Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gmail As Open-Relay Spam Server

Posted by kdawson on from the if-you're-not-part-of-the-solution-you're-part-of-the-precipitate dept.

sveard writes of a little problem Google is having that has Gmail acting like an open relay. Compounding the issue is the fact that services such as Hotmail and Yahoo trust Gmail as a source of mail. "A recently-discovered flaw in Gmail is capable of turning Google's e-mail service into a highly effective spam machine. According to the Information Security Research Team (INSERT), Gmail is susceptible to a man-in-the-middle attack that allows a spammer to send thousands of bulk e-mails through Google's SMTP service without fear of detection. This attack bypasses both Google's identity fraud protection mechanisms and the current 500-address limit on bulk e-mail."

7 of 145 comments (clear)

  1. Re:Blacklist gmail by XanC · · Score: 3, Funny

    Yes, who would do business with such an entity. Probably about as many as would trust their business hosting to a company who declares its home page to be XHTML 1.1 but then serves it as text/html. Not to mention the 88 validation errors.


    The point is you can't jump straight for the "nuclear" option. Although to be honest I wouldn't use such a Web host.


  2. You should have known by OMNIpotusCOM · · Score: 3, Funny

    It's just a beta guys. There's going to be bugs in the system =)

  3. Re:Idiots better get off their ass by pembo13 · · Score: 1, Funny

    How about blocking all emails from gmail servers not coming from an @gmail.com address?

    --
    "Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
  4. Re:Blacklist gmail by mikeage · · Score: 3, Funny

    How about 10 errors?

    http://validator.w3.org/check?verbose=1&uri=http://www.taylorbyrnes.org/

    --
    -- Is "Sig" copyrighted by www.sig.com?
  5. Re:Bad Publicity? Ya THink? by Culture20 · · Score: 2, Funny

    Goddamned bastards have everything I send to my girlfriend from Google labeled as spam. Maybe you should stop sending her emails on how to maximize her rod?
  6. Re:Wow, slashdot doesnt give a crap by Glonoinha · · Score: 2, Funny

    Or maybe Google could outsource their anti-spam efforts to these guys.
    I'm guessing giving these guys a million dollars and saying 'make spam stop globally' might just work.

    It's worth a try.

    --
    Glonoinha the MebiByte Slayer
  7. Silly question by HTH+NE1 · · Score: 3, Funny

    Does the Information Security Research Team make any memorabilia coins? I imagine an INSERT coin would be quite desirable.

    --
    Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?