We have an a mailbox where one paticular email address has not been recieving a good portion of emails, they gave me five different senders (different companies and countries). I used the message trace and all of them had this:
'has link to blacklisted IP' the IP address is the same IP accross all five senders and is blocked by spamhaus. This then leads me to this:
This IP address was detected and listed 2 times in the past 28 days, and 0 times in the past 24 hours. The most recent detection was at Sun Aug 9 05:55:00 2020 UTC +/- 5 minutes
This IP address is infected with, or is NATting for a machine infected with the "nymaim" malicious botnet.
"nymaim" is also known as "Gamarue".
My question is surely not five different companies for this one mailbox can all be blacklisted with this IP?