gmail issue

Merrill Oveson moveson at gmail.com
Thu Aug 16 17:06:19 MDT 2012


On Thu, Aug 16, 2012 at 4:54 PM, John Shaver <bobjohnbob at gmail.com> wrote:
> On Thu, Aug 16, 2012 at 4:09 PM, Merrill Oveson <moveson at gmail.com> wrote:
>> Pluggers:
>>
>>
>> Pretend we are xyz company.  So my email is moveson at xyz.com.  xyz
>> email is hosted thru gmail.
>>
>> Some of our users got an email from support at xyz.com.
>> Now our support team never send the email.  It's obvious spam.
>>
>> The question is: If we flag the email as spam, are you flagging
>> support at xyz.com as spam,
>> or is gmail smart enough to know to flag the sent from ip address?
>
> This is called email spoofing.  If wanted to, I could send you an
> email as bill at microsoft.com and it would come through fine.  If they
> flag it as spam, then, in most spam systems, it will affect legitimate
> emails from the same email address.
>
> The most common defense I've seen people try to use for this is SPF
> records.  You can specify SPF information in your DNS TXT records that
> specify which servers are allowed to send out mail from your domain.
> Unfortunately, people don't always send email out through your SMTP
> server.  When they are away from the office, they may want to send
> mail from their home connection and their ISP may require them to send
> out mail via their SMTP server and block ports otherwise (this is very
> common among the big ISPs).  This means that legitimate mail will be
> flagged due to SPF records.   I see very few large companies using
> solid SPF records on their domain for this reason.  Most are just set
> to flag, but not deny mail from other servers.
>
> The other issue is that many mail servers do not even check SPF
> records and aren't required to, although I think most do.
>
>
>> It drives me crazy that gmail doesn't show the full headers.
>
>
> Even if you showed full headers, it would be very difficult to know
> who the mail actually came from and if it was legitamate if you don't
> know how to read email headers and see what servers we can confirm
> they went to (gmails servers only know which server handed them the
> mail, any other relays could be faked in the headers).
>
> More info on email spoofing:
>
> http://en.wikipedia.org/wiki/E-mail_spoofing
>
> and Sender Policy Framework:
>
> http://en.wikipedia.org/wiki/Sender_Policy_Framework
>
> -John Shaver
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */

Thanks for the responses...

Yeah, I have an spf1 record in my DNS for our domain.
I guess gmail didn't bother to read it, or it's set up wrong.  ?

ie.:        v=spf1 a mx ?all

Or does gmail require a special spf1 record setup in their DNS?


More information about the PLUG mailing list