On 16.06.24 14:42, Anders Gustafsson wrote:
Return-path: <xxxxxxx> X-Spam-Checker-Version: SpamAssassin 3.4.5 (2021-03-20) on xxxxxx X-Spam-Level: X-Spam-Status: No, score=-95.6 required=5.0 tests=BAYES_00,HTML_MESSAGE, MIME_HTML_ONLY,RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L5,RDNS_NONE, TO_EQ_FM_DIRECT_MX,TO_NO_BRKTS_NORDNS_HTML,T_SCC_BODY_TEXT_LINE, URIBL_BLACK,URIBL_DBL_SPAM,USER_IN_WELCOMELIST,USER_IN_WHITELIST autolearn=no autolearn_force=no version=3.4.5 Received: from hosted-by.csrdp.host ([195.10.205.97]) by xxxxx with ESMTP (TLS encrypted); Sun, 16 Jun 2024 11:52:11 +0300 Reply-To: Email Mailbox Notification xxxxxx #9698 <xxxx>It was a phishing email and the provider has since shut it down. Now we do not have that adress in our whitelist. Should I interpret this that some of the entries we do have in our whitelist uses this adress or provider?
Someone obviously has one of: Resent-From Envelope-Sender Resent-Sender X-Envelope-From From address in whitelist (renamed welcomelist since). you just need to find out which and where. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "They say when you play that M$ CD backward you can hear satanic messages." "That's nothing. If you play it forward it will install Windows."
