Re: svn commit: r1828937 - /spamassassin/trunk/rules/60_whitelist_auth.cf

Wed, 11 Apr 2018 15:19:23 -0700 

On 11 Apr 2018, at 17:50 (-0400), Dave Jones wrote:


On 04/11/2018 04:29 PM, billc...@apache.org wrote:

Author: billcole
Date: Wed Apr 11 21:29:08 2018
New Revision: 1828937

URL: http://svn.apache.org/viewvc?rev=1828937&view=rev
Log:
Google Forms has generated spam, befouling the google.com reputation

Modified:
     spamassassin/trunk/rules/60_whitelist_auth.cf

Modified: spamassassin/trunk/rules/60_whitelist_auth.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rules/60_whitelist_auth.cf?rev=1828937&r1=1828936&r2=1828937&view=diff 
==============================================================================
--- spamassassin/trunk/rules/60_whitelist_auth.cf (original)
+++ spamassassin/trunk/rules/60_whitelist_auth.cf Wed Apr 11 21:29:08 2018 
@@ -80,7 +80,6 @@ def_whitelist_auth *@visadpsmessage.com
  def_whitelist_auth *@*.pinterest.com
  def_whitelist_auth *@indeed.com
  def_whitelist_auth *@*.hyatt.com
-def_whitelist_auth *@*.google.com
  def_whitelist_auth *@*.sears.com
  def_whitelist_auth *@*.jcpenney.com
  def_whitelist_auth *@*.landsend.com




Do you have an example email of this?
Discussed on the Users list today. A mostly-Thai form with an internal Hotmail address.
If we report this to Google and they handle it properly, it doesn't mean that we need to remove this entry unless there is a major problem with trust.
I disagree. Handling complaints (which Google mostly doesn't in any case) is entirely inadequate to justify trusting mail sent by users they don't actually know with an active backend that has a track record of abuse. Google Docs has become a phishing platform and we should not be telling people to trust it by default. 


A single email occurrence is not enough to remove them.
I don't have copies of the similar-sender garbage I've been rejecting because it has been aimed at bogus local addresses.
Besides, this *@*.google.com shouldn't be that common under a subdomain of google.com. It's not *@google.com which would be a higher risk.
No, *@google.com is still apparently only Google corporate mail. The only spam I've ever seen from such addresses is stupid recruiter tricks. 


--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole

Reply via email to