Hacker News new | ask | show | jobs
by jcrawfordor 1511 days ago
Gmail seems to have a remarkably serious issue with outbound abuse. I've been dealing on and off with spam originating from gmail for years. In one case I submitted nearly daily abuse reports about a sender pasting around 600 addresses into the To: and Cc:, but Google took no action for at least four months. I had to edit the headers to even submit the abuse complaint because the number of recipient addresses made the headers so long the abuse complaint form rejected them... with the incorrect error message "headers are required." This was around 2013 and the issue seems to remain basically the same today. Every time I end up on someone's list that they're just pasting into gmail it persists for months, but I no longer bother with abuse reports.

The best part is that on one mail server I used to run this got bad enough that SpamAssassin started weighting down gmail.com in terms of domain reputation, which generated enough user complaints that we had to add a manual bump back up. Then that generated user complaints that our spam filtering wasn't working...
2 comments
autoexec 1511 days ago
I've seen an increase in phishing/scam sites hosted on google's services too. The automated system shuts them down fast enough once the URLs are reported, but Googles not so good at preventing new (even identical) sites/forms from being created or at locating other copies already on their platform.
link
IIsi50MHz 1511 days ago
Are email headers still easy to forge? I'd like to think there have been significant improvements in 15 years, but I know it used to be common for some email to to have falsified return paths (among other things).
link
kiwijamo 1511 days ago
I would check the actual IP address that was sending the spam and sure enough it was genuine Google IP addresses. I once tried black listing them only to stop receiving mail from friends so it was definitely the same IPs being used for both spam and actual ham mail. At the time I ran my own mail server it was not unusual for north of 50 per cent of spam to be originating from Google.
link
jcrawfordor 1509 days ago
Valid DKIM signature is the best confidence marker that these are actually originating with Gmail. I have always seen the DKIM signature check out to a Gmail public key.
link