I get two or three of these a day. They are not from Gmail but have a "reply to" address that is a Gmail account. The messages cone from an email account that passes SPF and DKIM. So the sender and reply domains differ, but that isn't unique. I have email that I need that arrives like that.
I am on the Postfix list where this does belong, but I looked at the problem and decided it isn't worth fixing. I suppose I could whitelist the senders who have sender and reply to domain differences, but then I would have to deal with the people I bounce the first time because they aren't white listed.
I suspect these spammers do have Gmail accounts but you can't report that address because technically no spam came from that account. You could report the sender account. However some days I get spam with the same reply to Gmail account but different sender account.
Original Message
From: M.Roos@f1-outsourcing.eu Sent: June 11, 2020 1:26 AM To: dovecot@dovecot.org; sebastian@sebbe.eu Subject: RE: SV: handling spam from gmail.
I know it is not dovecot who should fix this. But anyone using dovecot is using an MTA, and receiving spam ;) I know how to look at email headers. Spf and dkim is not solving anything here.
-----Original Message----- From: Sebastian Nielsen [mailto:sebastian@sebbe.eu] Sent: donderdag 11 juni 2020 10:23 To: Marc Roos; 'dovecot'; 'users' Subject: SV: handling spam from gmail.
This is not a job for dovecot. You should look into whatever is your MTA (exim, postfix etc) and implement the solution there.
But my initial suggestion is to check SPF and DKIM of the email. Because I know that gmail does terminate spammers quick, but if you don't validate SPF or DKIM, you might be a victim of spoofed Gmail email.
Best regards, Sebastian Nielsen
-----Ursprungligt meddelande----- Från: dovecot-bounces@dovecot.org <dovecot-bounces@dovecot.org> För Marc Roos Skickat: den 11 juni 2020 10:21 Till: dovecot <dovecot@dovecot.org>; users <users@spamassassin.apache.org> Ämne: handling spam from gmail.
I am sick of this gmail spam. Does anyone know a solution where I can do something like this:
- received email from adcpni444@gmail.com 2. system recognizes this email address has been 'whitelisted', continue with 7.
- system recognizes as this email never been seen before 4. auto reply with something like (maybe with a wait time of x hours): Your message did not receive the final recipient. You are sending from a known spam provider network that is why we blocked your message. Please confirm that: - you are not a spammer and - you have permission to use the mail adress you send your message to - you and your provider agree to uphold GDPR legislation - you and your provider are liable for damages when breaching any of the above.
Click link to confirm and you agree with the above https://www.domainwithoutletsencryptcertificate.com/asdfasdfadsfaf
- sender clicks confirm url
- email address is added to some white list.
- email is delivered to recipient.