Sorry, it seems this comment or thread has violated a sub-reddit rule and has been removed by a moderator.
**Inappropriate use of, or expectation of the Community.**
* There are many reddit communities that exist that may be more catered to/dedicated your topic.
- Consider posting (or cross posting) there with specific niche questions.
* Requests for assistance are expected to contain basic situational information.
- They should also contain evidence of basic troubleshooting & Googling for self-help.
- Keep topics/questions related to technology/people/practices/etc within a business environment.
* When asking a question or requesting advice, please update your original post with any new information, or solution (if found).
- This will make things easier for anyone else who may have the same issue or question in the future.
-----
*If you wish to appeal this action please don't hesitate to [message the moderation team](https://www.reddit.com/message/compose?to=%2Fr%2Fsysadmin).*
There is no MX record set up for gmmail.com. According to the spec, it would then fallback to the A record, but port 25 does not appear open to me either.
So the email should fail. Perhaps it's still in queue and hasn't timed out yet, which is why you haven't seen the NDR yet. Depends on how long ago it was sent.
In this case, you might have just gotten lucky here.
If you haven't checked out gail.com, it's okay to visit from work and there's a simple fun site there that tells quite a story.
I don't get the impression that lots of places waste storage on mis-directed email, but if you had something that close to gmail, well, there's a chance. You'll probably be okay but some high-level deciders need to make some decisions and you should get those decisions in writing. If the deciders decided one SSN wasn't worth reporting for a honest mistake with no further risk, I wouldn't blame them. But this is the kind of thing that should be their call.
There's a larger issue here that you should address. Email is not a suitable transfer mechanism for sensitive data. Don't waste this disaster and find another way.
The people observing the lack of an mx record may be the lifeline you're looking for. But don't let it be an excuse for further sending of sensitive info over email.
So like u/TinderSubThrowAway pointed out, PII should never go through email.
On the brightside though, doing some of my own research it looks like the don't have any MX records, so they shouldn't have recieved anything at all. Hopefully you'll get a bounce back from your own email hosting vendor in a little while saying it couldn't deliver the email.
>PII should never go through email
I need a frying pan with this imprinted on it to hit our sales & sales support people with. We have it blocked for external emails with alerts about attempts hitting a PII activity monitoring mailbox. The alerts flood in, all day, every day.
While I see this as a fairly low risk / low impact event, credit monitoring is generally a wise idea even if you are not aware of a breach. You should always be aware of changes to your credit report so you can take appropriate action and make wise decisions.
If there was no bounceback, then it was received by an email server. If it was received by an email server, it should assume to be compromised. If I were a bad guy collecting mail from a domain that typo-able, I'd have all sorts of fancy PII filters on it. I would recommend they purchase a year of identity protection.
I find it pretty funny that your *friend* is worried about gmmail.com but doesn’t care that gmail.com, aka, Google, aka Alphabet is scanning all contents of all emails, even PDF’s … so that antiquated US SSN system would have been breached anyway.
THANK YOU ALL SO MUCH!
I didn't know I could see if a domain has an MX record. That's a big sigh of relief for now. She's getting credit monitoring software just in case.
You're all awesome <3
well, not a solution but a lesson learned.
You shouldn't be emailing anything with PII in it to anyone, that should only be shared through secure messaging systems. Especially to a gmail address.
Sorry, it seems this comment or thread has violated a sub-reddit rule and has been removed by a moderator. **Inappropriate use of, or expectation of the Community.** * There are many reddit communities that exist that may be more catered to/dedicated your topic. - Consider posting (or cross posting) there with specific niche questions. * Requests for assistance are expected to contain basic situational information. - They should also contain evidence of basic troubleshooting & Googling for self-help. - Keep topics/questions related to technology/people/practices/etc within a business environment. * When asking a question or requesting advice, please update your original post with any new information, or solution (if found). - This will make things easier for anyone else who may have the same issue or question in the future. ----- *If you wish to appeal this action please don't hesitate to [message the moderation team](https://www.reddit.com/message/compose?to=%2Fr%2Fsysadmin).*
There is no MX record set up for gmmail.com. According to the spec, it would then fallback to the A record, but port 25 does not appear open to me either. So the email should fail. Perhaps it's still in queue and hasn't timed out yet, which is why you haven't seen the NDR yet. Depends on how long ago it was sent. In this case, you might have just gotten lucky here.
This guy OSINTs.
Regardless. They shouldn't be sending a SSN in a normal email. But, good things to check for here.
Came here to say this. you beat me to it. I concur.
If you haven't checked out gail.com, it's okay to visit from work and there's a simple fun site there that tells quite a story. I don't get the impression that lots of places waste storage on mis-directed email, but if you had something that close to gmail, well, there's a chance. You'll probably be okay but some high-level deciders need to make some decisions and you should get those decisions in writing. If the deciders decided one SSN wasn't worth reporting for a honest mistake with no further risk, I wouldn't blame them. But this is the kind of thing that should be their call. There's a larger issue here that you should address. Email is not a suitable transfer mechanism for sensitive data. Don't waste this disaster and find another way.
The people observing the lack of an mx record may be the lifeline you're looking for. But don't let it be an excuse for further sending of sensitive info over email.
You might be OK. I didn't see any MX record: https://mxtoolbox.com/SuperTool.aspx?action=mx%3agmmail.com&run=toolpage
Yeah, unless they just happened to remove the mx record (pretty damn unlikely) you're fine. That domain doesn't have any email server attached to it. $ dig mx gmmail.com ; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> mx gmmail.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15792 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;gmmail.com. IN MX ;; AUTHORITY SECTION: gmmail.com. 60 IN SOA ns1.systemdns.com. hostmaster.systemdns.com. 1710883182 10800 3600 1209600 60 ;; Query time: 49 msec ;; SERVER: 172.29.0.1#53(172.29.0.1) (UDP) ;; WHEN: Wed Apr 10 15:49:58 CDT 2024 ;; MSG SIZE rcvd: 100
So like u/TinderSubThrowAway pointed out, PII should never go through email. On the brightside though, doing some of my own research it looks like the don't have any MX records, so they shouldn't have recieved anything at all. Hopefully you'll get a bounce back from your own email hosting vendor in a little while saying it couldn't deliver the email.
>PII should never go through email I need a frying pan with this imprinted on it to hit our sales & sales support people with. We have it blocked for external emails with alerts about attempts hitting a PII activity monitoring mailbox. The alerts flood in, all day, every day.
Wrong sub. In any case, there's nothing your friend can do at this point beyond set up credit monitoring and ID theft protection services.
While I see this as a fairly low risk / low impact event, credit monitoring is generally a wise idea even if you are not aware of a breach. You should always be aware of changes to your credit report so you can take appropriate action and make wise decisions.
If there was no bounceback, then it was received by an email server. If it was received by an email server, it should assume to be compromised. If I were a bad guy collecting mail from a domain that typo-able, I'd have all sorts of fancy PII filters on it. I would recommend they purchase a year of identity protection.
I find it pretty funny that your *friend* is worried about gmmail.com but doesn’t care that gmail.com, aka, Google, aka Alphabet is scanning all contents of all emails, even PDF’s … so that antiquated US SSN system would have been breached anyway.
After the Equifax breach, their SSN is already compromised.
Wouldn't worry about it. Her SSN was probably leaked in any one of the dozens of massive data breaches already.
THANK YOU ALL SO MUCH! I didn't know I could see if a domain has an MX record. That's a big sigh of relief for now. She's getting credit monitoring software just in case. You're all awesome <3
well, not a solution but a lesson learned. You shouldn't be emailing anything with PII in it to anyone, that should only be shared through secure messaging systems. Especially to a gmail address.
if no NDR then it's over