this post was submitted on 11 Jan 2024
208 points (95.6% liked)
Technology
59300 readers
4940 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Why do you think anything is hacked? It's trivially easy to send an email pretending to be someone else. There's no validation.
Do they contain valid data or something?
SPF.
Optional, but recommended. But doesn't guarantee anything unless both sides respect it. Also, IP spoofing is a thing.
Email is a broken protocol. There's a great copy pasta about why it can't or won't be fixed, which I unfortunately can't find. But it boils down to the fact that you can't get everyone to agree on, or implement, the fixes necessary to prevent spam.
Use a host that requires it. Done?
this isn't that
Could you elaborate on why you think that?
I've seen hundreds of those and they're mostly phishing attempts. this new one doesn't look anything like that.
this one has multiple addresses in the CC field, at least one of which is always a predefined list on the senders side. and it's otherwise a legit looking support ticket response.
but i want to know what's the origin, what's the vectors, and what's the target.