Most Popular

Top Stories Latest Featured

Xbox 360 outsells PlayStation 3 in Japan

CyberPower intros Gamer Xtreme XI system

Weekend tech reading (10.5)

Picasa 3 beta for Linux available

Play Crysis Wars for free

Google and Yahoo postpone advertising deal

Windows XP downgrades extended for 6 more months

Interview with Nvidia about CUDA and the future

More Top Stories

Downloads & Drivers

Downloads Drivers Essentials

DeviceLock 6.3 Build 16192

Google Chrome Beta 0.3.154.0 for Windows

32bit Web Browser 08.10.01

WinRescue XP 1.08.44

GoodSync 7.5.0

Image for Windows 2.20

AudioGrail 6.13.2.158

More Downloads

TS Community

Recent Discussions Community Archive

Memory Issues

Error: Object expected at line number

Loss of gigs

Newegg

Laptop is totally bombed, please help

More at the Forum

Subscribe

Newsletter Our Feeds

Receive weekly updates on new articles, news and contests in your mail!

Email address:

IT

Security flaw turns Gmail into spamming machine

By Jose Vilches, TechSpot.com
Published: May 12, 2008, 11:56 AM EST

According to a recent report by the Information Security Research Team, a flaw in Google’s email service makes it vulnerable to becoming a massive spam machine. The team claims to have successfully created a proof of concept exploiting the “trust hierarchy” that exists between mail service providers, allowing them to send 4000+ messages in a short period of time from a single account.

The study explains that IP addresses of spam offenders are often blacklisted, while those of known good sources – such as Gmail – are immune to most spam filtering. The vulnerability enables a malicious user to bypass these blacklist / white-list based email filters and freely forge all fields in an email message by having Google’s SMTP servers tricked into functioning as open SMTP relays. There has been no official comment by Google on this matter yet, but hopefully the problem will be resolved in short order.

Related Stories

2 comments
RSS

User Comments (2)

Post a comment
phantasm66
on May 12, 2008
1:45 PM		I find this sort of thing quite fascinating.

Islander
on May 13, 2008
1:26 PM		The story describes a flaw in the Gmail service that could be exploited by a "malicious user," as reported by INSERT. My daughter uses Gmail and says she sees no problems with her email. Is this still merely a potential problem, or are the Gmail filters being bypassed as we speak?

Frank

Browse more commented news