Hi List With little hope, that anyone @ microsoft is reading this list. I have attempted to contact Microsoft on many different ways to try to address those issues.
Clearly a phishing email claiming being from DPD hitting one of our spamtraps square in the face causing immediate blacklisting of the source IP. Now of course, legitimate Microsoft Office365 customers complaining we wrongfully blacklist 'their' IP address. Does somebody know how this happens? Phished Account? Hacked Exim Mailer instance? I thought without Oauth2 one could not relay emails via SMTP to the email platform anymore. And exim as a relay most probably can not do Oauth2, right? The last Received Link points to MAPI Protocol, that is not SMTP. So how was that sent? Received: from mail-sgaapc01on20624.outbound.protection.outlook.com ([IPv6:2a01:111:f400:feab::624]:24545) from 76444@siswa.***** Auth: by a Spamtrap on 2001:4060:dead:beef::****** 25 pretending to be an open relay for ap@blacklist.*****; Sun, 24 Sep 2023 19:18:35 +0200 (CEST) Received: from TYZPR01MB5237.apcprd01.prod.exchangelabs.com (2603:1096:400:343::10) by TY2PR0101MB3630.apcprd01.prod.exchangelabs.com (2603:1096:404:8004::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6813.27; Sun, 24 Sep 2023 06:47:22 +0000 Received: from SG2PR01MB3562.apcprd01.prod.exchangelabs.com (2603:1096:0:12::9) by TYZPR01MB5237.apcprd01.prod.exchangelabs.com (2603:1096:400:343::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6813.25; Sat, 23 Sep 2023 18:41:07 +0000 Received: from SG2PR01MB3562.apcprd01.prod.exchangelabs.com ([fe80::c2b5:77cc:f2b:c394]) by SG2PR01MB3562.apcprd01.prod.exchangelabs.com ([fe80::c2b5:77cc:f2b:c394%3]) with mapi id 15.20.6813.027; Sat, 23 Sep 2023 18:41:07 +0000 [...] Date: Sat, 23 Sep 2023 18:40:57 +0000 To: ap@blacklist.***** From: =?UTF-8?B?RFBELUt1cmllcg==?= <76444@siswa.*****> Subject: Ihr Paket konnte nicht zugestellt werden. Message-ID: <sg2pr01mb35626dcaff3059ba19dc45b9a9...@sg2pr01mb3562.apcprd01.prod.exchangelabs.com> Mailer: Exim 4.93 X-ClientProxiedBy: GVX0EPF000013DC.SWEP280.PROD.OUTLOOK.COM (2603:10a6:144:1::c) To SG2PR01MB3562.apcprd01.prod.exchangelabs.com (2603:1096:0:12::9) hr Paket konnte nicht zugestellt werden. Grund: Falsche Adresse/Telefonnummer >>Planen Sie die Lieferung erneut.<< Wenn keine Maßnahmen ergriffen werden, wird das Paket innerhalb von 48 Stunden zum Versand zurückgeschickt. @2023 DPD Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________ _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
