@Gargron boosting this for the content but also and primarily because of the megumin card preview

@Gargron Often are outgoing mails from the attacked server unhiding the original ip adress of the server in the header of the mail. e.G. password reset mails or welcome mails and so on. so configuring your mailserver not to unhide the server ip is helpful, too.

@Gargron 🍬I wonder if this will be featured on an upcoming episode of Security Now. This seems like the kind of blog post right up Steve Gibson's alley. 🍬