Kay received two rather odd "Failed delivery" messages from Google Groups today.
The original email clearly wasn't from her at all - it was a spam. (Kay never uses Google Groups to send messages.) But there was a line in the header saying "domain of transitioning (ie Kay's email address) does not designate [the spammer's IP] as permitted sender".
So it looks as if our server (correctly) blocked the message from going out under Kay's email address. Well done, our server - on the face of it.
However, I'm now wondering whether this is just a back-door way of getting spam through, like this:
1. The spammer sends out a bulk message. Some get through, others are rejected.
2. Knowing that his message isn't getting through by conventional means, the spammer takes his list of recipients and uses those as transitioning addresses instead.
3. The spammer sends out his new bulk message. The message fails, and the transitioning addresses get failed delivery notifications, which include the spam. Message delivered.