BLOG

Google Apps – where’s my abuse@

Most ISP feedback loops require you to demonstrate that you’re really responsible for your domain before they’ll start forwarding reports to you. The usual way that works is pretty similar to a closed-loop opt-in signup for a mailing list – the ISP sends an email with a link in it to the abuse@ and postmaster@ aliases for your domain, and you need to click the link in one or both of the emails to continue with the feedback loop signup process.

That’s mostly there to protect you, by making sure that someone else can’t get feedback loop messages for your domain. And it’s not too difficult to do, as you should already have an abuse@ and postmaster@ alias set up, and have someone reading the abuse@ alias.

But maybe you’re using Google Apps to host your corporate email, and that’s the domain you need to use for your feedback loops. So you go to create abuse and postmaster users, but it won’t let you – you just get the error Username is reserved for email list only. Uhm, what?

Google want to police use of domains hosted on their service, so they automatically set up abuse and postmaster aliases for your domain, and any mail sent to them is handled by Google support staff. You may well be happy with Google snooping on your abuse role account, but you really need to be able to read the mail sent to it yourself too.

So what to do? Well, the way Google set things up they actually create invisible mailing lists for the two role accounts, and subscribe Google Support to the lists. In older versions of Google Apps you could make those mailing lists visible through the user interface by trying to create a new mailing list with the same name, then simply add yourself to the mailing list and be able to read your abuse@ email.

But Google broke that functionality in the latest version of the Google Apps control panel, when they renamed email lists to “groups”. If you try and create a new group with the email address abuse@ your domain you’ll get the error Email already exists in this domain, and no way to make that list visible.

So, what to do?

Well, there’s a workaround for now. If you go to Domain Settings you can select the “Current Version” of the control panel, rather than the “Next Generation” version. That gives you the old version of the control panel, where all this worked. Then you can go to User Accounts, create a new email list delivering to abuse@ and add one of your users to the mailing list. You can then set the control panel back to “Next Generation” and have access to the mailing lists via Service Settings → Email → Email Addresses.

Hopefully Google will fix this bug, but until they do here’s the step-by-step workaround:

  1. Go to Domain Settings, select the Current Version of the control panel and hit Save Changes
  2. Go to User Accounts and click Create email list
  3. Enter “abuse” as the name of the list, and one of your users as the recipient, and press Add recipient
  4. Do the same thing again to create your postmaster list
  5. Go to Domain Settings, select the Next Generation of the control panel and hit Save Changes
  6. Go to Service Settings → Email → Email Addresses and you’ll see the two mailing lists, and you’ll be able to add and remove recipients from those lists

And then you should have working abuse@ and postmaster@ aliases. Before you need to rely on them, test them by sending mail to them from somewhere other than your Google account.

12 comments

  1. lux says

    Or, of course, you could just use someone else to host your email. :)

  2. Matt says

    Great advice Steve – worked like a charm.

    Matt
    @EmailKarma

  3. anderson says

    Gentlemen,

    My ip is 200.152.117.70 It is listed in blacklisted

    that is email server

    How can i remove the blacklist ? Please help me,

    Thank you

    Anderson

    CTCEA/SETI

  4. H.. says

    Find out what blacklisting service it’s listed on and they usually have a form to on there site to request a delisting. Do a search with your domain at the following site and see if it’s one of those blacklists.

    http://www.mxtoolbox.com/blacklists.aspx?IP=63.249.112.14

  5. Andris says

    The trick described isn’t working anymore as of 06-Mar-2009. Instead of tries to use the old fashioned e-mail lists to handle mail for abuse@ and postmaster@ one must use the group feature. And yes, there is no need to switch from the “current version” and “next generation”.

  6. Imtiaz Rahi says

    Thanks for the information you provided. I understood what was happening with the abuse and postmaster when I tried to to link my email address with them.

    But later I successfully created them as groups and all in the next generation interface.

  7. Hrish says

    Steve, Thanks a ton for this – this was exactly the problem I had :) Your detailed steps worked like a charm.

  8. Raj says

    Hi guys – I am trying this but it won’t work. I created 2 groups, one for abuse and one for postmaster. Is there an additional step?

  9. Lucky13 says

    Here is a supporting question in Google Help forum.

    How to respond from my abuse@ in Google Apps?
    What does Google really do when they monitor your abuse@ emails?

    http://www.google.com/support/forum/p/Google+Apps/thread?tid=3de52158289ff319&hl=en

  10. Eric says

    I know this is late, but anyone searching for “google apps abuse email” will see this at the top of the list.

    Google has resolved the issue. You can now add the abuse@ and postmaster@ addresses in your standard “Next Generation” group manager. They even have a nice little pop up telling you that they’ll be monitored and why.

  11. Gmail abuse and postmaster addresses – Word to the Wise says

    [...] long time ago, Steve wrote a post about setting up abuse and postmaster addresses for Google hosted domains. Google has gone through a couple iterations of the interface since then, [...]

  12. Al Iverson says

    Yeah, this is confirmed working again as of August, 2011.

Comment:

Your email address will not be published. Required fields are marked *

  • AOL compromise

    Lots of reports today of a security problem at AOL where accounts are sending spam, or are being spoofed in spam runs or something. Details are hazy, but there seems to be quite a bit of noise surrounding this incident. AOL hasn't provided any information as of yet as to what is going on.4 Comments


  • ReturnPath on DMARC+Yahoo

    Over at ReturnPath Christine has an excellent non-technical summary of the DMARC+Yahoo situation, along with some solid recommendations for what actions you might take to avoid the operational problems it can cause.No Comments


  • AOL problems

    Lots of people are reporting ongoing (RTR:GE) messages from AOL today.  This indicates the AOL mail servers are having problems and can't accept mail. This has nothing to do with spam, filtering or malicious email. This is simply their servers aren't functioning as well as they should be and so AOL can't accept all the mail thrown at them. These types of blocks resolve themselves. 1 Comment


Archives