Submission + - Security flaw turns Gmail into open-relay server (arstechnica.com)
sveard writes:
More over at Ars Technica
A recently-discovered flaw in Gmail is capable of turning Google's e-mail service into a highly effective spam machine. According to the Information Security Research Team (INSERT), Gmail is susceptible to a man-in-the-middle attack that allows a spammer to send thousands of bulk e-mails through Google's SMTP service without fear of detection. This attack bypasses both Google's identity fraud protection mechanisms and the current 500-address limit on bulk e-mail.
Compounding the issue is the fact that services such as Hotmail and Yahoo "trust" Gmail. This may facilitate e-mail delivery, but it also makes it easier for spammers to reach their intended targets.More over at Ars Technica
