← Back to context Comment by cjbprime 4 months ago That doesn't sound right. Aren't these @zendesk.com addresses? 3 comments cjbprime Reply Thorrez 4 months ago No, it's spoofed appleid@id.apple.com addresses. But you are correct that it's not customer SPF/DMARC configuration that's the problem. layer8 4 months ago The spoofed addresses were support@company.com, is my understanding.Zendesk is very well aware of SPF/DMARC, from their support pages. Thorrez 4 months ago The spoofed address was appleid@id.apple.com . support+id@company.com was the to address, not the from address.https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b...
Thorrez 4 months ago No, it's spoofed appleid@id.apple.com addresses. But you are correct that it's not customer SPF/DMARC configuration that's the problem.
layer8 4 months ago The spoofed addresses were support@company.com, is my understanding.Zendesk is very well aware of SPF/DMARC, from their support pages. Thorrez 4 months ago The spoofed address was appleid@id.apple.com . support+id@company.com was the to address, not the from address.https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b...
Thorrez 4 months ago The spoofed address was appleid@id.apple.com . support+id@company.com was the to address, not the from address.https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b...
No, it's spoofed appleid@id.apple.com addresses. But you are correct that it's not customer SPF/DMARC configuration that's the problem.
The spoofed addresses were support@company.com, is my understanding.
Zendesk is very well aware of SPF/DMARC, from their support pages.
The spoofed address was appleid@id.apple.com . support+id@company.com was the to address, not the from address.
https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b...