Email security professionals have long been worried about attackers abusing shared SPF authorization within a multitenant hosting service. When many customers share the same infrastructure, there are increased concerns about abuse. Just such an attack against members sharing the same sending servers led to a deep dive session on the topic at the recent M3AAWG 51 meeting. During the panel discussion, the security analysts who detected the attack explained what they found, and participants from the abused hosting service shared lessons learned with the broader community.