Tuesday, October 18, 2016

Updates to Gmail’s SMTP Relay abuse detection, to help protect your domain’s email reputation

If your organization uses non-Gmail email server software, you can use the SMTP relay servicesetting to route outgoing mail through Google. This setting enables you to filter messages for spam and viruses before they reach external contacts and to apply G Suite email security settings to outgoing messages. However, if a spammer is able to get the username and password of a user at your domain, they may also be able to use the SMTP relay service to send messages on behalf of your domain.

With this launch, when Gmail detects abuse of the SMTP relay service by a domain’s user, we will now send admins a list of the users affected as well as some steps to identify why this problem is occurring. If a user is affected by this issue, admins should run virus scans on all of the user’s devices and make sure that their password is changed to prevent further abuse. It’s important to action these messages as soon as possible, because spam messages from these accounts can damage your domain’s email reputation to other mail providers and could have other negative effects on your mail flow.

This is our first step to let administrators know when we’ve detected abuse. We will be looking for other ways to keep your domain’s email reputation safe in the future.


Launch Details
Release track:
Launching to Rapid release, with Scheduled release coming in 2 weeks

Editions:
Available to all G Suite editions

Rollout pace:
Full rollout (1-3 days for feature visibility)

Impact:
Admins only

Action:
Change management suggested/FYI


More Information
Help Center