Have you had problems receiving e-mail from Gmail users recently? If so, you’re one of thousands. Over the past month, major anti-spam vendors have had to apply scrutiny to Gmail in a way they haven’t had to before, and the result is reduced delivery performance and sometimes outright blocking of Gmail. Some messaging hosts are being instructed to reject SMTP connections from Google.
Google CAPTCHA crack
It all began when Google’s bot-busting CAPTCHA for Gmail was defeated sometime in February. According to sources around the anti-spam industry, the result has been a marked increase in spam originating from Gmail SMTP servers. Some say the spam increase started even earlier, but all are in agreement on one thing: this is a serious problem.
After we learned of mail being greatly slowed by MessageLabs’ corporate filtering service, we contacted them to see what’s up. A support analyst with MessageLabs, a major provider of software-as-a-service anti-spam filtering, told Ars Technica that “some spammers have hacked into the Gmail captcha system, and were able to relay spams appearing to come from Googlemail’s IP addresses. This has caused many IPs of theirs to appear to be sources of spam.” For their customers, this means a decrease in performance. “We have a traffic-shaping system that throttles IPs that we believe to appear to be a source of spam. The result is that for the past couple of days we have been seeing issues like this with Gmail,” the analyst concluded.
Later, once we confirmed that their servers were not only slowing the delivery of mail but sometimes outright refusing connections to some Gmail relays (we have connection refused errors to prove this), another support analyst told us that “Gmail has sent out a lot of spam recently, and they are registering on our traffic shaping system.” When spam is sent out over a Gmail relay, that relay can sometimes get completely blocked, causing problems for thousands of legitimate Gmail users. MessageLabs then has to play whack-a-mole, trying to throttle only the SMTP relays that are spamming.
We have been able to verify the blocking problems, as well as extremely long delays in delivering messages (delays of four hours and up to 24 hours have been seen on hundreds of emails in our investigation). The problem can be maddening because not all Gmail relays are affected, and the relays effected change frequently. Hence you may be getting some e-mail on time, while others aren’t coming through. Even some corporate Google e-mail has been blocked, we have confirmed.
Notably, the Postini anti-spam filtering service does not appear to be affected at this time. Postini was acquired by Google last year. Purely client-side filters such as SpamBayes are also not affected, but clients using IP-based blocking like the RBL may experience delays or blocks as well.
The real damage currently appears limited to select SaaS filtering solutions, such as MessageLabs, MX Logic, and Antigen (we have reports, but no confirmation from Microsoft at this time). A source at another anti-spam company who wished to remain anonymous did say that Google can expect more problems if the CAPTCHA crack cannot be stopped. His product team was already working on the issue, but they were unsure how best to handle it.
Via ARS Technica