What happened
Some mail to mailboxes hosted on AT&T's network may have gotten rejected in the last 12 hours.
How to know if you were affected and what to do about it
If you receive a rejection notice, please resend your email.
If you did not receive a rejection notice from AT&T, your mail was sent successfully, no action is required on your part.
Background
Last night we identified a compromised mailbox on one of our other customer's accounts which was being used to send spam, some of it to AT&T's network, resulting in one of our outbound mail servers getting black-listed.
We've taken that server out of the queue to send to AT&T, so your email should be getting through to AT&T's network now.
We've also contacted AT&T about getting off their blacklist.
Of course, we also shutdown the compromised mailbox and notified the affected customer.
How do mailboxes get compromised?
People use easy-to-guess passwords, or use passwords with the same email address with other web-services providers that get compromised, resulting in bad-actors able to look-up passwords historically associated with names and email addresses.
How to prevent your mailbox(es) from being compromised
- Use 8-10 character passwords that are a mix of special characters (e.g.: %^#), upper and lower case, and numbers.
- Use different passwords for different accounts, or at least use special passwords to access critical accounts like your mailbox.
- Use a password manager.
- Use multi-factor authentication (MFA)
[Multi-Factor Authentication (MFA)](https://admin.cloudiance.com/knowledgebase.php?action=displayarticle&catid=2&id=6)
Tuesday, October 19, 2021
