We have several users that have all received malicious emails from: SECURITY.ALERT@a2nlwpweb129.prod.iad2.secureserver.net
As an IT admin, I do not want to blacklist GoDaddy's secureserver.net, so how should I proceed to keep our users safe?
Thanks for your time and assistance.
From: "SECURITY ALERT"
Thank you for your response.
I used the link that you provided to report the email as a PHISHING email (since that category matched the best). Unfortunately, this does not provide me with a solution on how I can blacklist the sender to stop these malicious emails being sent from GoDaddy's email server. It seems to me like a vulnerability in the email service that GoDaddy provides to its customers.
Any additional information or suggestions would be greatly appreciated.
Filling out the abuse form is the best action you can take. Our abuse team will reach out to you only if additional information is needed. In regards to your server, I suggest adding the email address to the blacklist within your users email accounts.
Blacklisting email address won't help much. I received 3 spam emails from 3 different email addresses, all using secureserver.net to send.
The spammer just assumed that my domain has a email@example.com address or firstname.lastname@example.org address, which doesn't exist on my mail server. They don't even go to the contact page of my website.
One thing I found is that secureserver.net is not in the SPF record of the spammer's domain. The spammer is using GoDaddy hosting. The spam emails were originated from the server that hosts the spammer's website, relayed through secureserver.net SMTP server.