Hacker News new | ask | show | jobs
by SyneRyder 1415 days ago
Assuming you're a developer, by 33 you should have programmed email filters to handle this. The whole point of email is to have it automatically prioritized and sorted before you even start reading it. If your inbox is 100% automated messages, something has gone seriously wrong.

I wonder if Gmail is part of the problem. All the spam I receive at a Fastmail-hosted account is coming from hacked Gmail accounts. Google is doing nothing to stop it, even though a very simple filter at my end can automatically flag it. Gmail's outgoing mail servers are getting reported into blocklist reputation oblivion in recent weeks - could be worth switching to a paid provider.
2 comments
feet 1414 days ago
I'm sorry but not everyone is a programmer. What about the other 95% of the population who deals with the same spam fatigue?
link
tomcam 1414 days ago
How do you know Gmail is doing nothing to stop it?
link
SyneRyder 1414 days ago
I've reported it to admins via various methods (eg Spamcop), and Google was declining to accept spam reports. (ie Google's email contact address was listed as "google-abuse-bounces-reports@devnull.spamcop.net") I'll double check that is still the case and try again with Google when the next one comes through.

The spam I'm talking about almost always has "new autobot" or "new cryptobot" in the subject, and usually has an infected PDF attached. A simple outbound check for that would be enough to flag likely compromised accounts. That's the simple filter rule I'm using to kick it automatically into my spam folder for later review.

One of the more egregious servers is mail-lf1-f48.google.com:

https://www.abuseipdb.com/check/209.85.167.48

But it's also coming from mail-yw1-f180.google.com, mail-yw1-f181.google.com and mail-yw1-f182.google.com, and those are just the servers I've seen in the last 24 hours.

https://www.abuseipdb.com/check/209.85.128.180

https://www.abuseipdb.com/check/209.85.128.181

https://www.abuseipdb.com/check/209.85.128.182

I am assuming it is the Google accounts that are compromised, and not Google's own mail servers. But I suppose it's possible that Google itself is pwned.

link
tomcam 1413 days ago
Well that’s disheartening. What a series of events. Thanks for giving it a try.
link