Access was granted through delegated access - only the account owner has direct access to the original account. 2FA is enabled, passwords are changed regularly, and the network is secured by a firewall device that monitors traffic and blocks unauthorized access attempts.
While it’s technically possible that someone gained access to the original account, it’s highly unlikely they would have stopped at simply adding two CNAME records and modifying the SPF for a less popular domain in the DNS - removing the DMARC record entirely would have been a far easier and more damaging move. Given access to over 400 domains, the potential for more serious actions would have been substantial. Best, Alex On Thu, May 1, 2025 at 12:17 AM John Levine <jo...@taugh.com> wrote: > It appears that Alex Shakhov | SH Consulting via mailop <a@sh.company> > said: > >DMARC p=reject. A follow-up review confirmed only two people (myself > >included) had DNS access, ... > > How do you know that? Have you reset the passwords and not told the other > person for now to try and figure out where the leak is? > > Keep in mind it might not be deliberate, e.g. shoulder surfing or a lucky > guessing attack. > > R's, > John > -- *Over 2 million agents* are aiming for the inbox + mortgage, insurance, and legal folks too. *Spam filters work overtime*... Peek at your spam and imagine if all that landed in your inbox :D Getting through isn’t easy, but SH Consulting knows the smart moves. *Delivering 100 million+ real estate emails to inboxes* every month is solid proof, huh?
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
