Re: [mailop] SPF and DMARC Passed Phishing Spam from Oracle.com

Hans-Martin Mosner via mailop Wed, 22 Feb 2023 23:08:29 -0800

Am 23.02.23 um 05:30 schrieb Peter Beckman via mailop:

It seems that if you are able to get a server in oraclecloud.com, you can
send SPF- and DMARC-passing spam to be sent by Oracle.com, which includes a
phishing URL attempt.


Actually, sending SPF- and DMARC-passing spam is possible from about any cloud 
service.

As long as the cloud providers don't enforce a strict KYC requirement for 
allowing outbound SMTP, this won't change.

Requiring accurate domain WHOIS information would at least make it a lot harder for spammers to create new domains tospam from, but that train has long passed the station, reached the final destination, been deposited on the scrap heap.


Cheers,
Hans-Martin

_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] SPF and DMARC Passed Phishing Spam from Oracle.com

Reply via email to