On 2023-10-11 at 16:45:15 UTC-0400 (Wed, 11 Oct 2023 16:45:15 -0400) Ricky Boone <ricky.bo...@gmail.com> is rumored to have said:
Just a heads up, it appears that usssa[.]com has had their SendGrid email sending account popped, and a bad actor has been sending phishing emails from it. The domain is defined in 60_welcomelist_auth.cf with def_welcomelist_auth/def_whitelist_auth entries with *@*.usssa.com.
If anyone has a shareable sample spam to substantiate this, that would be helpful.
-- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire