Google Groups spam has gotten real silly as of late..
Google needs to start including the originating IP information on more
of their mail flows.
Getting to the point that all Google Groups mail will be affected..
super obvious stuff..
Grrr... just a rant.
and a lot more 'phishing' on those groups.. Heavy use of .de domains
eg..
X-Spam-Checked-In-Group: [email protected]
X-Original-Sender: [email protected]
Be nice if there was an 'X-Original-IP', could easily use that to stop a
lot of these actors.. and to confirm that it is the same group as the
one that has been operating all year..
On 2026-01-20 02:31, Suresh Ramasubramanian via mailop wrote:
It is a Google groups issue if that is the case but it is also a zendesk
issue, if they’ve gone and set their ticketing system up so that anyone
at all other than the originator of a ticket or zendesk support staff
can update the ticket and have it send out email. That is the
ticketing system version of an open relay.
--srs
------------------------------------------------------------------------
*From:* mailop <[email protected]> on behalf of Paul Smith* via
mailop <[email protected]>
*Sent:* Tuesday, January 20, 2026 3:03:39 PM
*To:* [email protected] <[email protected]>
*Subject:* Re: [mailop] Spam influx coming through spoofed Zendesk tickets
On 20/01/2026 05:20, Lothar Serra Mari via mailop wrote:
Hi all,
since a couple of days, I'm seeing an influx of spam mails sent via
Zendesk tickets.
The spammers open fraudulent tickets at companies using Zendesk and
either spoof the headers or enter random (e.g. mine and from a couple
of others I talked to) mail address as contact address.
I'm not exactly sure what you're seeing, as you didn't include headers,
but what we often see is:
- spammers add (probably accidentally) support desk email addresses, and
our email address, to a Google Groups list
- spammers send spam email to the Google Group, which sends the spam to
everyone, including the support desks
- support desks send automated ticket acknowledgements back to the
Google Group, which goes to everyone in that Google Group, including us
If that's what's happening to you, it's not really a problem with
ZenDesk (or the other support desks), but with Google Groups for
allowing unconfirmed email addresses to be added to Groups
We've started blocking all mail from Google Groups, unless they've been
explicitly whitelisted.
Paul
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
<https://list.mailop.org/listinfo/mailop>
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Reg. TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
