Notes

These are all of my posts made on various platforms, automatically accumulated here for posterity.

joshua stein via @jcs.org (Bluesky) - Dec 20 2024 09:47:09
Apparently they are going to a random address at a domain hosted by Gmail and there is a forward setup at Gmail to redirect it to an Outlook\.com address, which then forwards to my actual address. This way DKIM/SPF validate and they can probably bypass rate limits on PayPal->Gmail->Outlook. \
joshua stein via @jcs.org (Bluesky) - Dec 20 2024 09:47:09
They can change the forwarding address at Gmail/Outlook fast enough that for every e-mail that comes in, they just forward the last hop to a new victim.

Seems easy to stop, just rate-limit forwarding address changes at Gmail/Outlook. Or require validation from the address being forwarded to?