Assuming this is the same thing that we (Cloudmark) are seeing then yes, this has been going on for quite a while now and increasing in popularity as a delivery mechanism.
AFAICT its mainly used with domains that are part of GSuite and you can potentially filter on a lot of those as they are obscure newer gTLDS (checking the List-Unsubscribe header for the URL is probably easiest). The problem though it that they are able to create unlimited subdomains under that domain so are able to create many groups with the same domain, and then each subdomain can have untold numbers of lists itself... Most of the spam then uses 2 or more URL shorteners so that is something else that you might want to key on. On Wed, 31 Oct 2018 at 11:51, john <[email protected]> wrote: > Hi, > Anyone seen a rise in spam from Google Groups? Got an e-mail address that > seems to have been added to some Google Groups that someone has created > to send spam to... seems like a reasonable idea from a spammers point of > view- why not let google do the sending as it will come from a more > trusted sender! > > We block the sender and then it just ends up added to another group a few > days later with a similar address. Reported to google but hasn't seemed to > help. Google clearly aren't checking that the addresses were optted-in > etc.. any suggestions on best way to deal with this? > > Cheers, > > John > > _______________________________________________ > mailop mailing list > [email protected] > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > -- James Hoddinott
_______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
