One of the clients I work for has a test@xxxx.com account. I believe it's an alias, and I got an email signing up for a random site (it's a legit site) presumably to test that someone had access to it.
It had a confirmation link in it, and the same email ALSO got a 'confirmed' email from the same site. To me this suggests someone has successfully tested access to this email address. But how? What are some vectors people have? The company manages their own DNS service, and thus MX records. They point to google.
What are some things I can do to debug this? I've already went on to check our MX records at https://mxtoolbox.com/
And everything there is a google.com or googlemail.com hostname. When searching for problems here is what comes up:
dmarc thedomain.com DNS Record not found More Info
mx thedomain.com No DMARC Record found More Info
dns thedomain.com Primary Name Server Not Listed At Parent More Info
smtp aspmx.l.google.com Reverse DNS does not match SMTP Banner More Info
smtp alt1.aspmx.l.google.com Reverse DNS Resolution - No PTR Record found More Info
smtp alt2.aspmx.l.google.com Reverse DNS does not match SMTP Banner More Info
smtp aspmx2.googlemail.com Reverse DNS Resolution - No PTR Record found More Info
smtp aspmx3.googlemail.com Reverse DNS does not match SMTP Banner More Info
smtp aspmx4.googlemail.com Reverse DNS does not match SMTP Banner More Info
smtp aspmx5.googlemail.com Reverse DNS does not match SMTP Banner More Info
dns thedomain.com Name Servers are on the Same Subnet More Info
dns thedomain.com Serial numbers do not match More Info
dns thedomain.com SOA Serial Number Format is Invalid More Info
dns thedomain.com SOA Expire Value out of recommended range More Info
I'm more of developer but have some experience with sysadmin stuff, but certainly not the intricacies of MX records and SMTP. Any thoughts?
