Once a company reaches critical mass, they've been allowed to think they can get away with the bare minimum, or, anything.
That's how MS got hacked and ... did nothing about it until Congress stepped in and slapped them publicly. Now, "security" is all that Satya Nadella is talking about at MS apparently. Until then you needed to be an E5 subscriber to even view access logs. I don't like government intervention but these big guys can be national threats due to their size and the effects they can have over everyone else.. Scott On Thursday, 11/07/2024 at 18:40 Michael Peddemors via mailop wrote: Yes, as we all know.. threat teams and spam filtering teams spend a LOT of resources on those.. but when you see exactly the same samples year after year, you have to question their motivation.. (right now 'their' meaning specifically Gmail and o265) And 'rejecting' the messages IS possible, but it's whack a mole, and telling the bad guys you know how to stop their messages (eg via a 5xx) means they simply adept. Tried 4xx responses, thinking maybe they (gmail) look at the queues, but as Brandon once said.. it's such a small drop in the bucket.. don't know if they look at their queues unless a gmail paying customer complains..) And a few phishing actors that found they were being blocked, simply moved to using compromised/free gmail accounts.. And of course, the sources are always obfuscated. Oh, and .. Subject: 1st page Of Google .. always gets through ;0 Marketers with domains on Google (paying) always get their emails out, users of Gsuite, Groups, and other Google tools, the emails get out. The thing is, for most people, these are all in the Spam folder. Which makes you wonder, if the simplest of spamassassin default rules can catch it, how is it that the big guys can't? Especially with the resources they can put to it if they wanted.. I mean.. the nigerian spam leakage has been leaking from them for 20 years.. some of those obvious ones, should trigger automatic suspension of the accounts, right? Millions of dollars in loses can be attributed to these types of scams, and frankly Comsumer Protection agencies should be all over them.. you can make up your own reasons why they aren't. So, maybe you are right.. maybe the industry as a whole has to step up and say enough is enough.. but again.. 'Too big to block'. If anyone blocked Gmail, they wouldn't be around very long. Maybe the next step is to simply filter all gmail, to a Gmail folder, and let the users decide for themselves. We have to give credit where credit is due, the RBL operators have been fighting the good fight for a long time, but we can't expect that to be the solution. End of the week for me.. was planning on a "State of Union" email this week, but since the large amount of Gmail spam was part of that report, opted to respond to your email instead. On 2024-07-11 14:21, Scott Q. via mailop wrote: > What irks me is that Gmail's / MS365's IPs never seem to get blacklisted > by Spamhaus for example. Spamcop actually had the courage to list > MS365's because they also send tons of spam and ironically enough, > everyone is upset at Spamcop because how dare they. Yeah, we should just > let these guys get even bigger and spam even more people because surely > then, they will care enough to stop the abuse. > > I know it's not easy to handle hundreds of millions ( billions ) of > e-mail accounts but they should suffer the same consequences as everyone > else if they can't keep abusers in check. > > Just my 2 cents. > > > On Thursday, 11/07/2024 at 16:54 John Levine via mailop wrote: > > It appears that Scott Q. via mailop > said: > >-=-=-=-=-=- > >-=-=-=-=-=- > > > >Surprisingly, most of the Spam that makes it through these days is > >from Gmail. I'm not sure if they gave up completely on fighting the > >spammers that sign-up but I'm always increasing the score assigned to > >Gmail originating e-mails because of this. > > > >99% of them are SEO offers and whatnot, surely it can't be that hard > >to block this type of outgoing message. > > I also get a great deal of B2B spam from Google. While I am no > happier about > it than you are, I would not assume it's because they don't care. > > I get the spsm to the same ill chosen addresses* over and over so I > assume someone > is selling spamming kits with a Gmail signup and a list of > victims. Would be nice > to figure out who and where they are. > > R's, > John > > * - I mean, business development spam to the head of an anti-spam > organization with a budget you need a magnifying glass to see? Really? > Yup. > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop > > > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop -- "Catch the Magic of Linux..." ------------------------------------------------------------------------ Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Reg. TradeMark of Wizard Tower TechnoServices Ltd. ------------------------------------------------------------------------ 604-682-0300 Beautiful British Columbia, Canada _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
