Monday, June 30, 2008

The e-mail is coming from inside the in-box!

In what appears to be the next level of Spam horror stories, today, when I was searching my "sent mail" in G-mail, I noticed e-mails I had not generated, addressed to my addresses. In other words, it appeared that I had spammed myself.

Yes, that's right, there was Spam from me, to me. I'm not sure how this is possible, but Gmail had better take a serious look at what's going on here. I can understand a spammer simply putting my address into the "from" field, but what we have here, it would appear, is spam from INSIDE my Gmail account. How is that possible?

It's bad enough that people hijack your e-mail address to send spam, and then you get black listed so that you can't send an e-mail to your grandmother because AOL thinks anything coming from your domain must be spam.


Update, July 1, 2008: After some in-depth examination of the issue, I've found the culprit. It would seem that you can easily use Gmail as an outgoing SMTP server without a password, therefore, someone can use your Gmail account for their outgoing SMTP, and the sent mail will appear in your "sent" box. This seems like a major problem that Gmail needs to look into.

No comments: