Hi all,
First of all i am writing this email from yahoo because from my own domain it seems it's not working because i have DMARC setup and apparently something(maybe ezml) is messing up with the headers. If you have any ideea to whom should i address i will more than happy :)
I am also receiving a lot of spam from google (aparently always domain is trix.bounces.google.com) and all spam is using google forms.For me the problem is solved(meaning that all of these spam is going to quarantine and bayes is learning about those) but i was wondering if:
1) Since email are coming from google how come google is not doing anything?
2) Are those spam sent manually ? It will be a nightmare for a spammer to do this but how come there not any limitation coming from google if spam are sent via mass-bulk programs/interfaces/etc?
3) I am using also a local(my own) RBL which is trained with IPs from spam. It is queried by spammasssin because i don't want to reject from MTA but use it in conjunction with others scores/rules. Now i have doubts that if i keep adding IPs from google i will end up having all google MTAs added and legit email might be hurt in the progress. What do you think ? Do you have insides about this trix.bouces.google.com? Looking on RBL doesn't looks too great and it seems from his domain there is spam which is actively sent.
4) I though that maybe google launch something similar with sendgrid but i don't find any reference about it and also the envelope-from are different i didn't found a common denominator. Few examples:
envelope-from <3lXRKXxQOBqgUMOIUQTTQWVa.RJfIaRLLQITWOJZIVL.ZcWNNQKMOaJMb.ZW@trix.bounces.google.com>envelope-from <3Qte3XwgJBdML8USYTTW5Bz7A.1DBz0JH35H03I.GD@trix.bounces.google.com>envelope-from <3senTXxQJBtgJ8N8L4G4HA5I.54HECHAAG4CF.6IGI99C68AM58N.LI@trix.bounces.google.com>envelope-from <3pgTVXxMJBQkrwox0lkwkjwt.x0p.wppvjru.lxvjk31np1kn2.0x@trix.bounces.google.com>envelope-from <3Qc7WXxIJDT4rw.wfxmjjifgizqm99lrfnq.htrhtxrns.lfnyfslxgjy.wt@trix.bounces.google.com>envelope-from <3VT3KXwwJDvwqymqymqmrk55kqemp.gsqmsryx.tixvmwsvkwfix.vs@trix.bounces.google.com>envelope-from <3UxLDXwsJD4gymp6m645uzJsymux.o0yo045qx.stq03stqs4nq5.30@trix.bounces.google.com>
Above also a full example of an email:
https://pastebin.com/DW6dvdxP
Thanks in advance,Iulian
First of all i am writing this email from yahoo because from my own domain it seems it's not working because i have DMARC setup and apparently something(maybe ezml) is messing up with the headers. If you have any ideea to whom should i address i will more than happy :)
I am also receiving a lot of spam from google (aparently always domain is trix.bounces.google.com) and all spam is using google forms.For me the problem is solved(meaning that all of these spam is going to quarantine and bayes is learning about those) but i was wondering if:
1) Since email are coming from google how come google is not doing anything?
2) Are those spam sent manually ? It will be a nightmare for a spammer to do this but how come there not any limitation coming from google if spam are sent via mass-bulk programs/interfaces/etc?
3) I am using also a local(my own) RBL which is trained with IPs from spam. It is queried by spammasssin because i don't want to reject from MTA but use it in conjunction with others scores/rules. Now i have doubts that if i keep adding IPs from google i will end up having all google MTAs added and legit email might be hurt in the progress. What do you think ? Do you have insides about this trix.bouces.google.com? Looking on RBL doesn't looks too great and it seems from his domain there is spam which is actively sent.
4) I though that maybe google launch something similar with sendgrid but i don't find any reference about it and also the envelope-from are different i didn't found a common denominator. Few examples:
envelope-from <3lXRKXxQOBqgUMOIUQTTQWVa.RJfIaRLLQITWOJZIVL.ZcWNNQKMOaJMb.ZW@trix.bounces.google.com>envelope-from <3Qte3XwgJBdML8USYTTW5Bz7A.1DBz0JH35H03I.GD@trix.bounces.google.com>envelope-from <3senTXxQJBtgJ8N8L4G4HA5I.54HECHAAG4CF.6IGI99C68AM58N.LI@trix.bounces.google.com>envelope-from <3pgTVXxMJBQkrwox0lkwkjwt.x0p.wppvjru.lxvjk31np1kn2.0x@trix.bounces.google.com>envelope-from <3Qc7WXxIJDT4rw.wfxmjjifgizqm99lrfnq.htrhtxrns.lfnyfslxgjy.wt@trix.bounces.google.com>envelope-from <3VT3KXwwJDvwqymqymqmrk55kqemp.gsqmsryx.tixvmwsvkwfix.vs@trix.bounces.google.com>envelope-from <3UxLDXwsJD4gymp6m645uzJsymux.o0yo045qx.stq03stqs4nq5.30@trix.bounces.google.com>
Above also a full example of an email:
https://pastebin.com/DW6dvdxP
Thanks in advance,Iulian