digg

Join DiggAbout

Discover the best of the web!
Learn more about Digg by taking the tour.

Security Flaw Turns Gmail into Open-Relay Server

arstechnica.com — A newfound flaw in Google's Gmail allows would-be spammers to treat the service as an open-relay server. Compounding the issue is the fact that services such as Hotmail and Yahoo "trust" Gmail. This may facilitate e-mail delivery, but it also makes it easier for spammers to reach their intended targets.

Bury
show profanity settings
expand all
  • Alix7, on 05/11/2008, -16/+8Truth be told, I use G-mail as my porn drive.
    • sjbdallas, on 05/11/2008, -3/+9Well, if that's all you have then you don't have enough.
  • xptweakerntn, on 05/11/2008, -2/+51If you can't trust Gmail, who can you trust?
    • grumpyrain, on 05/11/2008, -0/+2Man Bear Pig?
    • Zippo, on 05/11/2008, -0/+4the Muffin Man?
      Hmm, no, that guy is an *****. I've never trusted anyone from Cherry Lane.
    • jabberwolf, on 05/12/2008, -1/+1Um Microsoft maybe?
      Or is the trendy hate keeping you from it ?
  • DeMoNX4187, on 05/11/2008, -8/+1Who doesn't? LOL
  • YourMom1, on 05/11/2008, -10/+3What is going on with Google lately?
  • IanPR, on 05/11/2008, -3/+39Exploit?! LETS ADVERTISE IT!
  • n0odles, on 05/11/2008, -3/+40Google still owns. Google offers IMAP for free, but Hotmail & Yahoo charges for it.
    • joe90210, on 05/11/2008, -2/+4except the way gmail handles IMAP is obviously the product of a ***** retard
      • Tenoq, on 05/12/2008, -0/+1Not sure why you're getting dugg down. Google's IMAP service is so slow it's almost unusable. Tried creating a folder and moving 100 or so messages into that folder? FAIL. It's just not fast enough.
  • JulyZerg, on 05/11/2008, -2/+3Ugh. Not good...
  • theaverageidiot, on 05/11/2008, -2/+20I sense great deals on MS Office and Viagra.
  • MAGZine, on 05/11/2008, -1/+26Google Team, ASSEMBLE!

    I betcha it'll be fixed rather soon if not already.
  • SemiSarcastic, on 05/11/2008, -1/+5I dunno, I kid of like the spam that reads "install Demon Linux get free babies blood with purchase!", "Wanna win a bathtub xbox360 attachment?", "BUY CLOTHES FOR FREE ONLINE WITH CREDIT CARD!!".
    • lcarsdeveloper, on 05/11/2008, -0/+5My favorite is "Mary, is your penis too small?"
    • digger4445, on 05/11/2008, -0/+1try listing to spamradio.com for hours of enjoyment ... why you can even burn a cd and listen to it while on your family road trip!!!!!!!!!!!!!!!!!
  • inkhead, on 05/11/2008, -8/+5You can trust gmail? When was this? Was this back before it started when the National Security IT office helped plan out how they would access and do searches in realtime without causing problems? Or how all your chats, your links, your searches, your calendars, your docs, your spreadsheets, and your life is shared in realtime to the directors office.
    • trevorh, on 05/11/2008, -2/+12Say what you want but I remember when the department of justice was demanding search information from AOL, MSN, Yahoo, and Google only Google had the balls to challenge the ridiculous request in court.
      • fkr3, on 05/11/2008, -1/+3And then there was China....

        Google's just a company, they do good things and they do bad things.
      • karolisonline, on 05/11/2008, -0/+2google is just a sort of Internet microsoft
        • HonoredMule, on 05/12/2008, -0/+1Not really. Google's net effect on my computing life is positive.
    • alittleroy101, on 05/11/2008, -0/+1I doubt 'the director' is following my google chats in real time.
  • DRagonRage, on 05/11/2008, -3/+3what?! where is the stuff (actual implementation)?
  • hadak, on 05/11/2008, -1/+7Remember that whole dreamcast revival website thing? I was one of the idiot/assholes who signed up for that. Shortly after, I started getting emails from myself. (Totally different password for each site). I'm wondering if they spoofed my email address and used gmail to send it out with this exploit.

    Or...it's 1am, and i'm ***** exhausted.
  • ElBeh, on 05/11/2008, -1/+4Well seeing how it's Google, with the resources they have, it's probably fixed by now.
  • morrowc, on 05/11/2008, -0/+2thanks for not having any actual content on arstechnica nor the original site??
  • kretik, on 05/11/2008, -1/+3Hahahah! Well, what can one expect of this company anymore? Is anyone here surprised in the least? I mean, c'mon, it's high time that everybody realized that.... oh wait, this is... Google? Umm...

    I'm pretty sure this is a misunderstanding and someone is trying to do a hack job on Google, just as if this was Apple. Yeah, I'm pretty sure that's it. Microsoft must be behind it.
  • julianp, on 05/11/2008, -2/+0something something SSL-encapsulated smtp

    where am I? who moved my pants?
  • thailand1972, on 05/11/2008, -1/+1Google's SMTP is effectively open relay? The downside is : recipient servers will be blocking IP addresses, not just domain names, so while this open relay has been open, slowly buy surely servers around the world have been filtering out Google IP addresses which will affect all Gmail users.
  • thebrok3nsystm, on 05/11/2008, -0/+1Gmail just fixed SMTP like a month ago? Always thought it was ridiculous that you could email spoof on such a large email provider.
  • wytedevl, on 05/11/2008, -0/+1Thank you very much for posting an article that can enable even more spam sent to my mailboxes douchebag!
  • spawnfree, on 05/11/2008, -0/+2ok, i want to know who of you have bought or even clicked on anything from a spam email.
    Why do these people keep doing it?
    • alittleroy101, on 05/11/2008, -0/+3I am hoping for an even larger penis, while making millions on Ebay.
  • dancingearth, on 05/11/2008, -0/+1I hope Google's Postini would solve the problem.
  • Giddon, on 05/14/2008, -0/+0Emails travel in unpredictable routes. Can't trust any service, especially not the free ones. On occasion when I have to email something confidential i use the free YouDeny.com service. It offers encryption on demand, with nothing to install, ready to use from any computer. Not for routine encryption though.
  •  

    Login or register to add a comment

    Create a new account or login to join in the conversation on Digg. You'll also be able to Digg stories to help promote things you like.


© Digg Inc. 2008 — Content posted by Digg users is dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.