[anti-abuse-wg] Abusive behavior by Google Inc

Post hoc ergo propter hoc

--srs

> On 14-Apr-2016, at 8:38 PM, andre at ox.co.za wrote:
> 
> On Thu, 14 Apr 2016 20:24:11 +0530
> Suresh Ramasubramanian <ops.lists at gmail.com> wrote:
> 
>> I don't work for gmail fyi (as a quick google search will tell you,
>> or a Bing if you hate google so much) and I don't use sorbs either,
>> not since the late 2000s anyway.
>> 
>> Without seeing a smtp txn with logging all the way up or a tcpdump I
>> am not sure what is going on but a read error probably means you're
>> dropping the smtp connection right after the 5xx without giving gmail
>> the time to gracefully QUIT the smtp session.  Or vice versa
> 
> No. 
> 
> This is a gmail bounce to a gmail customer (for example my own gmail
> account)
> 
> nothing to do with @ox.co.za - except that @ox.co.za sends:
> JunkMail rejected - is in an RBL, see Client host blocked using Barracuda Reputation, 
> see http://www.barracudanetworks.com/reputation/?r=1  etc etc.
> 
> so, when Gmail cannot deliver to @ox.co.za - because of dnsbl (whether it
> is SORBS, SpamCop, SpamID.net or whomever, Gmail does not tell the
> customer that the mail is being returned because just a minute earlier
> google tried to drop 1000 phish on ox.co.za - instead tells the
> customer: "read error" technical failure -- it is not a technical
> failure at all! - it is simply that google is sp[amming (or being used
> by their users to distribute spyware/phish or whatever) and it is NOT A
> technical read error at all!
> 
> 
> 
>> --srs
>> 
>>> On 14-Apr-2016, at 8:05 PM, andre at ox.co.za wrote:
>>> 
>>> On Thu, 14 Apr 2016 19:51:27 +0530
>>> Suresh Ramasubramanian <ops.lists at gmail.com> wrote:
>>>> This isn't quite mailop but anyway - what specifically do you mean
>>>> by replace here?
>>> Yes, but is is an abuse wok group - it is important that the group
>>> also discusses abuse, more so if their is abusive behavior from a
>>> huge multinational.
>>> 
>>>> Do you strip mime parts that you consider spam or malware and
>>>> replace them with a suitable message?  And is the gmail mta not
>>>> reacting well to that?
>>>> 
>>>> Examples would be interesting - certainly much more interesting
>>>> than a vague rant.
>>> Not a vague rant at all - the original post already contains the
>>> information. Gmail is behaving poorly/abusively.
>>> 
>>> maybe you require me to add additional information? - as there is
>>> ZERO chance that you do not know what I am complaining about...
>>> 
>>> I do wonder why you are not simply replying honestly and openly?
>>> 
>>> ... Gmail customer sends email from Gmail to @ox.co.za
>>> 
>>> ox.co.za responds: Listed at SORBS Currently sending SPAM!
>>> 
>>> Gmail sends "improved" bounce report to Gmail customer:
>>> 
>>> example:
>>> 
>>>> Date: 14 April 2016 at 14:09:39 SAST
>>>> To: customer at gmail.com
>>>> 
>>>> Delivery to the following recipient failed permanently:
>>>> 
>>>>   andre at ox.co.za
>>>> 
>>>> Technical details of permanent failure: 
>>>> read error: generic::failed_precondition: read error (0): error
>>>> 
>>>> ----- Original message -----
>>> 
>>> 
>>>> --srs
>>> 
>>> andre
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>>>> On 14-Apr-2016, at 7:17 PM, andre at ox.co.za wrote:
>>>>> 
>>>>> Hello,
>>>>> 
>>>>> Incase anyone receives weird NON RFC bounces, from @gmail.com
>>>>> customers saying:
>>>>> 
>>>>> Technical details of permanent failure: 
>>>>> read error: generic::failed_precondition: read error (0): error
>>>>> 
>>>>> What this means is:
>>>>> 
>>>>> Google Inc does REPLACE the "Blocked for abuse / spam /scams /
>>>>> phish / virus / spyware messages from the various filters
>>>>> 
>>>>> and sens a cryptic non RFC message to their users implying that
>>>>> the receivers email server is broken in some way....
>>>>> 
>>>>> This is truly EVIL of Google to do...
>>>>> 
>>>>> As they, Google are the ones sending PHISH / VIRUS/ SCAMS / SPAM!
>>>>> 
>>>>> Example: @209.85.218.43
>>>>> 
>>>>> http://www.scammed.by/scam.php?id=185816
>>>>> 
>>>>> 
>>>>> Instead of SOLVING the abuse - Google chooses to send CRYPTIC
>>>>> technical failure messages...
>>>>> 
>>>>> Because they are a monopoly and they are simply just too large to
>>>>> care??
>>>>> 
>>>>> Yes, of course!
>>>>> 
>>>>> Andre
>