Security flaw turns Gmail into spamming machine

By on
According to a recent report by the Information Security Research Team, a flaw in Google’s email service makes it vulnerable to becoming a massive spam machine. The team claims to have successfully created a proof of concept exploiting the “trust hierarchy” that exists between mail service providers, allowing them to send 4000+ messages in a short period of time from a single account.

The study explains that IP addresses of spam offenders are often blacklisted, while those of known good sources – such as Gmail – are immune to most spam filtering. The vulnerability enables a malicious user to bypass these blacklist / white-list based email filters and freely forge all fields in an email message by having Google’s SMTP servers tricked into functioning as open SMTP relays. There has been no official comment by Google on this matter yet, but hopefully the problem will be resolved in short order.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.