On 2025-09-18 08:34, Michael Peddemors via mailop wrote:
*.googleusercontent.com should not only not be sending email (either change PTR,or use a relay) so you can go beyond scoring, and simply reject.Also, given the history of abuse and/or compromises, we also recommend that you do NOT allow email authentication from those IPs, except as permitted in an allow.acl. Make sense?
I concur.We've been dropping packets originating from them without so much as an ACK for some 5yrs. Without *any* repercussions. Just reject. Your life will be much better for it. :)
On 2025-09-16 07:58, Scott Q. via mailop wrote:Sorry for reviving an older thread, we are still battling this Google spam issue.Anyone else scoring e-mails directly received from IPs with a PTR of *.googleusercontent.com ? Any downside to doing this ?Gmail/Workspace doesn't use that PTR but are there legitimate Google services that do ?Thanks! Scott On Thursday, 04/09/2025 at 16:21 Alex Burch wrote: They might have legacy accounts where port 25 is unblocked. I think Infusionsoft/Keap had their IPs hosted at GCP at one point and they had the port 25 block lifted to send with them. Thanks, Alex -- Alexander Burch ActiveCampaign / Senior Deliverability Engineer abu...@activecampaign.com <mailto:abu...@activecampaign.com> 1 North Dearborn St Suite 500, Chicago IL, 60602 <https://www.facebook.com/activecampaign> <http://www.twitter.com/activecampaign> <https://www.linkedin.com/company/activecampaign-inc-> <https://plus.google.com/107063868317743606466> <https://www.activecampaign.com/sig/?u=aburch&c=1> On Thu, Sep 4, 2025 at 9:12 AM Scott Q. via mailop <mailop@mailop.org <mailto:mailop@mailop.org>> wrote: I get that, but the question is more whether GCP blocks outbound port 25 or not. Their docs say they are blocking it: https://cloud.google.com/compute/docs/tutorials/sending-mail <https://cloud.google.com/compute/docs/tutorials/sending-mail> yet we see evidence to the contrary. Surely it's a configuration mistake somewhere (?). Maybe someone from Google can shed some light on this. Thanks!On Thursday, 04/09/2025 at 11:25 Michael Peddemors via mailop wrote:Careful.. the list admins don't like us using this list to complain about spam, but yeah.. Anything with a PTR of 1.132.64.34.bc.googleusercontent.com <http://1.132.64.34.bc.googleusercontent.com>. is suspect, and should be rejected (port 25) ... Standard ruleset for a couple of years.. but even more important, is the number of IPs in those ranges used in email hacking, and BEC Compromise attacks. You might even like to block attempts to other ports by default, and create a 'permitted' acl for IPs in those ranges for legitimate use. On 2025-09-04 07:55, Scott Q. via mailop wrote: > Anyone else seeing an uptick lately of Spam e-mails originating from > these ranges ? > > 34.64.132.0/22 <http://34.64.132.0/22> > 35.240.0.0/13 <http://35.240.0.0/13> > > Mostly e-mails with: Content-Type: text/plain; charset="iso-2022-jp" > > What's interesting is that GCP has outbound port 25 blocked by default > yet these hosts are able to do direct-to-mx deliveries. >> If anyone from Google is reading this - can you have a look ?> > Thanks! > Scott > > > _______________________________________________ > mailop mailing list > mailop@mailop.org <mailto:mailop@mailop.org> > https://list.mailop.org/listinfo/mailop <https://list.mailop.org/listinfo/mailop> -- "Catch the Magic of Linux..."------------------------------------------------------------------------Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com <http://www.linuxmagic.com> @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca <http://www.wizard.ca> "LinuxMagic" a Reg. TradeMark of Wizard Tower TechnoServices Ltd.------------------------------------------------------------------------604-682-0300 Beautiful British Columbia, Canada _______________________________________________ mailop mailing list mailop@mailop.org <mailto:mailop@mailop.org> https://list.mailop.org/listinfo/mailop <https://list.mailop.org/listinfo/mailop> _______________________________________________ mailop mailing list mailop@mailop.org <mailto:mailop@mailop.org> https://list.mailop.org/listinfo/mailop <https://list.mailop.org/listinfo/mailop> _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop-- "Catch the Magic of Linux..." ------------------------------------------------------------------------ Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Reg. TradeMark of Wizard Tower TechnoServices Ltd. ------------------------------------------------------------------------ 604-682-0300 Beautiful British Columbia, Canada _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
0xE512722F.asc
Description: application/pgp-keys
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
