On 4/27/2021 11:00 AM, Michael Peddemors via mailop wrote:
New Google Groups style spam outbreak..
Many of them (or all of them?) are doing the following:
(1) sent from legit Google mail servers
(2) the spammer's "payload URL" in the body of the message - is content
is hosted at *storage[.]googleapis[.]com* servers
(3) Those links are staying "live" for many days (possibly weeks/months?)
This combination (1 & 2) makes them difficult to block - especially for
small and medium sized hosters who don't have as much expertise and
resources to deal with this. Not to make excuses for such organizations'
lack of abilities or resources/time - but they shouldn't be forced to
expend such resources on dealing with "friendly fire" from google's
network. If Google were a small startup doing this right now, their IPs
and domains would all get onto anti-spam lists, they'd be put out of
business, and we'd "call it a day"! And then I also can't help but
wonder - how many of those smaller email hosters just lost business
email hosting customers this month to Google G-Suite - due to the
customers' frustration over these SAME spams getting to the inbox? See
the problem here?
Also, this storage[.]googleapis[.]com spam has been happening for a long
time - but they were sent from the spammers' own IP space (or other
irrelevant IP space) - now they suddenly figured out a way to get these
spams to be sent from Google MTAs.
--
Rob McEwen, invaluement
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
