My issue with
Google and evil is that they provide no way that I can
find to bring abuse of Google facilites (to send spam for example)
to their attention so that the abuse can be stopped. For example,
someone has been testing my mail server to see if it can be used to
relay spam by forging emails as coming from various email addresses in
my domain name and addressed to check212014 at
gmail.com and attempting
to feed these emails into my mail server (which doesn't accept them)
from compromised ip addresses. This has happened nearly two hundred
times over a period of five years now. I have made numerous attempts
to bring this to the attention of Google so that they could put a
stop to this check212014 mailbox being used for this abusive purpose
yet I have failed. You seem to have the magic touch. Can you let
me know how to bring this to Google's attention?
What you describe is a well known spam tactic and is not Gmail -> Google
specific. It is hoping to abuse a questionable setting of allowing
relay based on source domain, e.g. they are hoping that messages
purportedly from your domain will be allowed to relay through your
server(s).
You misunderstand. What is Gmail / Google specific about it is that this is
going on for nearly 5 years using the same recipient mailbox because it is
so far impossible to let Google know about it so that Google can can delete the
mailbox being used to receive the results of the relay testing which would
force the spammer create a new receiving mailbox nearly every time they test.
Similar probing using receiving mailboxes on other major email providers
systems does not last last more than a day or two before the mailboxes get
deleted after mail admins reported them.
Aside: This is exactly why you should not allow relay based on the
purported source domain.
Anyone who tries to do that will rapidly find out that it does not work and
they certainly won't have to wait 5 years to find it out.
If the IPs perpetrating this attack are outside of Google's control,
then there really is nothing that Google can do.
There most certainly is something that Google can do. They can cancel the
mailbox that is being used to receive the results of the relay testing,
provided it is possible to let Google know that the mailbox is being abused
that is. I just don't have that difficulty with other major email providers.
Mike reports in another reply that he has unearthed a possible mechanism to
let Google know what is happening so maybe the problem has is becoming soluble
now. It will be interesting to see if the mechanism he found works.
Regards,
Peter Coghlan.
--
Grant. . . .
unix || die