Emails going to spam folder in gmail

Grant Taylor cctalk at gtaylor.tnetconsulting.net
Sun Jan 3 13:23:01 CST 2021


On 1/3/21 8:40 AM, Peter Coghlan wrote:
> Grant,

Hi Peter,

> Do you think it is likely that an email address like 
> check212014 at gmail.com is used by an actual real person for their 
> personal email?

I absolutely do.

> Multiply the odds of the above by the odds that some spammer 
> or other individual of malicious intent has had the capability, 
> the persistence, tenacity and sheer ill will in them that it would 
> take to carry out a vendetta against poor old check212014 at gmail.com 
> for five long years, not to mention that when they only succeeed in 
> causing check212014 at gmail.com any actual difficulty is on the rare 
> occasions that their trawl of mail servers of the internet manages 
> to turn up an actual open mail relay?

I know multiple people that have signed victims up to mailing lists -- 
many of which were questionable content -- as an attack on said victims.

Pretending to send email from said victims to cause bounces and ire to 
be (mis)directed at them seems quite the same to me.

Five years?  Sure.  Many people will create filters and simply ignore 
the messages.  As such, it's effectively internet background radiation / 
wasted bits.

> Whack-a-Mole works when everyone whacks their moles.  When one major 
> property owner decides they aren't going to whack the moles in their 
> garden when all the neighbours keep theirs under control, they are 
> going to end up with all the moles in their lawn.  (We don't have 
> real live moles in the part of the world were I am so please forgive 
> me if my analogy is not accurate due to my lack of familiarity with 
> the species.)
> 
> I am not a lawyer but it appears to me that check212014 at gmail.com is 
> doing nothing that violates Google's terms of service for using Gmail,

So ... by your own words, there is nothing that Google should be doing 
per their terms of service.

> which indicates to me that the terms of service are flawed because 
> they allow someone to use Google's infrastructure to scan for open 
> relays to exploit as spam delivery platforms.  As far as I know, 
> no other email provider allows this.

I've not seen anything in any provider's terms of service that say 
anything about what type of email they receive, save for exceedingly few 
categories; child porn and illegal activity among the short list.

I have yet to see anybody state that sending an email to an invalid 
email address and (potentially) receiving a bounce is illegal.

So, again, no grounds for Google to do anything.

Feel free to try to get Google to change their terms of service.

> I don't see how this relates to Google allowing their services to 
> be used to test my mail server (and likely thousands of others too) 
> numerous times over multiple years for being an open relay that could 
> be exploited to distribute spam.

Are the messages /originating/ from Google / Gmail?

Or are the messages /originating/ from somewhere else and causing the 
bounces to go to Google / Gmail?

The former is something Google cares about.  The latter quite likely is not.

> If you burn a junk (snail) mail, could there be a security lapse in 
> your furnace that would cause it to be replicated into a thousand 
> copies of itself, run up your chimney and distribute itself into 
> thousands of your neighbours letterboxes?  If not, I think you can 
> rest easy in the knowledge that you are not causing the problem.

The /recipient/ of the messages is *not* the problem.  The /source/ of 
the messages *is* the problem.

What is done with what is received is independent of the source of the 
problem.

> Nothing.  The problem is with the terms of service.  This is where 
> the evil is.

See above regarding terms of service.

> I feel obliged to try suggestions made in good faith, if nothing 
> else just to prove they don't work.  I made one general report 
> regarding the issues with check212014 at gmail.com over the last 
> five years using the form Mike suggested.  Since then, there have 
> been two further attempts to relay mail through my mail server to 
> check212014 at gmail.com.  I have made two specific reports using the 
> form Mike suggested, providing all the details I have available to me.

Good for you.  Thank you for trying to maintain the high road.

> Interestingly, both attempts were made from 37.46.150.239.

Full stop.

37.46.150.239 is *NOT* Google IP address space.

According to WhoIs, that address space belongs to Serverion BV.

So, chances are quite good that your reports to Google are going to be 
silently dismissed because the source of the abuse does not originate 
from Google resources.  If anything, Google's user is also a victim.

> The abuse contact email address for 37.46.150.239 listed in 
> whois.ripe.net is abuse at serverion.com.  I have had reason to send 13 
> reports of abuse of my systems by various Serverion BV ip addresses to 
> abuse at serverion.com during December alone.  I have had zero response 
> from them and the abuse from their ip address range continues daily.

Sadly, many companies leave a LOT to be desired when it comes to abuse 
handling, especially when the abuse originates from their organization.

If you routinely have problems with Serverion, then I suggest you 
consider blocking them.

> Guess who handles the mail service for abuse at serverion.com? 
> Who enables Serverion BV to drop abuse reports in the bitbucket 
> more likely.  That's right, Google mail services.  Why is this not 
> a surprise to me?

Who handles Serverion's incoming email has exceedingly little to with 
who's responsible for traffic originating from Serverion's network.

> Regards,

Likewise.



-- 
Grant. . . .
unix || die


More information about the cctalk mailing list