Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-20 Thread Brielle via mailop 
These still seem to be coming in quite consistently...  Same Zoom 
sendgrid account.


Any updates on whats going on with this, Luke?



On 7/6/21 2:44 PM, Brielle via mailop wrote:

Here's the two that they all share:

Return-path: 
Return-path: 

(original unmunged version sent directly to you, Luke)

I've got zoom messages via sendgrid being rejected via a system filter 
currently, so there should be a bit of bounce messages going back at 
Zoom/Sendgrid, but yet they still keep coming...


Shouldn't there be some sort of required unsubscribe or report link at 
the bottom of these?  I seem to remember legitimate zoom invitations and 
such all have one?  But it's been a while.


On 7/6/21 2:33 PM, Luke wrote:
If you could share the return-path of the offending message, I can 
have it looked at.


Cheers,
Luke

On Tue, Jul 6, 2021 at 11:39 AM Brielle via mailop > wrote:


    Hello,

    Anyone here have a contact for Zoom in re of webinar spam being sent
    from their platform via Sendgrid owned IPs?

    I'm rather unhappy with the fact they're allowing people to spam
    with no
    unsubscribe or report feature.

    I know Sendgrid is a hot steaming pile of dog excrement these days 
when
    it comes to spam, so the lack of reporting or unsubscribe link 
doesn't

    surprise me...



    --     Brielle Bruns
    The Summit Open Source Development Group
    http://www.sosdg.org     / http://www.ahbl.org
    
    ___
    mailop mailing list
    mailop@mailop.org 
    https://list.mailop.org/listinfo/mailop
    







--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org/ http://www.ahbl.org
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-12 Thread Luke via mailop 
That isn't one of the accounts reported by Micahel. However, it is being
investigated.

On Sun, Jul 11, 2021 at 8:12 AM Carl Byington via mailop 
wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On Thu, 2021-07-08 at 09:14 -0700, Luke via mailop wrote:
> > Both of the accounts reported by Michael have been suspended.
>
> DATE: 07/11/21 07:00:22 PDT
> IP: o5.sg.zoom.us :::149.72.199.144
> env_From: bounces+21079884-d4de-..
> X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==
>
> That one is still active. Google translate says the subject is
>
> OPPORTUNITIES FOR INTELLIGENT BUYERS WHEN THE POLICY OF SUPPORTING 100%
> LOANING APARTMENTS STRONGLY DEVELOPES IN THE REAL EST MARKET.
>
>
> -BEGIN PGP SIGNATURE-
>
> iHMEAREKADMWIQSuFMepaSkjWnTxQ5QvqPuaKVMWwQUCYOsJLxUcY2FybEBmaXZl
> LXRlbi1zZy5jb20ACgkQL6j7milTFsHgaQCePmU55G7bFLlzDzdAZ+kKzDDUheUA
> nRRmEWuXDpo2BM/94E3wzqnxQPed
> =Iyx4
> -END PGP SIGNATURE-
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-11 Thread Carl Byington via mailop 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Thu, 2021-07-08 at 09:14 -0700, Luke via mailop wrote:
> Both of the accounts reported by Michael have been suspended.

DATE: 07/11/21 07:00:22 PDT
IP: o5.sg.zoom.us :::149.72.199.144
env_From: bounces+21079884-d4de-..
X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==

That one is still active. Google translate says the subject is

OPPORTUNITIES FOR INTELLIGENT BUYERS WHEN THE POLICY OF SUPPORTING 100%
LOANING APARTMENTS STRONGLY DEVELOPES IN THE REAL EST MARKET.


-BEGIN PGP SIGNATURE-

iHMEAREKADMWIQSuFMepaSkjWnTxQ5QvqPuaKVMWwQUCYOsJLxUcY2FybEBmaXZl
LXRlbi1zZy5jb20ACgkQL6j7milTFsHgaQCePmU55G7bFLlzDzdAZ+kKzDDUheUA
nRRmEWuXDpo2BM/94E3wzqnxQPed
=Iyx4
-END PGP SIGNATURE-


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-09 Thread Luke via mailop 
Thanks for this Hans-Martin,

This was definitely phish. Compromised account. The account was actioned
very quickly after the mail got out.

For what it's worth, 2FA *is* required now but as you probably know it is
not a silver bullet for preventing abuse. When customers expose their API
key(s) to the open web, stuff happens.

Luke

On Thu, Jul 8, 2021 at 10:46 PM Hans-Martin Mosner via mailop <
mailop@mailop.org> wrote:

> Am 08.07.21 um 18:14 schrieb Luke via mailop:
> > Just so the group is aware, our team is looking into the Zoom traffic.
> We aren't sure what they are doing with that
> > mail stream, but it doesn't look good.
> >
> > Both of the accounts reported by Michael have been suspended.
> >
> > Thanks, everyone.
> >
> > Luke
> >
> I have a hunch that some time ago (just before the increased spam via
> SendGrid started) there might have been an
> unauthorized access to SendGrid customer data which allowed hackers to
> bruteforce hashed passwords and use valid
> accounts to send spam and fraudulent/phishing mails. The pattern is too
> strong to be reasonably explained with singular
> security breaches at individual customers.
>
> SendGrid, if this comes close to the truth (I can only guess), please be
> open about it at least in communication to your
> customers. If possible, enforce 2FA, watch for logins from unusual IP
> addresses, etc. Maybe a complete password reset
> for all customers would be in order.
>
> Repealing spam and fraud from completely bogus sources is a lot of work
> for us mail admins already, but when it comes
> from presumably authentic sources it becomes incredibly difficult and
> prone to false positives.
>
> Here's a simple example: I have a mail sample in quarantine that comes
> from "topbuildersolutions.net", apparently a
> SendGrid customer, using your outgoing infrastructure (192.254.122.201),
> so it's not a simple impersonation. It purports
> to be a payment reminder, with the usual phishing drill of urgency by
> threatening account termination. With a From: line
> of "SendGrid ", a SendGrid logo as
> embedded png, closing line "The Billing
> Operations Team at SendGrid" it looks 100% like phishing to me.
>
> Is this from you actually?
> If yes, why do you send out payment reminders using foreign domains?
> If not, why do you let your customers send such mails through your system?
>
> Your reputation is going down the drain. You should definitely realize
> that your reputation is your most valuable asset,
> and it's losing value at an incredible rate.
>
> Cheers,
> Hans-Martin
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-08 Thread Hans-Martin Mosner via mailop 
Am 08.07.21 um 18:14 schrieb Luke via mailop:
> Just so the group is aware, our team is looking into the Zoom traffic. We 
> aren't sure what they are doing with that
> mail stream, but it doesn't look good.
>
> Both of the accounts reported by Michael have been suspended.
>
> Thanks, everyone.
>
> Luke
>
I have a hunch that some time ago (just before the increased spam via SendGrid 
started) there might have been an
unauthorized access to SendGrid customer data which allowed hackers to 
bruteforce hashed passwords and use valid
accounts to send spam and fraudulent/phishing mails. The pattern is too strong 
to be reasonably explained with singular
security breaches at individual customers.

SendGrid, if this comes close to the truth (I can only guess), please be open 
about it at least in communication to your
customers. If possible, enforce 2FA, watch for logins from unusual IP 
addresses, etc. Maybe a complete password reset
for all customers would be in order.

Repealing spam and fraud from completely bogus sources is a lot of work for us 
mail admins already, but when it comes
from presumably authentic sources it becomes incredibly difficult and prone to 
false positives.

Here's a simple example: I have a mail sample in quarantine that comes from 
"topbuildersolutions.net", apparently a
SendGrid customer, using your outgoing infrastructure (192.254.122.201), so 
it's not a simple impersonation. It purports
to be a payment reminder, with the usual phishing drill of urgency by 
threatening account termination. With a From: line
of "SendGrid ", a SendGrid logo as 
embedded png, closing line "The Billing
Operations Team at SendGrid" it looks 100% like phishing to me.

Is this from you actually?
If yes, why do you send out payment reminders using foreign domains?
If not, why do you let your customers send such mails through your system?

Your reputation is going down the drain. You should definitely realize that 
your reputation is your most valuable asset,
and it's losing value at an incredible rate.

Cheers,
Hans-Martin

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-08 Thread Luke via mailop 
Just so the group is aware, our team is looking into the Zoom traffic. We
aren't sure what they are doing with that mail stream, but it doesn't look
good.

Both of the accounts reported by Michael have been suspended.

Thanks, everyone.

Luke

On Thu, Jul 8, 2021 at 8:48 AM Michael Peddemors via mailop <
mailop@mailop.org> wrote:

> On 2021-07-08 8:20 a..m., Carl Byington via mailop wrote:
> > On Thu, 2021-07-08 at 09:31 +0300, Atro Tossavainen via mailop wrote:
> >> That one is Zoom.us itself.
> >
> >> Received: from o5.sg.zoom.us (o5.sg.zoom.us [149.72.199.144])
> >
> >> Received: from o12.ptr3622.sg.zoom.us (o12.ptr3622.sg.zoom.us
> >> [167.89.93.232])
> >
> > Yes, the mail arrives from systems with rdns of *.sg.zoom.us, but my
> > understanding is that the X-Entity-ID points to a sendgrid user. And the
> > headers include stuff like:
> >
> > Received: by filter1889p1las1.sendgrid.net with SMTP id
> > filter1889p1las1-10585-60DE6FD0-E
> >  2021-07-02 01:45:52.506187482 + UTC m=+23969.518969155
> > Received: from MjEwNzk4ODQ (unknown)
> >  by geopod-ismtpd-3-2 (SG) with HTTP id W8YVLKQPT6CK1S2NPi9CbA
> >
> > Which looks like the original submission was via a sendgrid web
> > interface. A reply-to address in .vn, and a subject line (google
> > translate from Vietnamese) of "Why real estate can make you rich?".
> >
> > Just more crap that sendgrid is leaking, this time sending their
> > outbound spam via zoom.us servers.
> >
>
>
> Yeah, it is almost always a compromise, but hard to believe Zoom would
> not have enabled two factor authentication, or similar restrictions on
> who can use their sendgrid servers, keep thinking that their is another
> back door that abusers are using at SendGrid..
>
> Be nice to hear from Zoom (if anyone knows a contact) on what they
> discover, since SendGrid hasn't been too transparent.
>
> --
> "Catch the Magic of Linux..."
> 
> Michael Peddemors, President/CEO LinuxMagic Inc.
> Visit us at http://www.linuxmagic.com @linuxmagic
> A Wizard IT Company - For More Info http://www.wizard.ca
> "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
> 
> 604-682-0300 Beautiful British Columbia, Canada
>
> This email and any electronic data contained are confidential and intended
> solely for the use of the individual or entity to which they are addressed.
> Please note that any views or opinions presented in this email are solely
> those of the author and are not intended to represent those of the company.
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-08 Thread Michael Peddemors via mailop 

On 2021-07-08 8:20 a..m., Carl Byington via mailop wrote:

On Thu, 2021-07-08 at 09:31 +0300, Atro Tossavainen via mailop wrote:

That one is Zoom.us itself.



Received: from o5.sg.zoom.us (o5.sg.zoom.us [149.72.199.144])



Received: from o12.ptr3622.sg.zoom.us (o12.ptr3622.sg.zoom.us
[167.89.93.232])


Yes, the mail arrives from systems with rdns of *.sg.zoom.us, but my
understanding is that the X-Entity-ID points to a sendgrid user. And the
headers include stuff like:

Received: by filter1889p1las1.sendgrid.net with SMTP id
filter1889p1las1-10585-60DE6FD0-E
 2021-07-02 01:45:52.506187482 + UTC m=+23969.518969155
Received: from MjEwNzk4ODQ (unknown)
 by geopod-ismtpd-3-2 (SG) with HTTP id W8YVLKQPT6CK1S2NPi9CbA

Which looks like the original submission was via a sendgrid web
interface. A reply-to address in .vn, and a subject line (google
translate from Vietnamese) of "Why real estate can make you rich?".

Just more crap that sendgrid is leaking, this time sending their
outbound spam via zoom.us servers.




Yeah, it is almost always a compromise, but hard to believe Zoom would 
not have enabled two factor authentication, or similar restrictions on 
who can use their sendgrid servers, keep thinking that their is another 
back door that abusers are using at SendGrid..


Be nice to hear from Zoom (if anyone knows a contact) on what they 
discover, since SendGrid hasn't been too transparent.


--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-08 Thread Michael Peddemors via mailop 

And another bad for SendGrid compromises/spammers..

149.72.34.12(S)  19   wrqvnnhc.outbound-mail.sendgrid.net
   149.72.34.115(RS)  1   wrqvnntp.outbound-mail.sendgrid.net
   149.72.34.116(S)  16   wrqvnntq.outbound-mail.sendgrid.net
   149.72.34.124(S)  13   wrqvnntc.outbound-mail.sendgrid.net
149.72.37.206 1   wrqvnrcz.outbound-mail.sendgrid.net
   149.72.37.207  1   wrqvnrcf.outbound-mail..sendgrid.net
   149.72.37.212(S)  18   wrqvnrdq.outbound-mail.sendgrid.net
149.72.128.32   (S,M)15   wrqvvhnh.outbound-mail.sendgrid.net

You have to assume they don't care any more ;) Not that hard to stop, 
and it's being going on for 1 1/2 years..


Kind of hard to believe that they don't have the budget or skill to stop 
it..


Return-Path: 
From: App reviews 
Subject: How a friend of mine business got sued
Reply-To: austinookoyo...@gmail.com

Subject: Hello!
To: YOU 
From: "Mackenzie Scott Grant" 
Date: Wed, 07 Jul 2021 13:51:23 + (UTC)
Reply-To: msfoundati...@indamail.hu

Fake Grant Offers..

You get the drift.. which is why more and more operators are simply 
blacklisting SendGrid.. I know our team sure doesn't have the time or 
patience to keep reporting these..


On 2021-07-07 4:08 p.m., Carl Byington via mailop wrote:

On Tue, 2021-07-06 at 23:59 +0300, Atro Tossavainen via mailop wrote:

X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==



   Return-Path: 

That one has been trying to send spam here for at least a month.



>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>

--
"Catch the Magic of Linux..."

Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.

604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-08 Thread Carl Byington via mailop 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Thu, 2021-07-08 at 09:31 +0300, Atro Tossavainen via mailop wrote:
> That one is Zoom.us itself.

> Received: from o5.sg.zoom.us (o5.sg.zoom.us [149.72.199.144])

> Received: from o12.ptr3622.sg.zoom.us (o12.ptr3622.sg.zoom.us
> [167.89.93.232])

Yes, the mail arrives from systems with rdns of *.sg.zoom.us, but my
understanding is that the X-Entity-ID points to a sendgrid user. And the
headers include stuff like:

Received: by filter1889p1las1.sendgrid.net with SMTP id
filter1889p1las1-10585-60DE6FD0-E
2021-07-02 01:45:52.506187482 + UTC m=+23969.518969155
Received: from MjEwNzk4ODQ (unknown)
by geopod-ismtpd-3-2 (SG) with HTTP id W8YVLKQPT6CK1S2NPi9CbA

Which looks like the original submission was via a sendgrid web
interface. A reply-to address in .vn, and a subject line (google
translate from Vietnamese) of "Why real estate can make you rich?".

Just more crap that sendgrid is leaking, this time sending their
outbound spam via zoom.us servers.



-BEGIN PGP SIGNATURE-

iHMEAREKADMWIQSuFMepaSkjWnTxQ5QvqPuaKVMWwQUCYOcXoxUcY2FybEBmaXZl
LXRlbi1zZy5jb20ACgkQL6j7milTFsGmiACfRob62kkNRCYmCuGVToI/xg+IjSkA
n0KwN05UTZa35wOzW7Pzkl4wbvr6
=+QB+
-END PGP SIGNATURE-


___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-08 Thread Atro Tossavainen via mailop 
On Wed, Jul 07, 2021 at 04:08:42PM -0700, Carl Byington via mailop wrote:
> 
> On Tue, 2021-07-06 at 23:59 +0300, Atro Tossavainen via mailop wrote:
> > X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==
> 
> >   Return-Path:  
> That one has been trying to send spam here for at least a month.

That one is Zoom.us itself.

Received: from o5.sg.zoom.us (o5.sg.zoom.us [149.72.199.144])

Received: from o12.ptr3622.sg.zoom.us (o12.ptr3622.sg.zoom.us [167.89.93.232])

-- 
Atro Tossavainen, Chairman of the Board
Infinite Mho Oy, Helsinki, Finland
tel. +358-44-5000 600, http://www.infinitemho.fi/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-07 Thread Carl Byington via mailop 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Tue, 2021-07-06 at 23:59 +0300, Atro Tossavainen via mailop wrote:
> X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==

>   Return-Path: https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-07 Thread Luke via mailop 
If you could share the return-path of the offending message, I can have it
looked at.

Cheers,
Luke

On Tue, Jul 6, 2021 at 11:39 AM Brielle via mailop 
wrote:

> Hello,
>
> Anyone here have a contact for Zoom in re of webinar spam being sent
> from their platform via Sendgrid owned IPs?
>
> I'm rather unhappy with the fact they're allowing people to spam with no
> unsubscribe or report feature.
>
> I know Sendgrid is a hot steaming pile of dog excrement these days when
> it comes to spam, so the lack of reporting or unsubscribe link doesn't
> surprise me...
>
>
>
> --
> Brielle Bruns
> The Summit Open Source Development Group
> http://www.sosdg.org/ http://www.ahbl.org
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-06 Thread Atro Tossavainen via mailop 
Over yesterday and today, the following X-Entity-IDs have sent us
mail that somehow related to .zoom.us:

  X-Entity-ID: ApJYVCoyRSXXkzbu3h3uow==
  X-Entity-ID: lURbVkUlQbFl9F6ROPqNUw==
  X-Entity-ID: mDhfxq9OikvIkQieTwdfQA==
  X-Entity-ID: 7mxhBNMkQ9yfwz0A5+NG7Q==

These correspond to the SendGrid user IDs

  Return-Path:  Here's the two that they all share:
> 
> Return-path: 
> Return-path: 
> 
> (original unmunged version sent directly to you, Luke)
> 
> I've got zoom messages via sendgrid being rejected via a system
> filter currently, so there should be a bit of bounce messages going
> back at Zoom/Sendgrid, but yet they still keep coming...
> 
> Shouldn't there be some sort of required unsubscribe or report link
> at the bottom of these?  I seem to remember legitimate zoom
> invitations and such all have one?  But it's been a while.
> 
> On 7/6/21 2:33 PM, Luke wrote:
> >If you could share the return-path of the offending message, I can
> >have it looked at.
> >
> >Cheers,
> >Luke
> >
> >On Tue, Jul 6, 2021 at 11:39 AM Brielle via mailop
> >mailto:mailop@mailop.org>> wrote:
> >
> >Hello,
> >
> >Anyone here have a contact for Zoom in re of webinar spam being sent
> >from their platform via Sendgrid owned IPs?
> >
> >I'm rather unhappy with the fact they're allowing people to spam
> >with no
> >unsubscribe or report feature.
> >
> >I know Sendgrid is a hot steaming pile of dog excrement these days when
> >it comes to spam, so the lack of reporting or unsubscribe link doesn't
> >surprise me...
> >
> >
> >
> >-- Brielle Bruns
> >The Summit Open Source Development Group
> >http://www.sosdg.org     / http://www.ahbl.org
> >
> >___
> >mailop mailing list
> >mailop@mailop.org 
> >https://list.mailop.org/listinfo/mailop
> >
> >
> 
> 
> -- 
> Brielle Bruns
> The Summit Open Source Development Group
> http://www.sosdg.org/ http://www.ahbl.org
> ___
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop

-- 
Atro Tossavainen, Founder, Partner
Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635)
Tallinn, Estonia
tel. +372-5883-4269, http://www.koliloks.eu/
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-06 Thread Brielle via mailop 

Here's the two that they all share:

Return-path: 
Return-path: 

(original unmunged version sent directly to you, Luke)

I've got zoom messages via sendgrid being rejected via a system filter 
currently, so there should be a bit of bounce messages going back at 
Zoom/Sendgrid, but yet they still keep coming...


Shouldn't there be some sort of required unsubscribe or report link at 
the bottom of these?  I seem to remember legitimate zoom invitations and 
such all have one?  But it's been a while.


On 7/6/21 2:33 PM, Luke wrote:
If you could share the return-path of the offending message, I can have 
it looked at.


Cheers,
Luke

On Tue, Jul 6, 2021 at 11:39 AM Brielle via mailop > wrote:


Hello,

Anyone here have a contact for Zoom in re of webinar spam being sent
from their platform via Sendgrid owned IPs?

I'm rather unhappy with the fact they're allowing people to spam
with no
unsubscribe or report feature.

I know Sendgrid is a hot steaming pile of dog excrement these days when
it comes to spam, so the lack of reporting or unsubscribe link doesn't
surprise me...



-- 
Brielle Bruns

The Summit Open Source Development Group
http://www.sosdg.org     / http://www.ahbl.org

___
mailop mailing list
mailop@mailop.org 
https://list.mailop.org/listinfo/mailop





--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org/ http://www.ahbl.org
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

[mailop] Contact for Zoom webinar spam sent via Sendgrid (ugh)

2021-07-06 Thread Brielle via mailop 

Hello,

Anyone here have a contact for Zoom in re of webinar spam being sent 
from their platform via Sendgrid owned IPs?


I'm rather unhappy with the fact they're allowing people to spam with no 
unsubscribe or report feature.


I know Sendgrid is a hot steaming pile of dog excrement these days when 
it comes to spam, so the lack of reporting or unsubscribe link doesn't 
surprise me...




--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org/ http://www.ahbl.org
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop