Le 10/09/2023 à 20:12, Fred Morris via Postfix-users a écrit :
Other replies have identified what's probably happening: redirection
to a specific mail relay or honeypot.
I have a couple of suggestions, which you should consider carefully
(for legality and possible retaliation) before trying. I'd consider
them ok where I am, but YMMV.
Also, consider any email you send compromised from now on. Even if you
prevail on them to stop redirecting they've demonstrated the will as
well as capacity to observe, modify and potentially forge traffic.
(SSL won't help you unless you're using certs to authenticate the MTA
at the other end.) Or, maybe they're simply compromised. :-/
On Sun, 10 Sep 2023, postfix--- via Postfix-users wrote:
Try a telnet connection to those host (gmail/mail-tester) on 25 and
see who actually answers.
1) Send SYNs with varying TTLs to determine the number of hops to alleged
recipient MTAs based on the minimum value which elicits a SYN/ACK. Are
they all the same? Is it a low number?
This part can be done with traceroute or mtr command in TCP mode
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
