Published in
News
Google email serves up spam
Spammers launch dictionary attacks
Google's email servers are responsible for a huge amount of spam.
According to Slashdot, the spam triggers a bounced message off of a legitimate server. This server sends the reply back to the sender identified in the sender field. However, the sender field is usually forged, and innocent bystanders get backscatter email.
Spammers can launch dictionary attacks against Google domains using forged envelope sender addresses. Victims are then inundated with the bounce messages generated by the Google mail servers.
Slashdot seems to think that the proper behavior would be for the mail servers to reject email traffic to non-existent users during the initial SMTP transaction. Alas, Google does not do this.
More here.