On 8/28/2024 at 07:27, Gellner, Oliver via mailop wrote:
We have seen an increase of spam and phishing emails from Google
Groups since 21.08. It seems the spammers are adding large amounts
of collected addresses to groups and then sending their spam messages
to the group address. While the spam itself is nothing new, the
actual problem follows when some involuntary members of those groups
have automatic replies enabled and reply to the group address, which
in turn trigger more auto replies from other members... While it's
possible to catch the initial spam message, those automatic replies
do not contain any spammy content (as long as they don't include a
full quote of the original message).
Ahhh yes, I forgot to mention that part: the OOO, etc., auto-replies
going back out to the Google Groups distribution as well. Sigh.
The only ways to block them which I have come up with is to either
create a custom script that adds the return path domain to a
blocklist as soon as a spam message from Google Groups has been
received, to block all further replies to this message, or to simply
block ALL messages from Google Groups and give your users an option
to disable this filter for themselves if they actually participate
in Google Groups.
So dropping Google Groups entirely: since Google's infrastructure is
"unblockable", I'd suspect keying on a Google Groups-specific header,
but how are you (and other folks) accomplishing this?
Robert
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
