Started off the day with a sick dayhome provider (luckily one set of grandparents were able to take the kids today) and then an internet outage first thing this morning at work.
WHAT ELSE DO YOU HAVE FOR ME THURSDAY?
@Jetengineweasel I guess not. Seems they run their own on-prem servers. And looking through the thread I can easily spot which emails weren't from us. And I have the proof in the Message trace report.
I don't have the originals with headers that they received to see where the mail originated from but I know it's not here since outbound SMTP is also blocked on our network.
But as a precaution I've replaced the local user's workstation and they've changed their password.
@devrandom next year im looking at blocking inbound messages witho it an spf record, and tagging anything without a hardfail with an ugly subject line tag. That kind of thing really helps on the defender side
A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.