Jump to content


X-Barracuda-Apparent-Source-IP: is a very long list of Russian and Ukrainian IPs and ports

This topic has been archived. This means that you cannot reply to this topic.
1 reply to this topic

#1 Alan Brewer

Alan Brewer
  • Members
  • 12 posts

Posted 17 January 2020 - 03:51 PM

We got several emails today with their X-Barracuda-Apparent-Source-IP: being a very long list of Russian and Ukrainian IPs and ports.  My Barracuda blocked them as spam, but this looks very scary.  Has anyone seen similar?  The list below is just a small snip of the actual email.  The IP list is MUCH larger than this....

X-Barracuda-Envelope-From: Pen@uspsninall.site
X-Barracuda-Effective-Source-IP: uspsninall.site[]

#2 Michael Manning

Michael Manning
  • Members
  • 270 posts

Posted 20 January 2020 - 09:55 AM

What is your thinking here? Are they a huge number of hops from sending IP to recipient? As an attempt to obfuscate the source?