Re: [mailop] Still Don't understand Google's relaying systems.. Duplicate Return-Path, and other things..
> They're a legit Google customer. What's there to marvel at? https://developers.google.com/gmail/api/guides <- have a look. -- Atro Tossavainen, Founder, Partner Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635) Tallinn, Estonia tel. +372-5883-4269, https://www.koliloks.eu/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Still Don't understand Google's relaying systems.. Duplicate Return-Path, and other things..
On Thu, Oct 26, 2023 at 10:07:30AM -0700, Michael Peddemors via mailop wrote: > Not to be 'snide' Atro, but that part is pretty obvious.. You would have thought so - I would have thought so too. Which is why I reacted that way to your asking about it. > It was the technical details I was searching for, on HOW it is able > to relay from those IPs.. please review the original post again.. I > thought I was clear on that.. They're a legit Google customer. What's there to marvel at? -- Atro Tossavainen, Founder, Partner Koli-Lõks OÜ (reg. no. 12815457, VAT ID EE101811635) Tallinn, Estonia tel. +372-5883-4269, https://www.koliloks.eu/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Still Don't understand Google's relaying systems.. Duplicate Return-Path, and other things..
Not to be 'snide' Atro, but that part is pretty obvious.. It was the technical details I was searching for, on HOW it is able to relay from those IPs.. please review the original post again.. I thought I was clear on that.. This doesn't appear to be the standard relay path/source/methods.. On 2023-10-25 12:45, Atro Tossavainen via mailop wrote: Maybe Brandon can weigh in on or off list, but is there a a way for spammers to simply relay out Gmail servers if they are Google Cloud? $ host -t txt sredplus.com sredplus.com descriptive text "google-site-verification=gyoD4DWS9XSrAmz9s5Pc9OBLvvowksBJtB0Oi-DAlsQ" sredplus.com descriptive text "v=spf1 mx include:_spf.google.com include:24145163.spf02.hubspotemail.net include:sendgrid.net -all" $ host -t mx sredplus.com sredplus.com mail is handled by 10 alt3.aspmx.l.google.com. sredplus.com mail is handled by 5 alt2.aspmx.l.google.com. sredplus.com mail is handled by 5 alt1.aspmx.l.google.com. sredplus.com mail is handled by 1 aspmx.l.google.com. sredplus.com mail is handled by 10 alt4.aspmx.l.google.com. I guess those two tell you everything you need to know: their email infrastructure is Google, they're just using it for cold email^W^W spam in addition to their regular stuff. This is really commonplace these days. -- "Catch the Magic of Linux..." Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop -- "Catch the Magic of Linux..." Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Still Don't understand Google's relaying systems.. Duplicate Return-Path, and other things..
> Maybe Brandon can weigh in on or off list, but is there a a way for > spammers to simply relay out Gmail servers if they are Google Cloud? $ host -t txt sredplus.com sredplus.com descriptive text "google-site-verification=gyoD4DWS9XSrAmz9s5Pc9OBLvvowksBJtB0Oi-DAlsQ" sredplus.com descriptive text "v=spf1 mx include:_spf.google.com include:24145163.spf02.hubspotemail.net include:sendgrid.net -all" $ host -t mx sredplus.com sredplus.com mail is handled by 10 alt3.aspmx.l.google.com. sredplus.com mail is handled by 5 alt2.aspmx.l.google.com. sredplus.com mail is handled by 5 alt1.aspmx.l.google.com. sredplus.com mail is handled by 1 aspmx.l.google.com. sredplus.com mail is handled by 10 alt4.aspmx.l.google.com. I guess those two tell you everything you need to know: their email infrastructure is Google, they're just using it for cold email^W^W spam in addition to their regular stuff. This is really commonplace these days. > > > -- > "Catch the Magic of Linux..." > > Michael Peddemors, President/CEO LinuxMagic Inc. > Visit us at http://www.linuxmagic.com @linuxmagic > A Wizard IT Company - For More Info http://www.wizard.ca > "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. > > 604-682-0300 Beautiful British Columbia, Canada > > This email and any electronic data contained are confidential and intended > solely for the use of the individual or entity to which they are addressed. > Please note that any views or opinions presented in this email are solely > those of the author and are not intended to represent those of the company. > ___ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop -- Atro Tossavainen, Chairman of the Board Infinite Mho Oy, Helsinki, Finland tel. +358-44-5000 600, http://www.infinitemho.fi/ ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
[mailop] Still Don't understand Google's relaying systems.. Duplicate Return-Path, and other things..
This spammer or mail to hire company, spams through Gmail services.. Return-Path: Received: from mail-io1-f50.google.com (HELO mail-io1-f50.google.com) (209.85.166.50) ... However.. X-Google-Smtp-Source: AGHT+IF+YQj10sXzr631pp0MqKBzywMKwgMR40jKetDYeAC5No/cCx2lD4x7tB7lheld3srQrM8NAQ== X-Received: by 2002:a05:6602:1506:b0:7a9:945f:e46 with SMTP id g6-20020a056602150600b007a9945f0e46mr3494887iow.13.1698244416314; Wed, 25 Oct 2023 07:33:36 -0700 (PDT) * As you can see above, this is a straight SMTP relay.. Return-Path: * Gmail fails to strip any existing Return-Path Received: from sredplus.com (217.11.133.34.bc.googleusercontent.com. [34.133.11.217]) by smtp.gmail.com with ESMTPSA id a19-20020a02ac1300b00459d7c3dcf3sm3398637jao.115.2023.10.25.07.33.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Oct 2023 07:33:35 -0700 (PDT) * It originates from Google Cloud IPs.. Date: Wed, 25 Oct 2023 14:33:35 + From: Sales Team Message-ID: <6539273fe0c38_134044157...@sidekiq-email-sending-56bfbc7c8b-lfb9j.mail> Maybe Brandon can weigh in on or off list, but is there a a way for spammers to simply relay out Gmail servers if they are Google Cloud? -- "Catch the Magic of Linux..." Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company. ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop