Google classify their own security alerts as spam. Or they just can’t be arsed with sorting out DKIM.

  • Australis13@fedia.io
    link
    fedilink
    arrow-up
    48
    ·
    6 months ago

    I don’t think this is from Google. Note how the from address is “via” something? None of the official Google Security Alerts I have received have that.

    • dave@feddit.ukOP
      link
      fedilink
      English
      arrow-up
      8
      ·
      6 months ago

      Yeah, it’s to my recovery account. But DKIM is set up on that account and fetched via google. Probably some kind of weird back emf somewhere.

      • Kit@lemmy.blahaj.zone
        link
        fedilink
        arrow-up
        9
        ·
        6 months ago

        Does it actually show DKIM failing in the headers? I find it hard to believe that Google would allow their DKIM to be misconfigured, and if they did there would be thousands of people experiencing this behavior and posting about it.

        • dave@feddit.ukOP
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          6 months ago

          Yes—this is what I see. But I don’t work in this area, so still not sure if it’s google or my domain that’s borked, and quite frankly… All I used to test my domain was MXToolbox, and that reported everything configured correctly.

    • dave@feddit.ukOP
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      3
      ·
      6 months ago

      True, but in this case it was. And I usually get two of them—one to my main account and one to my ‘recovery’ account and one of them ends up in spam.

      From the google ‘Meh, it kinda works’ School of Design.

      • Starbuck@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        6 months ago

        What does that via say? That looks like it was forwarded or something. IDK, it looks like Google correctly identified something fishy about that email, and they don’t exempt their own emails from the rules (which is good).