A couple of months in the past it was dropped at our consideration that spam emails containing inappropriate content material are being despatched out and that it seems they’re coming from a Buffer-owned area (buffermail.com). The emails aren’t coming from Buffer or from buffermail.
On this submit, we’ll do our greatest to elucidate what has been occurring to this point for anybody who has been impacted.
To start out, many people are receiving emails with suspicious headlines like “Howdy, e mail id” or “bundle ready.” These emails seem to be coming from a Buffer area. In actuality, we will see that they’re coming from one other area and try to masks their content material as coming from Buffer — that is known as e mail spoofing.
We wished to be completely sure that this type of e mail spoofing was certainly the reason for this situation. To verify this, we analyzed the unique mail headers to confirm the place the emails had been coming from. We discovered the headers clearly displaying the verification checks had failed as anticipated within the case of spoofed mail. We additionally discovered that the servers sending the emails didn’t belong to us or any companies that now we have ever used. So in the long run, we had been in a position to verify that this situation was not a results of a misconfiguration on our finish.
Typically, spam filters from e mail suppliers choose up on this conduct and don’t put that content material in the principle inbox. Nonetheless, there may be at present a problem with Microsoft Outlook and Hotmail the place this type of content material is just not being despatched to spam folders.
As of January 2023, Microsoft has acknowledged that they’re conscious of this situation and are working to repair it.
We want there was extra we may do on this state of affairs for the reason that attackers are impersonating a Buffer area — we’ve exhausted our record of choices, although, and the remaining work lies with the e-mail suppliers to raised filter these spam messages.
