ISP Spam

One thing I do not talk about very often is the amount of spam that comes out of ISP smarthosts. Generally this is because many of the major end user ISPs do a reasonable job managing their spam and the ratio of spam to not-spam mail coming out of their IPs is heavily weighted towards the not-spam end of things.
This has not always been the case, and there have been instances where ISPs particularly those providing webmail have been exploited by spammers, often Nigerians, and used to send tons of spam. It can take months to fix, and requires the ISP employees to actively seek and destroy problem accounts, block access from some IP ranges and change their security to prevent future compromises.
We know that spammers exploit webmail services and that there are things that the webmail services need to do. Recently, there seems to have been a massive uptick in the amount of spam coming through Gmail’s servers.
This is not a problem unique to Gmail, most of the other webmail companies have had similar infestations of 419 spammers in the past. The Nigerians figure out how to exploit some part of the webmail infrastructure, create tens of thousands of accounts and send spam through those accounts. Once the ISP fixes the problem, the Nigerians move on to the next webmail provider to abuse. Meanwhile, receivers can block some or most of the Nigerian spam by blocking on the X-Originating-IP. Much of the spam is blocked, but non-spam email from the ISP gets through.
In the Gmail case blocking is not so simple. As a matter of policy, Gmail does not put an originating IP address in email sent through the Gmail interface. Not having originating IPs puts receivers in the position of only having the option of blocking Gmail’s IPs, not the abusers who are using Gmail. This has been an unpopular policy decision by Gmail, and they have been approached by numerous groups to convince them to provide this level of information so receivers can make more selective blocking decisions.
It remains to be seen how quickly Gmail gets their outbound 419 spam under control. The rumblings I am hearing from people about the problem are getting louder. The supporting data quietly being handed around are astonishing and point to a genuine problem at Gmail. Hopefully, Gmail will take action now and stop spammers from abusing their system before the extent of their problem becomes more public.