:
(1) a lot of spam ends up in the inbox despite having rspamd.
(2) a few undelivered e-mail errors
(3) some e-mails with rubbish content sent to public administrations, with my e-mail address mentioned in the "via" field, but different sender address (possibly from a third hacked mailserver), end up in my inbox as well.

My mailserver doesn't seem to have been hacked BTW, as e-mails were sent today and the last connection to the SMTP service was 2 days ago according to Mailcow admin UI.

Here are my questions:
(1) Does the address spoofing make that rubbish mail end up in the recipients' inbox?
(2) Is it shown as being sent by me or by the third hacked mailserver?
(3) Is there a way to block the incoming spam using that technique in rspamd?
(4) Can this spoofing attack impact my domain name's reputation (blacklist, ...?)
(5) Last but not least, do you think I could get in legal trouble given the fact attackers seem to spoof my e-mail to target public administrations of my country (France, in case that matters)? If so, what could prove neither me nor my mailserver are faulty?

I am respecting all the good practices for e-mail security (SPF, DKIM, DMARC, and even signing my emails with an S/MIME cert). Oh and my server isn't an open relay ^_^

Thank you!

@email @techsupport

Facebook degrading Firefox user experience now? by clement in c/[email protected]
[-] [email protected] 0 points 8 months ago

@TheBaldness
What type of error is it? Time-out, blocked, ... ?

Facebook degrading Firefox user experience now? by clement in c/[email protected]
[-] [email protected] 7 points 8 months ago

@TheBaldness
When opening the developer tools and going to the Network tab, are there errors? (refresh the page to be sure everything appears in the tab)

4
Un post de test vers un article depuis Iceshrimp (ck.villisek.fr)
submitted 8 months ago by [email protected] to c/[email protected]
1 comments fedilink

Un post de test vers un article depuis Iceshrimp

Voilà un test de post vers Lemmy depuis Iceshrimp

Lien vers un article pour voir :
next.ink/122730/amd-annonce-ses-apu-ryzen-8000g-am5-avec-usb4-et-quatre-cpu-ryzen-5000-en-am4/
@testfediverse

[@technologie](https://jlai.lu/c/technologie) by clement in c/[email protected]
[-] [email protected] 1 points 8 months ago

@Syl
Depuis Iceshrimp. Merci, je prendrai le temps d'essayer demain.
Si ce post pose souci un admin peut le supprimer :)

[@technologie](https://jlai.lu/c/technologie) by clement in c/[email protected]
[-] [email protected] 1 points 8 months ago

@technologie Ah zut, je ne pensais pas que ça allait mal s'afficher comme ça sur Lemmy. Désolé. Qqun connait la bonne méthode pour partagée un post vers Lemmy ? Juste copier l'URL ?

1
@technologie (ck.villisek.fr)
submitted 8 months ago by [email protected] to c/[email protected]
5 comments fedilink

@technologie

RE: masto.ai/users/linforme/statuses/111726683992027048

8
Are there testable demos for alternative game engines? (ck.villisek.fr)
submitted 11 months ago by [email protected] to c/[email protected]
3 comments fedilink

Are there testable demos for alternative game engines?

Hello everyone.

I am getting interest in alternative game engines like Open3D Engine, Godot, Flax, Stride, Bevy, etc...
But I'm surprised how hard it is to find any "playable" demos of these. The only things I was able to find were screenshots and videos, but no proper executable that shows off their performance...
Do you know any demo for any alternative engine (by alternative, I mean, not Unreal or Unity) ?

Thank you :-)
(this is my first post on an ActivityPub community, sorry if I didn't post it the right way)

@[email protected] @[email protected] @[email protected]

8
Are there testable demos for alternative game engines? (ck.villisek.fr)
submitted 11 months ago by [email protected] to c/[email protected]
1 comments fedilink

Are there testable demos for alternative game engines?

Hello everyone.

I am getting interest in alternative game engines like Open3D Engine, Godot, Flax, Stride, Bevy, etc...
But I'm surprised how hard it is to find any "playable" demos of these. The only things I was able to find were screenshots and videos, but no proper executable that shows off their performance...
Do you know any demo for any alternative engine (by alternative, I mean, not Unreal or Unity) ?

Thank you :-)
(this is my first post on an ActivityPub community, sorry if I didn't post it the right way)

@[email protected] @[email protected] @[email protected]

Need recommendations for a reliable mobile phone (UK) by clement in c/[email protected]
[-] [email protected] 3 points 1 year ago

@[email protected] If you are looking for a phone with an huge battery, CAT phones ("CAT" from "Caterpillar" - yeah, they make phones) can be interesting for you. You can choose one of them depending on how much you're ready to spend on it.

Otherwise, Fairphone 3 and 4 are good options as you can replace their battery when it dies, and they provide spare ones for as long as thhe device is supported (they support them usually much longer than most phones from other manufacturers, so far). I own a Fairphone 4 and it's very good. But maybe too expensive if it isn't your main internet/entertainment device.

So Elon's a "visionary" who wants to turn X into a single website where you can do everything — kinda like Yahoo! by clement in c/[email protected]
[-] [email protected] 1 points 1 year ago

@[email protected] Oh, you're right! I didn't know about that. My bad 😄

So Elon's a "visionary" who wants to turn X into a single website where you can do everything — kinda like Yahoo! by clement in c/[email protected]
[-] [email protected] 20 points 1 year ago

@[email protected] @[email protected] for photos, Flickr also fits: it is owned by Yahoo since 2005

What would an r/place-like Fediverse event look like? by clement in c/[email protected]
[-] [email protected] 4 points 1 year ago

@[email protected] i think it'd be very intensive in terms of disk and network usage. Not only for the r/place-like host, but also for other Fediverse server admins.

view more: next ›

clement

joined 1 year ago