I have a pretty high regard for Google and their Gmail email service. They really seem to strive to keep its reputation sterling. But lately a persistent spam has been coming in to me from one of their users and no action is being taken, so I am beginning to wonder.
It’s not that I don’t get spam from Gmail account holders. I do. That’s not shocking as I get hundreds of spam each day since my address is available from whois registrations on hundreds of domains, amongst other readily available sources.
How do I know it’s a real Gmail user and not someone spoofing the sender address? These two headers tell me:
Received-SPF: pass (google.com: domain of firstname.lastname@example.org designates 22.214.171.124 as permitted sender) client-ip=126.96.36.199; Received: from mail-pb0-f44.google.com ([188.8.131.52]) (using TLSv1) by drjohnstechtalk.com, etc.
In other words one of the received headers provided by a trusted server gives me the IP of the sending server (184.108.40.206), which is in Google’s directly allocated IP space.
This can be confirmed at arin.net.
The email itself looks like this:
From: "Tom Zhu" <email@example.com> Dear Sir/Madam, We are owner of your_domain.mx and Presently we would like to know if you have an interest in buying it. We are looking to sell this domain for 2,000 Euro. It has been listed on Sedo.com. You can buy it through the following link: https://sedo.com/search/details.php4?domain=your_domain.mx ...
But instead of your_domain the email mentions a specific copyrighted domain name.
I’ve filed lots of other abuse complaints about other Gmail senders as well, but those others seem to be one-off spams and I don’t get additional emails from them. Yes it takes time to fill out the abuse form, but I do it for the overall good of the Internet. We technical people have a responsibility to make our world better…
I am personally miffed and professionally concerned that Google Gmail may not be operating as clean a shop (white glove) as we all had thought. Here I’ve documented a specific case of documented abuse about which they have done nothing for months on end.
Gmail abuse link.
ARIN’s IP lookup service is here.
A detailed look at how enom has handled some spam/domain complaints is written up here.
My successful fight to conquer scads of Chinese language spam is documented here.