On Sat, Jul 16, 2016 at 07:30:59AM -0500, gregrwm wrote: > > yikes! there are 3 virus laden spams in my sent box! please check my > thinking here. > I do NOT like the first sentence at all... From what you have sent, it looks like google (gmail) is doing the right thing to follow your filters and to allow messages from known e-mail addresses. Are you on that alleged list the email was sent from? Go to gmail and get as much info as you can about logins. Get the raw headers of the spam messages in the sent folder and trace the IPs to something you know. Basically, make sure nobody is trying to send email as you because they have your credentials. A properly configured email server should never allow that email to come out of your account. But if the destination does not complain (doesn't reject), you will have the reminents of a sent message that was never sent. Then, gmail will find it in your sent folder and may let that address bypass filters. I am just speculating. Sort of like getting your credentials but phishing you to pick up the virus from the inside (since they cannot just sit on the machine you are sitting). Smart. Gmail will send you a notification if you have a login from a new device, but not if they deleted that email just as it was sent to you. That is why gmail wants to have another email address, a mobile phone to received texts, etc. But if you have had a serious security breach (diretly targeted because of who you are or what you do), this sort of thing can happen. Can you sense my level of paranoia? Did I mention changing passwords from a "safe" device? I threw this query into google: https://www.google.com/#q=where+is+the+IP++116.98.187.172 first hit is something about Viet Nam. You need to inspect the headers of the sent messages further. The problem is likely on your end, which is where you are correctly looking. I'd be freaked out. IN