Avanan’s research on spoofed emails bypassing Google’s SMTP relay service was featured in Help Net Security. In the blog, Avanan describes that companies often use Google’s SMTP relay service to send large-numbered promotional emails to users without their mail server blocklisting the message. Phishing actors, however, are spoofing the service and succeeding with their attacks on those who lack DMARC policy configured with ‘reject detection’ for those domains. As Help Net Security writes:


The overarching answer to this known security problem is for companies to use the DMARC protocol – as Google advises. But until that becomes the norm, recipients are advised to check the headers of unsolicited email messages and refrain from opening attachments or clicking on links in those messages if they aren’t able to check whether they are malicious or not.


Read more here