[_] Spam mail sent from GMail account?
Keir Moffatt
hello at iamkeir.com
Thu Jan 3 00:51:42 GMT 2008
Found out some more info, the email did appear in his sent mail which
suggests it is more likely that it was sent from his account in some way.
And his filters are not at fault.
He also got the following feedback from Google groups but I don't think it's
overly useful:
"I have read other reports in GMail groups of messages using the exact
same words of introduction. These are sent by a spammer falsifying
your address. I don't think anyone is sure how they get your contact
lists, but you could teach those who ask about it how to identify
spam. Read the suspect e-mail with "All headers visible" or whatever
the option is called in their particular mail agent (e.g. GMail calls
it "Show Original"; Outlook calls it "View Options"). This will show
a lot of server-to-server messages including lines like:
"Received: from wa-out-0708.google.com (wa-out-0708.google.com
[209.85.146.243])
by mx.google.com with ESMTP id k21si19129506waf.
31.2007.12.30.01.04.19;
Sun, 30 Dec 2007 01:04:20 -0800 (PST)"
You can trace these from server to server and find that the message
actually didn't come from the person whose name appears in "From"
header.
It would be worth reporting this to Google in case there is a crack in
security somewhere. Get one of your friends who has received it to
open the headers view and copy that text back to you to forward to
Google. You will find contact information at GMail >> Help >> Spam."
I'm starting to think his account has been compromised, perhaps a security
flaw...
Anyway thanks for this and I may try and get him to report it to Google.
Keir