[openssl-users] Fwd: CONGRATULATION____REF#87670

Ben Humpert ben at an3k.de
Sat Apr 2 22:30:15 UTC 2016


Fun Fact: (For me) Gmail often marks completely legit emails from
mailing lists as spam and you manually have to mark them as "no spam".
The fun comes in when you notice that actual spam is not marked as
such at all.

Looks like strong encryption is much easier to develop than a decent
spam filter.

The main problem I guess is that neither Google nor any other major
email provider actually block other email providers who do not offer
SPF, SMTP2SMTP encryption or whatever else. If they would do so, we
would have solved most major (email) problems within a week or at
least a month. Either by forcing those to offer these security
features or by "killing" these providers indirectly.

2016-04-02 17:41 GMT+02:00 Jeffrey Walton <noloader at gmail.com>:
> On Sat, Apr 2, 2016 at 11:24 AM, Salz, Rich <rsalz at akamai.com> wrote:
>>
>>> why is junk like this not being caught?
>>
>> Almost all of it is.  Nothing is perfect.  Thanks for your understanding and patience.
>
> I was looking at some of it landing in my Inbox. Its all from Gmail
> users. The headers are Gmail headers submitted via the web. The DKIM
> signatures are OK. There are no headers to indicate its been
> forwarded. The {from|return|reply to} address does not appear to
> forged. Here's an example header from another Gmail user who contacted
> me: http://pastebin.com/hRAtRt7S.
>
> I've also had a couple of people contact me asking me to stop spamming
> them. I looked at two of those headers, and it clearly appears to be
> coming from me though I did not send it (and no evidence in my
> Outbox).
>
> I'm thinking there's a vulnerability in the Gmail or Google servers we
> have not heard about.
>
> Jeff
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


More information about the openssl-users mailing list