Fastmail phishing scam going around

	▲	Fastmail phishing scam going around(old.reddit.com)
		4 points by joecool1029 14 hours ago \| 3 comments

	▲	Bender 3 hours ago \| parent \| next [-]
		According to the Reddit threads they are accepting spoofed emails. This is expected in the current dmarc/spf config. Ask them to change their SPF record from `"v=spf1 include:spf.messagingengine.com ~all` to `v=spf1 ip4:103.168.172.128/27 ip4:202.12.124.128/27 -all` They have no need for a soft fail and no need for the extra lookup as their record is tiny. ------ Also change the _dmarc record from `v=DMARC1; p=none; sp=none; rua=mailto:e3936a44@inbox.ondmarc.com` to something like: `v=DMARC1;p=reject;sp=reject;np=reject;psd=n;aspf=s;adkim=s;rua=mailto:e3936a44@inbox.ondmarc.com;` after reading up on the options, understanding the implications and setting the TXT record TTL's to something like 5 mins until it has been in place for a month, then putting it back to 1 hour or longer. The rua has been in place long enough to know what problems it will cause. Be fearless and cause some problems then fix the problems. psd= may have to be different but only fastmail staff would know for sure.
	▲	joecool1029 14 hours ago \| parent \| prev \| next [-]
		Hit inbox on two different accounts of mine (different domains). Thankfully the subaccount called me, but looks like other people on Reddit fell for it. Forwarded to Fastmail's support hours ago but it's been crickets from them. Update: Since I posted this I've received the real renewal email saying to update my card, the phish was only 8hrs earlier.
	▲	3 hours ago \| parent \| prev [-]
		[deleted]