Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Mail Servers Enable Backscatter Spam

Posted by kdawson on from the ricochet-attack dept.

Mike Morris writes "Google email servers are responsible for a large volume of backscatter spam. No recipient validation is being performed for the domains googlegroups.com and blogger.com — possibly for other Google domains as well, but these two have been confirmed. (You can test this by sending an email to a bogus address in either of the domains; you'll quickly get a Google-generated bounce message.) Consequently spammers are able to launch dictionary attacks against these domains using forged envelope sender addresses. The owners of these forged addresses are then inundated with the bounce messages generated by the Google mail servers. The proper behavior would be for the mail servers to reject email traffic to non-existent users during the initial SMTP transaction. Attempts at contacting them via abuse@google.com and postmaster@google.com have gone unanswered for quite some time. Only automated responses are received which say Google isn't doing anything wrong."

2 of 344 comments (clear)

  1. Re:A suggestion for Gmail spam-fighting by mcrbids · · Score: 0, Troll

    Right.

    Because you know SOOOO much more about fighting tens of billions of spam per day than the engineers at Google. And I can be pretty confident in my dismissive contempt because, if you actually were any good at fighting spam, you'd be raking in the big bucks actually doing it instead of mumbling about it on Slashdot.

    Maybe you actually do know something about fighting spam. In which case, you really should be registering a domain name (hint: both spamkillz.com and killzpam.com are not taken as I write this) and offering your helpful service to the worldwide community. If you were really any good, and provided a useful service free of spam, you could be a millionaire in 2 or 3 years.

    I dunno. Usually, millions of dollars is sufficient motivation that you won't waste valuable knowledge here.

    --
    I have no problem with your religion until you decide it's reason to deprive others of the truth.
  2. Simple Solution by PPH · · Score: 0, Troll

    The Google domains are being blacklisted by various e-mail and Usenet admins.

    To all of the legitimate Gmail users, sorry about that. We won't be receiving your messages. Perhaps its time to move on and find a better service.

    Note to my stockbroker: Sell my Google.

    --
    Have gnu, will travel.