Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I have been getting tons of PDFs which in the previews shows pictures of women. The subject and body of the emails just seems to be random words like in a seed phrase, and with some random single digit numbers. The email is sent from office, hotmail or gmail accounts and verifies. The TO field is also filled with other emails. I have been getting this for like 3 or 4 months, and report as spam does not work. In all the years I have had a gmail account it has never really been a problem.


Microsoft has the problem as well, it's not just Google. Do they not filter outgoing?

  Message ID <9UOejz_TlFksgoyXm9GI5Q@notifications.google.com>
  Created at: Fri, Jan 20, 2023 at 9:14 AM (Delivered after 0 seconds)
  From: "Girl Shows Girl cast a lookSTART JOIN Muriel (Classroom)" <no-reply@classroom.google.com>
  To: XXXXXXXXX
  Subject: Class invitation: "Check Join now View gambling Babe amidcustity"
  SPF: PASS with IP 209.85.220.69 Learn more
  DKIM: 'PASS' with domain google.com Learn more
  DMARC: 'PASS' Learn more


  Message ID <DM6PR18MB3569050DD20FD0372DA98C9DCEC59@DM6PR18MB3569.namprd18.prod.outlook.com>
  Created at: Fri, Jan 20, 2023 at 4:50 AM (Delivered after 3 seconds)
  From: hoven patroo <hovenpatrool@hotmail.com>
  To: XXXXXXXXXX
  Subject: 名梦 t94396350
  SPF: PASS with IP 40.92.18.30 Learn more
  DKIM: 'PASS' with domain hotmail.com Learn more
  DMARC: 'PASS' Learn more
You would think they'd do some basic bayesian filtering. This was stuff we fought in 2002.


The first one is generated by apparent user actions from paid organizations. Although it's clearly spam, you can see how this is difficult for a provider to tackle, because all of the superficial signals are good: authenticated user, paid account, using official APIs. Obviously they need to step up their defenses against abuses like sharing from docs, calendar, etc to stop bad actors from laundering their spam through Google's highest-reputation internal senders.

When I worked in this area of gmail we called this the "russian urologist" problem. How do you correctly classify traffic like this when hypothetically some of your customers want to send and receive messages about viagra in russian? Casual observers will say that is spam but not to the russian urologist.


I bet I'd get flagged if I tried to email 100 of my customers from my gmail account in the same hour.


Probably, but what if you uploaded a PDF to Drive and shared it to a giant mailing list?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: