Oh and btw, unless you have another different issue you are reporting, this well documented behavior has been reported before: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/266688832/article.pl *grumble* -- Todd Fries .. todd@xxxxxxxxx _____________________________________________ | \ 1.636.410.0632 (voice) | Free Daemon Consulting, LLC \ 1.405.227.9094 (voice) | http://FreeDaemonConsulting.com \ 1.866.792.3418 (FAX) | "..in support of free software solutions." \ 1.700.227.9094 (IAXTEL) | \ 250797 (FWD) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A http://todd.fries.net/pgp.txt Penned by Todd T. Fries on 20080510 13:04.42, we have: | Yes this is very frustrating. | | The details are not so hard to guess. Unless this post is different, | anyone can send an email to a nonexistent user at a google service and | they accept it and bounce back to the envelope recipient. *sigh*. | | We are going back to the stone age by copying qmails default stupidity. | | This is doing very much harm. | | I would even go as far as to say that Google is making a business case for | its latest purchase, postini, in a very evil way, every second this proble | goes unsolved. | | *sigh* | -- | Todd Fries .. todd@xxxxxxxxx | | _____________________________________________ | | \ 1.636.410.0632 (voice) | | Free Daemon Consulting, LLC \ 1.405.227.9094 (voice) | | http://FreeDaemonConsulting.com \ 1.866.792.3418 (FAX) | | "..in support of free software solutions." \ 1.700.227.9094 (IAXTEL) | | \ 250797 (FWD) | \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ | | 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A | http://todd.fries.net/pgp.txt | | Penned by Michael Scheidell on 20080510 9:55.32, we have: | | | | | | > From: <pablo.ximenes@xxxxxxx> | | > Date: 7 May 2008 20:37:46 -0000 | | > To: <bugtraq@xxxxxxxxxxxxxxxxx> | | > Subject: Exploiting Google MX servers as Open SMTP Relays | | > | | > | | > Vulnerability Report: | | > | | > As part of our recent work on the trust hierarchy that exists among email | | > providers throughout the Internet, we have uncovered a serious security flaw | | > in Ggoogle's free email service, Gmail. | | > | | > Disclosure: | | > We have contacted Google about this issue and are waiting for their position | | > before releasing further details. | | > | | | | Don't hold our breath.. I have tried to get them to close this very hole for | | maybe a year now. | | | | (see/'google' for posts in bugtraq and spamassassin users group showing | | headers from unrelated domains sending spam through google mail servers.. | | They ignore the emails to abuse@xxxxxxxxxx) | | | | | | -- | | Michael Scheidell, CTO | | >|SECNAP Network Security | | Winner 2008 Network Products Guide Hot Companies | | FreeBSD SpamAssassin Ports maintainer | | | | _________________________________________________________________________ | | This email has been scanned and certified safe by SpammerTrap(r). | | For Information please see http://www.spammertrap.com | | _________________________________________________________________________
