A Look At Google's Email Spam Prevention

CNet has a story about the security measures Google employs to protect their email systems and fight the never-ending war on spam. Their Postini team, acquired two years ago, has a variety of monitoring tools and automated response systems to find and block undesirable messages. Quoting: "The system scores each message on numerous combinations of criteria, assigning a weight to each and then comparing the score to those in a database of several hundred thousand message types that have been flagged as good or bad from Postini honey pots and customer spam reports. ... To block fresh spam attacks not covered by existing heuristic technologies and viruses not covered by existing signature databases Postini relies on proprietary Zero-Hour technology to identify new outbreaks that show up in the traffic patterns and quarantine them for later rescanning. Customers can also create and build out their own white lists of message senders they trust and blacklist others they don't trust. It takes an average of 150 milliseconds for a message to be scanned by the antivirus engines that Postini licenses from McAfee and Authentium.

Don't care how they do it..

[Finallyjoined!!!]

I now get a couple of shed loads less spam. I used to check the apam directory for false positives. Don't bother doing that either.

Go gmail :-)

Re:Don't care how they do it..

[hansraj]

Pfft.. the internet became sentient sometime ago and used to babble like a baby. Since whatever it said was pretty much garbage, it was impossible for anyone to correctly figure out whether the noise was the baby's (spam) or from the tv (non-spam?). Now that the internet speaks more coherently it is far more easier for Google to figure out stuff that is coming from the internet - spam that is. It is rather obvious actually.

I wonder why yahoo has a miserable spam filter though; maybe Yahoo is like the careless parent who never gave a shit to figure out when the baby stopped babbling. And judging by the kind of spam I get in my hotmail box (it is all from microsoft), probably MS would be like those parents who insist on babbling themselves when the baby is around.

There, mystery solved! Now no one has to RTFA. Now if only someone made this into a car analogy for the greater good.

Re:

[hansraj]

Okay, I hope the the moderation to my post was an instance of meta-humor. Just in case someone who is ignorant about spam filtering techniques and believes the moderation that my post is actually informative or insightful: STOP! The internet is not really sentient (yet).

Re:Don't care how they do it..

[Anonymous Coward]

STOP! The internet is not really sentient (yet).

Am too!

Re:

[gEvil (beta)]

I wonder why yahoo has a miserable spam filter though; maybe Yahoo is like the careless parent who never gave a shit to figure out when the baby stopped babbling.

I'm curious to know why you say this. I have both a Yahoo and gMail account and for both, equal amounts of spam make it into my inbox (which is maybe one message every 3 or 4 months). Both seem to have very good anti-spam technology to me. Now Hotmail, I have no idea about since I stopped using them about 8 or 9 years ago.

Re:

[DJRumpy]

I get no spam in my gmail account. When I log into hotmail, it's all spam. Viagra, Porn, you name it. I don't think they even use a spam filter. If they do, they should look at another product.

Re:

[Ash Vince]

When you go live can you learn to read please :)

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Hurricane78]

the internet became sentient sometime ago and used to babble like a baby.

So THAT is how babby is formed!?

Re:

[zehaeva]

where's BadAnalogyGuy when you need him??

Re:Don't care how they do it..

[jo42]

Don't care how they do it..

Then I suggest that you don't really belong on /. ...

Re: I do care how it works

[npwa]

...because it's actually not working - Gmail spam filter recently became very ineffective - i have to classify about 5-10 Viagra spams daily. (Google, have you heard of it? geez!) then it occurred to me that a while ago [slashdot.org] Gmail captcha was cracked, so I imagine spammers send themselves hundreds of spams only to classify them as "non-spam". - as a consequence, spams are now slipping through the crowd-sourced filter because the crowd is infiltrated. c'mon google this can't possibly that hard to fix!

Re:

[GIL_Dude]

I counter your anecdote with my anecdote! No, seriously - not to be an a$$ or anything, but I haven't gotten a single spam in GMail in over two years. There is none in the inbox, and none in the spam folder (label) either. I'm not sure why you are getting them, but it is clearly not everyone who is so afflicted (thankfully!). I'm not sure if it has something to do with accounts on different back end systems or what, but mine hasn't gotten any spam in one heck of a long time.

Re:

[dave562]

Contrary to what another poster who replied to you has to say, I agree that Postini has gone down hill within the last month or so. The software is missing virii attached as normal attachments to emails. Virii that the Symantec anti-virus on our in house Exchange server is catching. I never in a million years thought I would see the day when Symantec would be doing a better job than Google.

Re:

[Ash Vince]

...because it's actually not working - Gmail spam filter recently became very ineffective - i have to classify about 5-10 Viagra spams daily. (Google, have you heard of it? geez!) then it occurred to me that a while ago Gmail captcha was cracked, so I imagine spammers send themselves hundreds of spams only to classify them as "non-spam". - as a consequence, spams are now slipping through the crowd-sourced filter because the crowd is infiltrated. c'mon google this can't possibly that hard to fix!

Actually I think they already have. I noticed the same thing only I was receiving a far greater volume. I think I suddenly went to a couple of hundred emails per day, some getting as far as my spam folder, some getting in to my inbox. Now just this weekend I noticed that this has now ceased and the number in my spam folder is working its way back down as they are deleted.

Re:

[Threni]

I get loads more spam than I used to. Something broke in Google's spam prevention about 4 months or so ago, and it's not been fixed yet. I redirect my email to my phone, where I get a notification of new email, and I've had to turn the sound and vibrate alert off because I got too much spam coming through.

Re:

[Anonymous Coward]

I've been told by some people that part of the reason of the recent suckage of gmail's spam filter are people who think they're smarter than google and automatically mark all their messages as ham so they can get via pop or smtp to their computers and then run their own spamassassin/razor/bla tools on the mail. Thus, messages that are _obviously_ spam get marked as ham and are forwarded to the rest of users. I don't think it's the main reason, but worth sharing anyway in case somone knows more about this 't

Re:

[0100010001010011]

Spam Assassin is a great compliment to GMail's spam filters.

1) I use IMAP Spam Begone [rogerbinns.com] to check my google inbox and mark stuff as spam/not spam.
2) I use DMZ's remote SA-Learn [dmzs.com] to learn spam from my google spam folder (after I check it for false positives) and I use it to learn ham of stuff that IT marked wrong.

Result, I haven't had any spam make it through since I started using it.

(Both scripts do require editing isbg.py hasn't been updated in 5 years, so to work with newer python I fixed some things and sa-l

Maybe there's less spam nowadays

[FRiC]

I used to have 20,000+ in my spam folder every day for years. Recently it dropped to the low 400's.

But because there's much less spam, I actually check the spam folder quite often to see if there are false positives, and I almost always find a few. Makes me wonder how much mail I missed all this time?

Re:Don't care how they do it..

[DrXym]

Spam is now so bad for me on my home account that I reckon for every 100 messages, only two or three are legitimate contact. I literally get 200-300 spams a day. Bayesian filters will get rid of about 20%, and rules I've added such as deleting any email with cyrillics or other foreign characters still leave me with 100 or so to delete manually.

I've set up GMail to filter my email and by comparison I'd say one or two spams get through. So I'm very happy with GMail's level of coverage. It's not perfect but it makes things tolerable. I'm not at all happy with Yahoo's level of coverage. Yahoo allegedly also has spam filters, but I've yet to see they actually work. It's not uncommon to find my email box filled with Nigerian and other scams.

Re:

[trawg]

Wow, what Bayesian filter are you using that is only giving you a 20% catch rate?

I'm using spambayes [sourceforge.net] (a pop3 proxy) and I would estimate it catches well above 95% of my spam. My inbox would be utterly unusable without it.

It requires some training - the more training you give it and the more religious you are, the better it works. I've trained it on around 3000 ham and 3000 spam messages and it is incredibly accurate (almost scarily, sometimes) at catching spam. False positives are extremely low - here's the

Re:

[DrXym]

I'm using the one in Thunderbird. The problem these days is you CAN'T use Bayesian rules since many spams use:

• Morphed words (e.g. C1alis, \/1agr() + millions of variations)
• The message is embedded in an image, i.e. there are no words
• Phishing attempts which therefore use the same language and terms as legitimate emails
• Random strings. Nonsensical headings which do not match anything.
• Foreign garble. Chinese, Korean, Russian, Japanese and Hebrew words which I'm not even sure the filter would parse properly as

Re:

[arth1]

I'm using spambayes (a pop3 proxy) and I would estimate it catches well above 95% of my spam. My inbox would be utterly unusable without it.
[chop]
2483 messages were manually classified as spam (829 were false negatives).

1 out of 3 manually fed spams was classified incorrectly? That's incredibly high. After feeding it the first few hundred spam e-mails, it should already be working well enough that the end ratio should be much lower.

Anyhow, how fast is it? GMail's system appears to be horribly slow. 150

Re:

[RobertLTux]

"Anyhow, how fast is it? GMail's system appears to be horribly slow. 150 ms per message means it can only handle 8 messages per second. And that's likely on fairly new hardware -- my old PIII mail server can do far better than that."

i would bet you that this stat is PER SERVER (which google has whole buildings full of)

Re:

[MoeDrippins]

20% on a Bayesian filter is ridiculously low; so low in fact I believe you are stretching the truth to make or point, or you're not training it.

My gmail account is quite old (gotten when only google employees were giving out beta requests), using an extraordinary common firstname.lastname account name, and since Jun 17, I've gotten 2247 spams. So that's what, 19 days? Gmail has *let through* probably fewer than 10 actual spam in that time frame (0.44%), and I haven't checked for any false positives.

Re:

[Glonoinha]

Beyond the obvious keyword flags (any various drug names and the various ways to spell mortgage) I have three pretty simple rules :
1. If it has invalid html tags in the text, it is probably spam.
2. If the originating IP address isn't from within the US, it is probably spam.
3. If my email address isn't the only email address the email was sent to, it is probably spam. Anybody who emails me knows that if it isn't worth sending me my very own copy, it probably isn't worth me reading either.

Honestly for me tho

Re:

[Have Brain Will Rent]

I have quite a few different mail accounts through a couple of different ISPs and access them all with Thunderbird. I get maybe 10 spams a week that I have to manually identify - all the rest Thunderbird catches and I can't remember the last time I got a false positive.

Re:

[gullevek]

Email is for old people. the rest is done through chat/twitter/facebook/what-not-else-other-sns.

Most of my mails nowadays are notifications from other services that I have a mail waiting there :)

Re:

[DrXym]

2 or 3 legit emails per 100 * 200-300 messages = 4-9 legit emails a day. Anyway I don't use my POP3 account for much personal correspondence any more since its too easy for it to be deleted by accident.

"Postini"?

[John Hasler]

My previous ISP switched me over to Postini with no advance notice (we got a cheery note from marketing after the deed was done). Blocked half the spam and half the ham. They told us how to disable the filtering "features" but it turned out that all the filtering could not be turned off.

I'm not with that ISP any more.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[seifried]

Maybe it knows your email won't be that interesting to other people =). That's the next evolution I want to see, start blocking useless email (like chain letter jokes, etc.).

Re:

[postbigbang]

I wish that my ISP's filter would find Snopes candidates from my mother-in-law and relegate them to the bit bucket. But it never learns. Bayseian filter? No.... it learns only when a user spanks it.

Re:"Postini"?

[veganboyjosh]

I used to get Snopes candidates from my mother-in-law a few years ago. I used to delete them without saying anything. Then I figured I'd try to teach her about the internet, and trusting things you receive in your inbox. I made an effort to track down whatever outrageous story she forwarded on snopes or wherever else, so that she'd see they weren't true, and stop sending them.

Now, instead of getting emails from her with "I wonder if this is true. It sounds so amazing!", I get "I already checked Snopes, and while this one isn't real, it makes for a good story!" MLIA.

Re:

[postbigbang]

[smacks forehead, mumbles something]

Re:

[PReDiToR]

Actual email I sent to my mother last year:

--

Mum,

<wife>'s just come in and told me that you forwarded the email that you got from "Terry" to her.

I'm not going to have a go at you or anything, you didn't send it to me, as I requested =) But, if you are going to do stuff like that, let me show you the best way to do it so that you don't do to others what I don't want doing to me.

When you get the email that you want to forward it will have loads of addresses in it already, which don't need t

Re:"Postini"?

[icydog]

I have had a similar experience with Postini, but from a different point of view. I usually use my own mailserver to send emails, and in the beginning I was greylisted and occasionally blocked by a few servers here and there, but after just a few quick emails here and there to ask why I was blocked, I was always promptly unblocked. I just use it for personal email so I'm not sending commercial or bulk emails. And before someone asks, no it's not on a dynamic IP or anything, it's in a fairly large colocation facility.

Google is the only mail service that I know of who still just won't accept my emails. They make it very difficult to contact them. There is a form buried somewhere in their help system, but it says that they won't respond unless they need additional info from you, which leads me to believe that they never actually read anything submitted through that form. (I have tried a few times.) They also specifically say they don't take whitelist requests. I have SPF records, I have correct reverse DNS, I'm not on any blacklists, etc.

This means when I send emails to my friends who use Gmail, or comparies who use Postini, I get blocked without cause. Then I have to use a different server. It's kind of annoying.

(Why do I use my own email server? Because I can. This is /., after all.)

Re:"Postini"?

[Jay L]

Google is the only mail service that I know of who still just won't accept my emails.

I had a similar [wordtothewise.com] experience [slashdot.org]; I run my own mail server, send no bulk mail whatsoever, and both Postini and GMail independently decided I was a spammer. No DNSBLs had me listed, ReturnPath was happy, etc. Meanwhile, I was blocked from sending mail to my lawyer, my financial advisor, my chiropractor, etc., all of whom turned out to be downstream from Google. Despite Google's claims that the customer is in full control of filtering, none of them were able to get at my e-mail without getting their sysadmins involved - which often required discovering that they had sysadmins at all.

Worse, Postini's spam filtering takes its own output as input. Once it's scored a message of yours as spam, future messages will be more likely to score as spam - which of course makes any subsequent messages even more likely to score as spam. Brilliant. At one point, my spam score from a triple-signed (SPF/DK/DKIM) server was 98 out of a possible 100.

Google's philosophy of "we don't do it unless we can automate it" works horribly when it comes to customer service. There's no feedback loop, no whitelisting, no channels, no nothing. It's SPEWS all over again, or perhaps the Kafka International Airport [theonion.com].

But Google has no reason to worry about false positives; the more messages they call spam, the more spam they can say they blocked. Perverse incentives.

I have a guess...

[jonaskoelker]

You probably misspelled your mail server's "user agent" string as postfux ;-)

Re:"Postini"?

[SanityInAnarchy]

For what it's worth, Gmail has been just the opposite for me. It's Yahoo and AOL which randomly decide to block me -- sometimes with some cause, sometimes just because it's on a residential connection.

Yet Gmail never so much as greylists me -- everything goes straight through, every time.

Re:

[bcrowell]

For what it's worth, Gmail has been just the opposite for me. It's Yahoo and AOL which randomly decide to block me

Ditto. I'm not saying the gp is wrong about his experience. But in my own case, I've found that both Yahoo and AOL just stopped accepting email from me ca. 2008. I run my own server on my own domain (not via a residential connection). In Yahoo's case, it was fairly easy to fix; I filled out a form, and after a while Yahoo users started receiving my emails again. With AOL, I haven't looked into

Re:

[Toth]

I helped a customer get off AOL's blacklist a couple months ago.

It was a straightforward process with an immediate automated reply.

In order to complete the process you must be able to receive an email at abuse@, postmaster@, or the technical or administrative contact for your domain.

The final email was from a human. It was completed the day following.

Re:"Postini" - why I use my own mail server

[ei4anb]

I use SSL/TLS encryption on my SMTP traffic using STARTTLS. The reason is a long story but it has to do with my work in infosec. So I run my own mail server with STARTTLS configured. After having the same problem with their anal spam blocks I too had to set up a special mail route for anything to gmail to go via my ISPs mail relay.

Re:

[Cadre]

You are definitely not alone. I'm having the same issue with Google. I have my domain hosted with a very popular hosting company. I have correct SPF records. I have domain keys. I am not on any blacklists. Though quite often email sent to Google will get filed into people's spam boxes and I'll have to tell them they need to go digging through it and click the not-spam button.

Re:

[TheRaven64]

My publisher uses Postini. Whenever I send my editor an article, I need to also send an IM so he can check it isn't in his spam folder (happens a good 10% of the time). Meanwhile, SpamAssassin has been giving me no false positives and very few false negatives for years. I'd much rather have false negatives than false positives in a spam filter. A false positive means I can lose (or have delayed) an important email. A false negative just means that I have to waste a second or two clicking the 'spam' butt

Re:

[rm999]

Tell him to look up the definition of "whitelist".

My guess is the system runs much more optimally when your entire address book is whitelisted.

Re:"Postini"?

[macraig]

Have you noticed? GMail gives one no way at all to sort the captured spam. Since I still endure false positives from the system and there is NO way to disable or bypass it, having means to sort all of it by From:, To:, and other criteria would make it easier to identify the false positives and rescue them from the trash bin.

Well, I'll take that back, in part: that applies to the Webmail interface, but if ones uses IMAP with a local IMAP client, then the spam folder could be subscribed and sorted within the client. God only knows how GMail's system interprets the dragging of a message from Spam to Inbox via IMAP: does that automatically whitelist that sender in the future, or do I have to still log into the Web site and identify it as Not Spam manually?

Re:"Postini"?

[rm999]

"there is NO way to disable or bypass it"

Have you looked into filters? They added an option to "Never send it to Spam" about a year ago. You can create custom white lists with this, or just include everyone in the filter and totally bypass the spam filter.

Re:

[thePowerOfGrayskull]

Have you noticed? GMail gives one no way at all to sort the captured spam. Since I still endure false positives from the system and there is NO way to disable or bypass it, having means to sort all of it by From:, To:, and other criteria would make it easier to identify the false positives and rescue them from the trash bin.

I haven't noticed - filters make this pretty trivial:

in:spam from:blah

Re:

[macraig]

That's irrelevant: you'd have to KNOW who it was from in order to employ a SEARCH like that. That's not useful at all when you aren't looking for something specific.

Re:

[thePowerOfGrayskull]

Take a deep breath dude, was trying to give you info that I thought might help. Now it seems that you've presented a moving target. You first said:

having means to sort all of it by From:, To:, and other criteria would make it easier to identify the false positives

Now you say:

That's irrelevant: you'd have to KNOW who it was from in order to employ a SEARCH like that. That's not useful at all when you aren't looking for something specific.

If you don't know who it's from, to ,etc how is sorting by these fields going to help you filter out false positives? Since you now posit that you don't know who it's from, then that won't give you any information that you can use. In addition, you don't need to be searching for something specific to use the filters that are available.

Re:

[macraig]

If you've never done this, so you haven't thought it through well enough to recognize why it would be useful. A big part of the benefit comes comes being able to quickly exclude and delete what is obviously not false positives... thus quickly winnowing the list to something manageable to find those that actually might be. This is possible because, for instance:

• I never send mail to myself
• my actual GMail address contains periods, but GMail has a well-known bug that deposits mail addressed to my address wit

Re:

[stry_cat]

Take a deep breath dude, was trying to give you info that I thought might help. Now it seems that you've presented a moving target.

I don't know what the GP is thinking, but here's my thoughts...

At first I thought your help was awesome. But then I realized it being able to filter on From: is not the same as being able to sort on From:

For example...

Joe sends me email which gmail sends to spam. Since I know gmail does this frequently with his emails and that Joe sends me email once a day, I can easily use the filter to find his message in spam.

Now comes the problem. Sally sends me an email which gmail sends to spam. She doesn't normally s

Re:

[macraig]

Whose brain-cell-murdering Kool-Aid have you been sipping, hmmm?

Re:

[thePowerOfGrayskull]

But he's trying to rescue false positives, and not find out what to delete...

Re:

[LihTox]

I would like spam sorting also; I never empty my spam folder without reviewing it for false positives (which I rarely get, but still), and it would be very handy to sort it by subject, so that I can bypass duplicate spams all at once.

Re:

[noidentity]

My previous ISP switched me over to Postini with no advance notice

Who uses their ISP's email/webspace anymore anyway? It makes switching ISPs much more difficult, unless you don't mind breaking all your old addresses or feeling stuck with your current ISP.

Re:

[John Hasler]

> Who uses their ISP's email/webspace anymore anyway?

Not me any more, and that was one of the reasons. I pay Newsguy for Usenet and email service and also have another address provided by friends. All I want CenturyTel to do is handle packets.

Yawn...

[Linker3000]

...has a quick look and goes back to catching up with news on the MailScanner mailing list.

Postini may or may not work,

[Anonymous Coward]

but what I really want to tell you is that I've inherited a great deal of money and I need someone to help me transfer it to the US. I live in Nigeria. You all seem to be great gentleman, so I will pay appropiately.

Contact me.

Re:

[Anonymous Coward]

You all seem to be great gentleman

You must be new here.

Re:

[hannson]

Hi

I like money :)

Please reply to this message with your contact information

better then their fishing 'algorithm'

[cliffski]

part of gmails phishing filter seems to do this

if(hyperlink in email ends in .exe)
{
    isphishing = true.
}

Even if this is an email from someone in your whitelist and is merely quoting text from your own message you sent them.
And there seems to be NO way to prevent a message with .exe in it to be marked this way :(

Toughest spam

[Pessimist+Cynic]

They can filter out the obvious spam mail, but some spammers are so clever and so well hung - because they've taken some DrMaxMan to acquire an enlarged sexual wand with which you can perform better and be bigger for f.r.e.e - that they can actually embed their spam offers inside real messages in such a way as to be completely undetectable by filters.

Re:

[Gazzonyx]

Really? Don't leave me hanging.... How do they go about doing this?!

It was me!

[Dynamoo]

It was me who submitted that old /. story. I'm still with Postini, and it still does the job. The problem? Well, no spam filter is 100% effective.. and just about every time Postini lets spam through (very rarely), then they phone up the helpdesk irately and say "Postini should have stopped this!".

So, the product is still great. Tech support has gone downhill though. Anyone who has tried to deal with Google tech support for anything will know how it feels..

Re:

[Goldenhawk]

I signed up with Postini just as it was acquired by Google. Before that I'd used SpamSoap, which worked great but was declining in effectiveness (more false negs) but not in price ($30 per month is a lot for a small business). Postini and then Google were far more reasonable at just $3 per year per address (for the less-flexible controls). I get maybe one or two delivered spam per week, usually when I also see a corresponding spike in filtered spam which indicates a new attack of some kind. I get only one o

Praise Gmail

[zhilla2]

This is great for business mail too... small company where I work was literally BURIED with spam until we moved to gmail. Since their mail addresses were "in the open" on our website for years, some of them get 200+ spams a day. Now, if 1 in 1000 passes, it's a bad day. Also, in my private inbox, I had an VERY old mail address still redirected to gmail address... turned out that was the source of 1/2 spams (100+ / day). But those were filtered too without problem. So far so good... not a single false detection for ham. Nothing but praise so far. Disclaimer: I do not work for gmail. I am the genuine satisfied customer with smile on my face, from "after" picture, as seen on TV!

But what about spam from "me"?

[Peaquod]

At least 75% of my spam is addressed as though it was sent from *my* gmail account. Of course, it's easy to set up a filter to reject all such spam, but then I lose the ability to send reminder messages to myself. Seems like it would be extraordinarily simple for google to outright reject messages that claim to be sent from their servers that in fact were not. I sure wish they would!

Re:

[rm999]

I believe e-mail spoofing (where the spammers spoof the header to make it look like it comes from you) is completely different than sending e-mails to yourself, and gmail knows this. That said, when is the last time a spoofed e-mail actually made it to your inbox?

Re:

[adolf]

Weird.

This happens to me a lot on my own server (where I don't put very high weight on SPF records), but I guess I assumed that Gmail was better controlled than that.

That said: Whatever Google is doing, seems to be working. I haven't had a legitimate email tagged as spam by them in years, and my spam folder (which used to get hundreds of spams daily) has shrunk to having only a dozen or so in the past month.

Re:

[gullevek]

strange, this never happens to me in google. All that spam that comes from "me" is correctly tagged as spam, my mail that comes from me (via google) is never tagged wrong.

The only spam that comes through is some wired Russian spam every other day or so.

Re:But what about spam from "me"?

[hidden]

Keep in mind:
It's a perfectly legitimate (and common) for non-webmail users to have their outgoing server be their local ISP. So if google did what you're suggesting, all those people that use an IMAP client to receive their gmail, and send via their ISP wouldn't be able to send to other gmail users

Re:

[binaryspiral]

Keep in mind:
It's a perfectly legitimate (and common) for non-webmail users to have their outgoing server be their local ISP. So if google did what you're suggesting, all those people that use an IMAP client to receive their gmail, and send via their ISP wouldn't be able to send to other gmail users

Also keep in mind, Google is actively marketing their email services to ISPs... many ISPs are using GMail for their email services.

Mine switched from an internal co-located email service to completely outsourced Gmail based, ISP branded email solution in less than a month. They lost a lot of control - but saved a metric shit-ton of cash in the process.

Re:

[Serious Callers Only]

It's a perfectly legitimate (and common) for non-webmail users to have their outgoing server be their local ISP. So if google did what you're suggesting, all those people that use an IMAP client to receive their gmail, and send via their ISP wouldn't be able to send to other gmail users

This does not make it legitimate (though it may be common) to forge the From address line. They should use Reply To if they want to send From another address/mail server, and have replies to go their gmail account.

If you want to send with the correct From header, you should be using secured email and sending via the gmail servers (SMTP is the protocol used in any case). No ISPs I know of block the ports for secured email, so you can easily send via the google servers.

Forged From headers are a big problem fo

Re:

[JSG]

So why on earth don't you sign your mail. Some really clever people have come up with some pretty good ways of proving your electronic identity.

Alternatively, why not tell your system where your mail comes from and then reject anything that doesn't come from those sources.

Its not that hard to persuade your own mail system what mail is really from you and not a fake.

There's no need to lose functionality, you just have to think around the problem

.

McAfee

[contrapunctus]

So by using gmail, am I indirectly making money for McAfee?

Re:

[trawg]

Yeh, that's information that would have been useful yesterday. Now I feel dirty.

Look at it this way:

At least it's not Norton !

Re:

[binaryspiral]

Not really. Think of it like beta testers, or even better - neutral sensors. They aren't paying for the service, so they can't call your helpdesk and bitch about its effectiveness or about that one spam message that really offended them.

McAfee gets millions of email accounts to monitor and use as sensors for new spam, allowing them to gather that data, crunch it, and redistribute the new spam identifcation data to their own paying customers, including gmail.

This allows them to be more accurate and have bett

Postini works

[twistah]

In my humble and largely anecdotal experience, Postini works well. We send out e-mail that can often be flagged as SPAM when we perform penetration testing, and Postini seems to be the toughest to get around. We see in-house devices such as IronMain, and outsourced services such as MXLogic and FrontBridge/hosted Exchange, but Postini seems to do the best at stopping illegitimate messages. The company I work for uses this it as well, and logging into my Postini inbox I see a lot of spam but no false positive

Re:

[account_deleted]

Comment removed based on user account deletion

Gmail and Me

[Petersko]

When gmail was "invitation only" I opened an email account. I never used it for anything. Never gave it out, never signed up for anything with it, never sent a single email.

I've logged in to it four times, and I deleted something like 2000 spam messages.

I'll continue to not use it, thanks.

Re:

[robogun]

Every gmail account I've opened has been flooded with spam. One I never sent a single message from.

Re:

[binaryspiral]

Did you have an easy to guess username?

Just because you didn't send email from "robogun@gmail.com" doesn't mean your robogun@att.net isn't on a spam list somewhere. How do you increase the size of a spam list exponentially? strip all the domains from the addresses and find common names... then generate one email address for each domain you want to hit.

Ta-da... spam email sent to accounts that were never used. This could indicate that google's directory harvest attack identification methods need some fine tu

Great

[Amazing Quantum Man]

Now apply this technology to Google Groups.

Yeah, I know it's usenet, but they could apply it to their web interface (see comp.lang.c++ for a sample of what it has to deal with).

SPAM volume patterns

[flyingfsck]

What I find telling is how my SPAM volume rises and falls according to the American holidays. Whenever the Yanks have a holiday, SPAM drops to a trickle.

That to me is a clear indication that most SPAM originates in the US even though it mostly gets relayed through Asian proxies.

Incoming spam isnt the problem outgoing spam is

[grapeape]

Spam and scams originating from Gmail has been so bad lately that several clients of mine have actually requested that I block gmail entirely. I have been tempted to do so with my home account as well since its rendered craigslist all but unusable. When do they plan to address that...but then what could they really do??

No spam at all

[Kiuas]

I have had two gmail accounts for a couple years now. One of them has my name on it (in the form of: "firstname.lastname@gmail.com") and the other is a nick (not the same as my /. one) that I often use in forums/games. Curiosuly enough, neither of these accounts gets any spam at all. And by this I don't mean that the spam filters are effective because there is no to be filtered. I can understand that my name based account doesn't get spam, after all I rarely give it out to anyone except people I know in per

GMail Spam Filter != Postini

[aligas]

Keep in mind folks, Gmail's Spam filtering is seperate from Postini.

From the article:
"Google's Gmail antispam efforts are separate from those of Postini, which Google acquired two years ago, although it follows similar computerized operations and the teams have started to integrate the processes."

I've had email at an ISP that uses Postini, and I have email at Gmail. IMHO, Gmail > Postini.

Is Google complicit in spam?

[msblack]

I find it very strange that my Gmail account received so much spam long before I ever started actively using it. It's not like me e-mail address is made up of one or two words. I cannot for the life of me understand how anyone would possibly guess my e-mail address (two letters plus an uncommon word). I'm guessing someone got a hold of their user list. Anyhow, their spam filter is fairly accurate.

Gmail spam

[smoker2]

I get about 100 spams a day in my gmail account. All of them are obvious, bad spelling, oddly capitalised letters, promising wondrous things. There are maybe 10 of those 100 that the filter doesn't catch. On the odd day it will miss maybe 50. I do think the filter has become less effective over the last few months.

my email spam prevention system

[viralMeme]

Use one email account to respond to emails, never subscribe to online magazines with this. Change the first email account ever three months ..

Barking up the wrong tree...

[damn_registrars]

Hell, they might not even be in the right forest, for that matter. Google should know well enough that spam is an economic problem, not a software one. They can write all the fancy filters they want, they will never win the war that way.

They have the resources, they should fight the war the right way - by going after the people who sponsor spam. They are electronically reading our gmail email, they can see the headers. They know where the spam comes from, and when. They know what domains are being sp

Summary...

[EddyPearson]

...is misleading. New summary:

Bayesian filtering.

NEXT PLEASE.

Most decent-sized companies

[SCHecklerX]

...are better off doing their own solution using a combination of sendmail, mimedefang, spamassassin, and greylisting. If you are big enough to 'need' postini, you likely have a staff that can do it better themselves using open tools and tuning that solution to your particular environment. But nowadays, nobody wants to hire competent staff, it seems.

Re:

[John Hasler]

One of my complaints about Postini (and whatever it is that CenturyTel uses) was that the "virus" filters cannot be turned off. I have no Microsoft or Apple software.

Re:

[binaryspiral]

As an email administrator - I wouldn't give a user the ability to disable virus filtration on their email account - even if I knew they weren't a direct threat to any known virii. Too many stupid people out there know how to use the FWD button.

I know what you're saying, but since you're probably the smartest user out of the tens of thousands that use your email server - they're not likely to give you a one-off option.

Re:now am worried !!

[Ron Bennett]

150 milliseconds sounds fast, but equates to only 7 messages per second.

Sure that may be faster, presuming it's a deep intensive scan, than what one can do on their home PC, and yes Google has zillions of boxes ... but anyways, my point is that 7 messages per second illustrates the very real, high cost of dealing with spam; scanning of just a million messages, which is a fraction of the spam volume, at 7 messages per second, takes well over a day of computer time.

Ron

Re:

[compro01]

No, it ought to trip the "STOP TYPING IN ALL CAPS! IT'S LIKE SHOUTING!!" filter and prevent you from posting it.

Re:

[account_deleted]

Comment removed based on user account deletion