In Gmail / GWS Calendar settings you can disable the "auto-add to calendar feature". Settings include - "add all", "add from contacts only", or "only when I respond".
Outlook has similar settings: Settings > Calendar > Events from email and select "Don't show event summaries in email or on my calendar" Yahoo has this as well. Calendar > settings > Invitations (On or Off). By default most of these are turned on, and the user has to turn them off. It might not block them, but it stops then from randomly showing in your calendar at least. ~ Matt On Wed, Nov 12, 2025 at 5:06 PM Kevin A. McGrail via mailop < [email protected]> wrote: > I can't share the info but Google is aware of the calendar abuse. They > are working on it. > > We've also seen SES start going the way of Sendgrid becoming a very bad > sesspool for spam. > > And I laughed when you say "wait until CloudFlare starts getting abused" > because CloudFlare protects so many of the bad actors, it's not even funny. > > Regards, > > KAM > > On 11/12/2025 4:36 PM, Michael Peddemors via mailop wrote: > > Yeah, there is little way to stop this without.. > > > > * playing whack-a-mole on phone numbers contained in invite > > * blocking all Google Calendar invites > > > > Once again, this has to be the sender responsibility <sic>, but this > > goes to show the eroding trend of obfuscating information, leading to > > abuse. Give the ability to send anonymously, and it will attract > > threat actors.. > > > > Amazon SES is a great example, and wait until CloudFlare starts > > getting abused. If you want email delivery to succeed, more > > transparency is required. > > > > Received: from a48-34.smtp-out.amazonses.com (HELO > > a48-34.smtp-out.amazonses.com) (54.240.48.34) > > .. > > DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; > > s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1762981891; > > > > h=Content-Transfer-Encoding:From:To:Reply-To:Subject:Message-ID:Date:MIME-Version:Content-Type:Feedback-ID; > > > > > bh=qOYZOZ272kZG+SbC7k+JP6ve7k9eJ9ZuEmelkzDT14k=; > > b=seWNnqo5BzTvo3MCarnFQ8Er+dagZ5u/D5bsqdOu9nVdl6chkP9j0V3Yl6+oC1EA > > ow0ksVugBOPK93IQiZMC03mQIT7fsE8TSm50rxqW8wgnRR0aZcvctTqcsg+NeJHnMiC > > CvLIkKhzjSbGESAQhJQGxibERjgUGD+CLFIkOAVg= > > Content-Transfer-Encoding: quoted-printable > > From: Revenue Unit <[email protected]> > > To: <redacted> > > Reply-To: [email protected] > > Subject: Overview Audit > > Message-ID: <[email protected]> > > Date: Wed, 12 Nov 2025 21:11:30 +0000 > > MIME-Version: 1.0 > > Content-Type: text/html; charset=utf-8 > > Feedback-ID: > > ::1.us-east-1.M7eHMda1Faa6suUxyNQpj0UCMQ7UspPByedrB4oe/30=:AmazonSES > > X-SES-Outgoing: 2025.11.12-54.240.48.34 > > > > How would you differentiate this type of malware, from all other > > traffic flows using Amazon SES (Fake Tax Refund Spam) > > Additional trace headers, at least showing what the originator was > > would be helpful. > > > > > > On 2025-11-12 07:42, Scott Q. via mailop wrote: > >> Not sure what to make of this. The contents of the invite show: > >> > >> Organizer > >> DAVID DEITHER LAURENTE > >> QUISPE<mailto:[email protected]> > >> [email protected]<mailto: > [email protected]> > >> > >> > >> and ayacucho.edu.pe mail is handled by 1 aspmx.l.google.com > >> > >> So these aren't free accounts - spammers compromised entire tenants > >> and created their own accounts there in order to receive mail back ? > >> > >> Scott > >> > >> On Wednesday, 12/11/2025 at 06:29 Hans-Martin Mosner via mailop wrote: > >> > >> Am 11.11.25 um 17:25 schrieb Scott Q. via mailop: > >> > >> But these seem like legitimate Google issued invites, not faked > >> in any way - maybe compromised accounts ? > >> > >> Anyone from Google can chime in if you are aware of this issue ? > >> We can't really start scoring/blocking Google calendar invites, > >> or can we ? > >> > >> They are Google. Do you seriously expect them to care? > >> > >> Most likely the accounts used to send have been created for the > >> purpose of spamming. Handing out free anonymous accounts is what > >> makes Google attractive to spammers (and the fact that these > >> accounts can stay active for sufficient time despite being reported > >> as spam sources). > >> > >> Doing something at the receiving end is pretty difficult, as the > >> difference between unwanted and wanted invites isn't clear in the > >> general case. You might be able to detect URLs within the text that > >> indicate unwanted stuff, anf you might treat invites from senders > >> who have had previous contact with the recipient as likely desired, > >> but all of this is very error-prone. > >> > >> Cheers, > >> Hans-Martin > >> > >> > >> _______________________________________________ > >> mailop mailing list > >> [email protected] > >> https://list.mailop.org/listinfo/mailop > > > > > _______________________________________________ > mailop mailing list > [email protected] > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
