Re: Exploiting Google MX servers as Open SMTP Relays
> From: <pablo.ximenes@xxxxxxx>
> Date: 7 May 2008 20:37:46 -0000
> To: <bugtraq@xxxxxxxxxxxxxxxxx>
> Subject: Exploiting Google MX servers as Open SMTP Relays
>
>
> Vulnerability Report:
>
> As part of our recent work on the trust hierarchy that exists among email
> providers throughout the Internet, we have uncovered a serious security flaw
> in Ggoogle's free email service, Gmail.
>
> Disclosure:
> We have contacted Google about this issue and are waiting for their position
> before releasing further details.
>
Don't hold our breath.. I have tried to get them to close this very hole for
maybe a year now.
(see/'google' for posts in bugtraq and spamassassin users group showing
headers from unrelated domains sending spam through google mail servers..
They ignore the emails to abuse@xxxxxxxxxx)
--
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com
_________________________________________________________________________