Yeah, people are starting to understand the inner workings of "intelligent" proxies and gateways set by free email service providers. Dancho Danchev should start implementing and/or introducing some real security preventions to organizations since he's well-known. Yet, all he does is blog about the issues, where are the solutions? CAPTCHA's can be broken. They are flawed by nature. Their very design is buggy. Forging IP headers are automated now, it's just silly. The bad guys will always be a step ahead of the good guys if people like this guy is part of the media (giving him the benefit of getting word out) and does nothing but collect historical data and analytical information.
I saw a couple of days ago 2 tools that allow you to automatically open Gmail and Yahoo accounts AND automaticly send emails through the newly opened account. This basically allows the spammers to send out millions of emails from approved emails, bypassing all spam filters. The increase in Gmail's amount of spam sending is due to the fact that the CPATCHA algorithm was broken, Spamming has never been so easy...
Mega interesting post. I found very soon that I can send emails through Gmail SMTP. But I have a question here. What about the server I use to authenticate ? Didn't Gmail feel those authentications ? Can't he ban the connections from that IP ?
Yes, if Google catches you doing this, it will blacklist your IP address and so the domains hosted on the same IP too.
Do you have any idea how many emails can be sent through gmail and at what interval so that gmail wouldn't ban the IP ? What if someone makes 10 simultaneously connections to 10 email different accounts and send emails, how fast do you think gmail will ban that IP?
But why would you want to use GMail's smtp server anyway? To send spam of course so you're gonna get banned regardless
Sending spam means to send unsolicited mails, but sending mails to peoples who can use your service and know for sure that they give them address for this purpose is something else.
But why do you want to send through GMail's servers? Why not just send through your ISP's smtp servers?
I saw that this kind of marketing is used by hi5, sending emails through peoples account. I've just asked
I don't have exact idea, but they definitely get the spamming domain/IP lists from some organizations which help fighting SPAM. They have their BigDaddy DC now and I think Gmail stays there.