Spam from Gmail accounts has appeared at least three years ago. Two years ago it caused Gmail servers to hit Spamcop’s database. But only now am I starting to notice it on my systems. My existing antispam arsenal may have protected me so far, but now I receive three or four illegitimate messages a day from that source, which is more than I tolerate.

Those messages have valid domain key signatures which lower their Spamassassin score enough to pass them as ham. If Google does not police its mail service better, then domain key signatures will become more than useless. A signature is only as good as its authority.

Meanwhile I will probably have to weight down the negative scores added through Mail::SpamAssassin::Plugin::DomainKeys.