Security flaw turns Gmail into open-relay server

by admin May 11, 2008 at 2:33 pm
0 Comment

A recently-discovered flaw in Gmail is capable of turning Google’s e-mail service into a highly effective spam machine. According to the Information Security Research Team (INSERT), Gmail is susceptible to a man-in-the-middle attack that allows a spammer to send thousands of bulk e-mails through Google’s SMTP service without fear of detection. This attack bypasses both Google’s identity fraud protection mechanisms and the current 500-address limit on bulk e-mail.

A flaw in Gmail that allows spammers to send a potentially unlimited number of messages is definitely a problem, but there’s another, external factor that could exacerbate any potential spam attack. As the volume of spam has risen—it currently accounts for 95 percent of all e-mail traffic—many e-mail providers have adopted whitelists and blacklists as a first line of defense against the flood. An e-mail from johdoe@awinnerisyou.com (or the corresponding IP address block) may be automatically blocked by any given e-mail service, while an e-mail from a trusted, authenticated source such as Gmail is automatically allowed through the gateway.

Full story: arstechnica.com

Related Content
Realme C15 Launching in India on August 18: Everything We Know So Far
Facebook’s CEO to meet PM Modi today
Firefox 4 Beta 1: A Visual Tour
Now, access Facebook on mobile devices for free
more news from the blog
Does JavaFX Spell The End Of AJAX?
Comma 1.0.2.3.
Dropbox for iPhone 1.1.1
ContactKeeper 1.4.3
Gmail Now Tells You Where Your Email Comes From
Nintendo confirms Wii price drop early
Microsoft finally unveils super-small PCs
Racer 0.8.5 Beta
UiKnow 0.6.2562
Xfire 1.133
WinSplit Revolution 8.06
Microsoft patches zero-day Windows Media flaw
DISCInfo 1.6.1
Gmail Gone Mobile
More Sources Claim Chinese Government Involvement in Cyberattacks on Google, Others
Update for Windows Desktop Search 2.6.5
Zilla PDF to TXT Converter 1.0.6
Disk Usage Analyzer 1.0.1
PlexTools Professional 3.13
ASUS Eee PC 900 Coming May 12 With $549 Price Tag
Dirac 1.0.0
Mozilla Developer Reveals What Firefox 4 Holds in Store
IE PassView 1.17
Microsoft Windows Malicious Software Removal Tool 3.22
Microsoft claims success against unlicensed XP
Intel buys OpenHand in netbook move
Windows Live Search Beta for mobile
Start++ 0.7.8
Picasa 3.6 Build 105.65
Videocore 2.5
GIMPShop 2.2.11
RAD Video Tools 1.9u
'Pentagon hacker' prepares for verdict