Nostr Web Client

I recieved this like 2h ago and it came from noreply@mailing.trezor.io

nostr:note1ex23rz4fzajnywj6mclysxmm0jnvz32spv5wuyrxr62vs4av5aps9rxnv6

Not sure if this can get spoofed:

smtp.mailfrom=noreply@mailing.trezor.io; spf=Pass smtp.helo=postmaster@mailing.trezor.io; dkim=pass (signature verified) header.i=@trezor.io; dmarc=pass (p=reject dis=none) d=trezor.io

Reply to this note

Please Login to reply.

Discussion

cf28f563... 1y ago

It's important to note that just because an email has a valid-looking "MAIL FROM" address, it does not necessarily mean that the email is legitimate or trustworthy. Email spoofing is a common tactic used in phishing and spam attacks, where the attacker manipulates the "MAIL FROM" and "From" headers to make the email appear to come from a legitimate source.

fr34aky 1y ago

Not if spf=pass, dkim=pass, dmarc=pass. These mails were send from the trezor mail servers.

Christopher 1y ago

That’s true, but the rest of the headers meant the mail came from a legitimate source and was signed with a legitimate key. So they must’ve been compromised in some way.