andrew at lists.savchenko.net
Tue Nov 10 02:44:29 UTC 2020
Tuesday, November 10, 2020, 1:01:26 PM, you wrote:
> Can you explain how the scam could be implemented.... virus, malware etc ?
Plethora of ways:
1. Builder's machine was compromised
2. Client's machine was compromised
3. E-mail was intercepted and manipulated on the side of MX and DKIM
signatures weren't enforced.
4. DNS spoofed and DNSSEC wasn't enforced or records were not provisioned in a
5. MTA-STS policy was absent or not checked by MTA.
6. DMARC policy wasn't strict enough or not enforced by recipient.
7. SPF wasn't used properly.
The list goes on.
More information about the linux