Comment by Aachen
2 days ago
How did you connect joe@legitbusiness.com, where spam usually originates from for me (hacked email accounts), to a specific github user account that was used to scrape the data, which microsoft can choose to ban? And that's assuming they believe you're being truthful and not simply angry with the user whom you're reporting
As others have noted, the emails frequently include the sender's actual GitHub username or organization in the body or signature.
Attribution isn't speculative. The DKIM/SPF headers show the messages are authenticated and sent through the company's own mail servers, signed by their domain. These are not spoofed "joe@legitbusiness.com" messages. I include the original headers in every abuse report.
In several cases I've engaged directly. One founder replied to my "stop spamming" email and later sent me a LinkedIn request. When the name in the signature, the GitHub profile, the authenticated sending domain, and the LinkedIn account all align, the hacked-account explanation no longer fits the facts.