I have tried sending spam samples as attachments, looks like that didn't work, probably list spam filter rejects them. Uploaded them here: https://www.dropbox.com/sh/dtoz0af0k5b86ic/AAC4mFJeTqFUjuEF41jj13XNa?dl=0
All of them are exploiting the same flaw I reported a *month* ago. Scenario: Attacker sends a message via Klaviyo, Sendgrid, Sender.net, SFR, etc to their own email address, then massively replays that message via whatever IP addresses under their control. It doesn't matter that the IP addresses might be without rDNS match, not included in SPF records, DMARC can be set to reject, all of that is ignored. Gmail thinks it's authenticated with the abused domain, and counts all the spam messages against the domain's reputation. Given that the amount of spam sent this way is staggering, it quickly damages the domain. Sorry for losing my nerve, but it is harming our reputation for a month now, I have tried all possible channels to report this, and the issue is being completely ignored. [image: Sender] Edgar Vaitkevičius, founder / CEO ed...@sender.net On Wed, Mar 2, 2022 at 5:29 PM Marcel Becker <marcel.bec...@yahooinc.com> wrote: > > On Wed, Mar 2, 2022 at 2:00 AM Edgaras | SENDER via mailop < > mailop@mailop.org> wrote: > >> >> sorry, I can't describe the stupidity and incompetence of Gmail systems >> lately without resorting to expletives. >> > > Personally I think it's more productive -- and in the spirit of this > mailing list -- to focus on sharing more details and examples so maybe the > community can form their own opinion and even help, than doing what you are > doing. > > - Marcel > >
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
