Google Spam – a new product?

I know that mail logs are not the most interesting thing on earth, but I’m not used to get spam from Google Mail… from Yahoo and MSN maybe, but not from Google… never ever… so I try to understand this:

May 20 21:43:16 mail postfix/smtpd[30948]: connect from qb-out-0506.google.com[72.14.204.235]
May 20 21:43:17 mail postfix/policyd-weight[2754]: weighted check: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_HELO_IP=-2 (check from: .gmail. - helo: .qb-out-0506.google. - helo-domain: .google.) FROM/MX_MATCHES_HELO(DOMAIN)=-2 qb-out-0506.google.com> alexandrearw7@gmail.com> , rate: -8.5
May 20 21:43:17 mail postfix/policyd-weight[2754]: decided action=PREPEND X-policyd-weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_HELO_IP=-2 (check from: .gmail. - helo: .qb-out-0506.google. - helo-domain: .google.) FROM/MX_MATCHES_HELO(DOMAIN)=-2 qb-out-0506.google.com> alexandrearw7@gmail.com> , rate: -8.5; delay: 0s
May 20 21:43:18 mail postfix/smtpd[30948]: 09CFB196802E: client=qb-out-0506.google.com[72.14.204.235]
May 20 21:43:49 mail postfix/smtpd[30948]: disconnect from qb-out-0506.google.com[72.14.204.235]

Yes, these servers belong to…

OrgName:    Google Inc.
OrgID:      GOGL
Address:    1600 Amphitheatre Parkway
City:       Mountain View
StateProv:  CA
PostalCode: 94043
Country:    US
NetRange:   72.14.192.0 - 72.14.255.255
CIDR:       72.14.192.0/18
NetName:    GOOGLE

Other people are getting tons of spam from Google as well as it seems.

See also: Exploiting Google MX servers as Open SMTP Relays

So why is that? Mmmh… because the cool and smart engineers at Google can’t handle their job:

We would like to clarify to the security community that we have contacted Google about the issue more than a week ago and no response was provided despite our clear intent of cooperation regarding this matter.

We have plans to submit a paper about our work on the trust hierarchy of email providers to the SBSEG’2008 over this weekend. Since the paper will necessarily include full details about the flaw, we see no point on withholding the full disclosure of our self-censored report.

We are still waiting to hear from Google and we sincerely hope that this flaw can be fixed before the full details about the problem are released. (Source)

This was 8 days ago. Hello? Somebody there!? I’m 99.99% sure that Google won’t answer to my spam report. They can’t even write a small mail to the team that found out how to use Google as open mail relay. Other large providers like T-Online are far more cooperative and they actually answer to your requests.

“We are Google. Resistance is a good idea, because: You will be spammed. We will add our spam mail to your mailbox. Your culture will have to learn how to adapt its spam filters.”