Mails sent from the command line not appearing in inbox or spam folder

I sent some test mails using the command line. In the log I can see that status = sent, but I am not getting any emails in my inbox or spam folder.

Oct 11 15:51:01 ip-10-0-1-80 postfix/local[20606]: 724AB6D5B: to=<root@localhost>, orig_to=<root>, relay=local, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) 

Bizarre email sent from spam email address with contact details of someone I know and a friend of their’s in it

Someone I know (call them Darren Smith) recently received a rather odd email. It was sent to their personal email address, emailaddresswithnonameinit@emailprovider.com. The “From” field had “Darren Smith” as the name in it, but the actual email address was ninerandomlettersandnumbers@differentemailprovider.com.

The text of the email is this:

NameOfDarren'sFriend, Are you free at the moment?  Regards, Darren Smith 

I have no idea what this could be, how whatever this is got the name of the person Darren knows, or how it got Darren’s original email address. Anyone have any insight as to what sort of attack this is, and what steps should be taken now?

Can you avoid ever password to be sent on the wire?

Let’s say I want to secure authentication on a web app or a mobile app or even a machine to machine app.

My first approach to secure the password is to enable HTTPS and some sort of client side message level encryption of data to be sent on the wire.

So I’m starting to think that since MITM could help circumvent HTTPS and discover at least an encrypted password, there is maybe no way to truly protect a password.

So I was wondering (not considering VPN here), if a user submitted data (ex : password) on the wire is ever secure ? Or if there exists a way to to never submit password on the wire ?

DNS and sometimes TCP packet are being sent out upon disconnecting and connecting wifi connection

I am monitoring my network interface and noticed that I can reproduce a behavior where some cryptic DNS packets are being sent out as well as TCP sometimes, without me opening any browser or application for that matter.

All I have to do is turn off WIFI and then turn it back on. Then a number of DNS packets are sent out automatically.

Here is the cap file:

enter image description here

This doesn’t strike me as normal behavior, why are DNS packets being sent out?.. Upon following the TCP packets I noticed that they are being sent to an EC2 instance on AWS.

Outgoing email is sent from which server role?

Our SP2016 farm have 2 WFE, 2 APP, and 2 Search servers. In the outgoing server settings, we point to our company SMTP (smtp.company.com). In order to allow the SMTP relay for SharePoint’s email, we need to apply firewall open. Although we can simply apply open for all 6 servers but I want to understand the traffic logic.

Should I expect all email will be started from WFE? Or it will be started from other server depends on server role?

Why does user’s sent messages appear on the right side instead of left? Why doesn’t it appear one below the other?

I did notice in many websites like messenger, WhatsApp, sending SMS on iphone, google hangouts, etc. The user’s sent messages appear on the right side. I’m wondering why don’t place it one below the other just like slack.

Is there any specific reason why do they follow this pattern?

For reference enter image description here

“Strict-Transport-Security” header is sent in server’s response while I do not add it in the server config

I have a server configured on a virtual machine running Ubuntu 18.04. I configured a web page and I enabled SSL/TLS configurations. I also added a Certificate Transparency header. My /etc/apache2/sites-available/default-ssl.conf contains:

<IfModule mod_ssl.c>     <VirtualHost _default_:443>         ServerAdmin hi@myownsite.com         ServerName myownsite.com          DocumentRoot /var/www/myownsite.com/html           ErrorLog $  {APACHE_LOG_DIR}/error.log         CustomLog $  {APACHE_LOG_DIR}/access.log combined          #   SSL Engine Switch:         SSLEngine on          <FilesMatch "\.(cgi|shtml|phtml|php)$  ">                 SSLOptions +StdEnvVars         </FilesMatch>         <Directory /usr/lib/cgi-bin>                 SSLOptions +StdEnvVars         </Directory>           Header always set Expect-CT: max-age=123     </VirtualHost> </IfModule> 

When I test the server from a client using Chrome, and when I check the headers from Chrome’s developer tool, I see this header is sent from my server (in addition to the Expect-CT one I added):

Strict-Transport-Security: max-age=63072000; includeSubdomains 

The problem is that I did not add this header (I am aware about its importance and function but I did not add it myself).

Does apache send this by default? I turned off the default config file:

a2dissite 000-default.conf 

Also, even the default file does not contain this header. The only config that should be running is mine which does not contain this header.

Can anyone explain to me where is it coming from? Why is it sent while I did not add it? Does the browser add it anyways?

Programmatically create and Add Owners and Members to O365 Group, no emails are sent

I’m using the code found in OfficeDevPnP.Core to create a new UnifiedGroup. UnifiedGroupsUtitlity.CreateUnifiedGroup. My code is below.

UnifiedGroupsUtility.CreateUnifiedGroup("CSOM Site Creation",                                                             "My Site Created in Code,                                                             CSOM,                                                             accessToken,                                                             groupLogo: null,                                                             owners: owners.ToArray(),                                                             members: members.ToArray(),                                                             isPrivate: true,                                                             createTeam: false); 

When I’m using this code, none of the Owners or members get’s an email saying they have joined the group, like they do if I add them manually to a group.

Do I have to write that part of the code to send the emails, or is there another method I can use that’s already out there to send the same template that Microsoft sends?

There are two emails sent (if MS Teams included), when adding a person manually. One to say the person is added to the group from: The site on behalf of me. One to say the person is added to the MS Teams. From: noreply@email.teams.microsoft.com

It these emails I wish to replicate when adding a user to Group/Team.