Re: Understanding SPF-verified spam from dropbox

Hi, On Mon, Nov 20, 2017 at 5:47 PM, Bill Cole wrote: > On 20 Nov 2017, at 13:31, Alex wrote: > >> On Mon, Nov 20, 2017 at 12:58 PM, Axb wrote: >>> >>> On 11/20/2017 06:26 PM, Alex wrote: Hi, we have an email that

Re: Understanding SPF-verified spam from dropbox

On 20 Nov 2017, at 13:31, Alex wrote: On Mon, Nov 20, 2017 at 12:58 PM, Axb wrote: On 11/20/2017 06:26 PM, Alex wrote: Hi, we have an email that originated from email.dropbox.com and has a link to https://hyzas.xss.ht/ which is a "payload to test for Cross-site

Re: Understanding SPF-verified spam from dropbox

On Mon, Nov 20, 2017 at 12:58 PM, Axb wrote: > On 11/20/2017 06:26 PM, Alex wrote: >> >> Hi, we have an email that originated from email.dropbox.com and has a >> link to https://hyzas.xss.ht/ which is a "payload to test for >> Cross-site Scripting" from the XSS Hunter Team.

Re: Understanding SPF-verified spam from dropbox

On 11/20/2017 06:26 PM, Alex wrote: Hi, we have an email that originated from email.dropbox.com and has a link to https://hyzas.xss.ht/ which is a "payload to test for Cross-site Scripting" from the XSS Hunter Team. Was it sent in error? How was it sent? I know what XSS is and how it can be

Understanding SPF-verified spam from dropbox

Hi, we have an email that originated from email.dropbox.com and has a link to https://hyzas.xss.ht/ which is a "payload to test for Cross-site Scripting" from the XSS Hunter Team. Was it sent in error? How was it sent? I know what XSS is and how it can be used, but this was reported as malicious,