INTERACT FORUM
Mac => JRiver Media Center 32 for Mac => Topic started by: al1947 on April 30, 2024, 10:32:34 pm
-
From: mpplist-help@ppalias.jriver.com <mpplist-help@ppalias.jriver.com>
Date: Tuesday, April 30, 2024 at 9:34 PM
To: Al Gordon al at algordon [edited]
Subject: warning from mpplist@ppalias.jriver.com
Hi! This is the ezmlm program. I'm managing the
mpplist@ppalias.jriver.com mailing list.
I'm working for my owner, who can be reached
at mpplist-owner@ppalias.jriver.com.
Messages to you from the mpplist mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.
If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the mpplist mailing list,
without further notice.
I've kept a list of which messages from the mpplist mailing list have
bounced from your address.
Copies of these messages may be in the archive.
To retrieve a set of messages 123-145 (a maximum of 100 per request),
send an empty message to:
<mpplist-get.123_145@ppalias.jriver.com>
To receive a subject and author list for the last 100 or so messages,
send an empty message to:
<mpplist-index@ppalias.jriver.com>
Here are the message numbers:
40
--- Enclosed is a copy of the bounce message I received.
Return-Path: <>
Received: (qmail 6126 invoked for bounce); 5 Apr 2024 06:09:01 -0500
Date: 5 Apr 2024 06:09:01 -0500
From: MAILER-DAEMON@listserver.jriver.com
To: mpplist-return-40-@ppalias.jriver.com
Subject: failure notice
-
I got one too.
-
Me too.
-
I also received this message...
-
I get this too.
What should I do now?
-
and me too
-
And me too
-
Just ignore it.
-
I treated it as phishing. Deleted it and didn’t click any link. I am quite sure that this was not sent by JRiver-people.
-
I looked at the source code of this e-mail and found nothing suspicious.
Is the mail server compromised or is there a bug that caused this?
From mail header:
Received-SPF: pass (ccc.at: domain of ppalias.jriver.com designates 216.14.187.163 as permitted sender)
client-ip=216.14.187.163
ping JRiver.COM
PING jriver.com (216.14.187.161)
ping PPALIAS.JRiver.COM
PING ppalias.jriver.com (216.14.187.163)
-
Just ignore it.
sure i will
maybe some more words would be appreciated?
-
Just ignore it.
Without doubt it is Spam or Phishing and must be ignored.
However JRiver should be taking this very seriously, as there has obviously been a breech of their security to obtain our email addresses and what other information?
I have now lost trust and faith in JRiver's security.
-
It isn't spam. It isn't phishing. Nobody was hacked.
It's our mail software. We have your address.
I'm pretty sure it's a byproduct of the changes we've made recently. Bob will be back in a few days and should have more to say.
Read the header carefully if you're concerned.
-
Thank you JimH for the more detailed information. That makes sense and has put my mind to rest. I apologise for my doubts of your security.
I await the later response from Bob. Thanks again to JimH
-
It isn't spam. It isn't phishing. Nobody was hacked.
It's our mail software. We have your address.
I'm pretty sure it's a byproduct of the changes we've made recently. Bob will be back in a few days and should have more to say.
Read the header carefully if you're concerned.
thank you.
but it seems like something was going wrong, so these words are appreciated.
-
Thanks JimH
-
It isn't spam. It isn't phishing. Nobody was hacked.
It's our mail software. We have your address.
I'm pretty sure it's a byproduct of the changes we've made recently. Bob will be back in a few days and should have more to say.
Read the header carefully if you're concerned.
I recognised from the mail header that this mail came from your network from your mail server. Only the why was unclear to me.
PS: I know a bit about IT, Internet and networks ;-)
-
I looked at the source code of this e-mail and found nothing suspicious. ...
Ditto.
Here's what my inbound MTA placed in the header...
Received: from ppalias.jriver.com (ppalias.jriver.com [216.14.187.163])
(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "*.jriver.com", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK))
by [My MTA] (Postfix) with ESMTPS id 4VTcKD2nT8z2SPQ
for <[my email addr]>; Tue, 30 Apr 2024 19:46:08 -0400 (EDT)
DMARC-Filter: OpenDMARC Filter v1.4.2 [My MTA] 4VTcKD2nT8z2SPQ
Authentication-Results: [My MTA]; dmarc=pass (p=none dis=none) header.from=ppalias.jriver.com
Authentication-Results: [My MTA]; spf=pass smtp.mailfrom=ppalias.jriver.com
Authentication-Results: [My MTA];
dkim=pass (1024-bit key; unprotected) header.d=ppalias.jriver.com header.i=@ppalias.jriver.com header.b=Mnvt+Gg6
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed;
d=ppalias.jriver.com; s=default; h=Mailing-List:Date:Message-ID:
From:To:MIME-Version:Content-Type:Subject; bh=vtodU7Jyh5cCkHC6HE
/NkAEIKHI=; b=Mnvt+Gg6bVwDDYxMdBAqSOT7IY3OGA+6TjIDYyqILMHhbKEbf4
qAFY5XsvEgOyBr+aGGGy8vklpD2M6G7GgaSn96dInWBUhtEkoEgdExTXAN+UKdp6
i/H3c/RqhURBvD5GdvwYVB4wBHJFTiGOp5bV29XZsLDl6sGeI/9ZuHRs4=
-
As you can see from the header it came from our machine so it’s not phishing.
The mailing list for mc32 owners tried to send a message to you which originally failed. This is an issue on the server end, usually caused by your mail server doing greylisting or other temporary issues. Eventually the notice of this issue was delivered from the mailing list to your inbox with a way to retrieve the archived message. You can ignore these messages.
-
thanks, it was clear that it was legit, me thinks i am not the only who knows a bit about header, etc.
maybe if so many ppl receive these mails, someone at jriver could be glad that he was informed about it.
its all about communication
deleted - erledigt, thanks again
-
How do we know we can trust this "bob" guy ? ;D
-
In Bob We Trust
-
Bob, thanks! :)
-
This is not the first time I got this. I think it has been sent to me 2-3 times before in the last 2-3 years. So it feels like it is nothing that has anything to do with recently made changes. Just for your information when searching for the problem.