Gmail Exploitation Turns Service Into Spammer Paradise

INSERT, the Information Security Research Team, has created a proof of concept that exposes a serious security flaw in the way that Gmail forwards messages. This would mean would be spammers can use Gmail to send out massive amounts of spam messages. The flaw exploitation allows a userto send thousands of bulk emails through the SMTP service, completely getting around the 500-address limit and identity fraud protection.

The real problem is that Gmail is a trusted email service. Email providers have been using a system to determine who has “good” email and who has “bad” email, known as whitelists and blacklists. Gmail is a whitelist email service, and thus most other major providers (i.e. Yahoo and Hotmail) give Gmail free reign.

You can get the full rundown of the exploitation here, but much of it has been omitted as a courtesy to Google.”