@Lepp It is genuine. I strongly suggest you read it carefully and follow the instructions therein.

I have it too. There's no useful information to help me to investigate - I realise they aren't going to give too much away about the detailed source of the complaint, but even a date range or some such pointers might help. What does "a source of unsolicited email has been linked to your account" mean? Could someone just have clicked on something to mark one of my messages as spam? Or do I seem to be the source of mail that gets rejected, and on what criteria? What sort of volume or frequency are we talking about to register an issue? No, I don't send unsolicited mail.

If I asked Plusnet technical support for help while giving such vague information as "there might be a problem with my broadband", they'd pretty soon shut down my ticket. So I've got nowhere obvious to look beyond some generalisations that I'm pretty confident aren't the source.

And it says to contact them, but doesn't offer any suggestions of how, and they don't exactly make that easy do they? I think the old ticketing system, which worked well, went ages ago.

@dplusr My advice to @Lepp  applies to you too - read the email - carefully, do as it suggests, especially the running of a deep AV scan, and then contact Plusnet for further advice and guidance.

I suggest that when you ring PN, request to speak to the cyber security team, as first-line support will be unable to help. This applies to you, too, @Lepp . 

thanks for the replies  

Obviously I'll do that, but my point remains that giving more information would be expected if the boot were on the other foot. And I've been at work today so not had time, so a ticketing system would help too.

@dplusr What 'more information' do you want?

Anything that would narrow it down, so that I can look in the right places, i.e. the same as they'd ask for if I were raising an issue with them:

• Some kind of clue as to what it means that a source has been linked - someone marked messages as spam, unusual activity has been spotted and if so what (volumes, content), mail is consistently failing checks of some kind
• Whether it's a one-off or repeated issue and an indication of dates or date ranges (helps a lot with looking in logs)
• Since Plusnet makes it easy to have multiple addresses within my "subdomain", does this appear to be an issue with one address or at account level?

If you do as they have asked in the email, and then call the security team, I think you will find out more, @dplusr . That email is an auto-generated one to alert you to the issue, so cannot be specific.

@dplusr 

Have you DONE the things requested in the email?

• Changed passwords
• Ensured all updates have been installed
• Done an AV and malware scan
• … and then if you need more advice contacted the cyber security team (via the open ticket on your account)

Firstly, this has to fit round Real Life. I hope to call them tonight. But no point really till the scan finishes, and that's heading for well over a day.

My point is that some of those things will prove, if I can get more information, to have been a waste of my time in terms of resolving this. More information would mean better-directed efforts. And yes, perhaps they aren't going to say more over email, but they could over a ticketing system.

OK I've called. The lady from support who answered didn't want to put me through to security, and just relayed the same advice as in the email. Therefore I got no more information. Obviously I'm completing all those steps. However, it seems to me improbable that it will help, as I can't find any evidence of a problem and I don't know (sorry, cracked record) what to look for.

She said that changing mail passwords has always resolved it in the past. However, if in fact what we have is triggered by an occasional response from third-party reputation systems or similar, then it's not (statistically) going to happen again for a few months anyway, so how do they know that the change makes a difference? Unless they do of course know what's happening and they won't tell me...

However, if in fact what we have is triggered by an occasional response from third-party reputation systems or similar, then it's not (statistically) going to happen again for a few months anyway, so how do they know that the change makes a difference? Unless they do of course know what's happening and they won't tell me...

@dplusr The issue is triggered within the Plusnet system - nothing at all to do with third-party reputation systems. Unfortunately, first-line support are unlikely to even know what you are talking about. Have you got an open question/ticket on your account with regards to this issue?

No. They seem to have opened it, updated it to tell me to change my passwords, and closed it again. I thought the idea was to get through to people who did know what they were talking about?

It gets worse. Changing mail passwords as instructed was a struggle, because the update form would only accept 8 characters, even though it claims 8-16 and must have accepted longer passwords before. So now we've got weaker mail passwords. And we don't even use them because I collect mail centrally and distribute it locally, using the default mailbox. Which is the password she told me not to change.