Ask Slashdot: Why Can't Google Block Spam In Gmail? 265
An anonymous reader writes Every day my gmail account receives 30-50 spam emails. Some of it is UCE, partially due to a couple dingbats with similar names who apparently think my gmail account belongs to them. The remainder looks to be spambot or Nigerian 419 email. I also run my own MX for my own domain, where I also receive a lot of spam. But with a combination of a couple DNSBL in my sendmail config, SpamAssassin, and procmail, almost none of it gets through to my inbox. In both cases there are rare false positives where a legit email ends up in my spam folder, or in the case of my MX, a spam email gets through to my Inbox, but these are rare occurrences. I'd think with all the Oompa Loompas at the Chocolate Factory that they could do a better job rejecting the obvious spam emails. If they did it would make checking for the occasional false positives in my spam folder a teeny bit easier. For anyone who's responsible for shunting Web-scale spam toward the fate it deserves, what factors go into the decision tree that might lead to so much spam getting through?
WTF? (Score:5, Informative)
As a bonus: it's also excellent about learning what I mark as spam, and dealing with false positives.
Re:WTF? (Score:5, Informative)
I'll second this sentiment. Gmail catches an obscene amount of spam sent to my account accurately and with so few false positives it blows my mind. I've dealt with lots of anti-spam software and some hardware and Google does a fantastic job.
Pro tip: you have to just start flagging things with the convenient "this is spam" button and in a short time their filters figure it out.
OP might just be getting a lot of legitimate list traffic that they signed up for. That isn't spam, you asked for that and need to hit 'unsubscribe'.
Re:WTF? (Score:5, Informative)
I have found that essentially every time I give my email to a legitimate retailer, they automatically assume that this means they can send me marketing email on nearly a daily basis. However, most retailers also honor the unsubscribe requests, and if you are vigilant about clicking through unsubscribe and marking real spam as such, GMail does a really very good job. Also, I've found that when I unsubscribe to lists that I really don't read (including marketing email that I might have thought could be interesting but no longer want), the total volume of spam goes down.
I cannot explain the OP's experience, as it runs completely counter to mine.
Re:WTF? (Score:4, Informative)
Re:WTF? (Score:5, Insightful)
"I cannot explain the OP's experience, as it runs completely counter to mine."
I can explain. I'd rather not have to. But it basically comes down to (IMHO), "I don't know how to Gmail"
Juggle multiple gmail accounts (Score:2)
GMail makes it ridiculously easy to set up and use multiple email accounts for different purposes. Here's my setup:
Initials.UniqueChars@gmail.com - this is the account I use to sign up for random internet things. It's fairly anonymous and disposable.
Initials.MoreUniqueChars@gmail.com - an account for "important" internet things, like online stores, internet banking, purchasing apps, and other stuff that is a bit more sensitive than what's good for the throwaway account. Also might use this for various ma
Re: (Score:3)
More GMail tricks, that may help you: when you have account
someaccountname@gmail.com
all email of the form
someaccountname+anysuffix@gmail.com
goes to your account. The plus sign is a literal character, not a concatenation operator. The only downside to this is that some email validation suites don't allow plus signs in user IDs, even though RFC 5322 allows them. Sometimes I use the format
someaccountname+onlinestore@gmail.com
when giving my email address to OnlineStore.com so that it's clear from where parti
Re:WTF? (Score:5, Insightful)
I joined gmail way early into the beta, so I got an email address that was simply my last name with first initial. Nothing else. Very simple, which I thought was great rather than adding a bunch of crappy letters/numbers to it.
Problem is, I end up getting subscribed to mailing lists all the time because a lot of people with the same last name and a similar first name don't pay the fuck attention to what address they're typing in.
The worst ones are the politician mailing lists. It's very rare that their unsubscribe feature even works at all, and when it doesn't, there's absolutely nothing you can do about it. Sure I add their address and name to my filters, but those fuckwads share your email address with each other. For example, I first got subscribed to Jim Dabakis, and he's since passed it to a bunch of other politicians in his fucking party so that they can send me messages from their stupid campaigns that are in another fucking state that I don't even care about. So periodically I get political emails from Democrats in Utah, and there's nothing I can do about it. Now I have no fucking idea how many lists I'd have to unsubscribe from, assuming that is even possible.
Oh and they keep asking me for campaign contributions, which is SPAM by definition because it's very much an unsolicited advertisement, except every law that makes spam illegal conveniently excludes the very politicians who wrote those laws.
So what can I do about it? Jack shit.
Though there are a few times where I've done some things that aren't very nice with this. For example, somebody bought a Hyundai in Vancouver Canada (a place I don't live anywhere even remotely close to) and then gave them my email address. The dealership sent me one of those surveys that makes or breaks the salesman and counts towards the dealership itself with Hyundai, so I gave it the most negative review I possibly could. Somebody from there sent me an email asking if I was sure I wanted to submit a review like that, and that it would have to be submitted anyways if I didn't respond, but they'd like to "speak with me" about it first, so I just ignored them. Serves them fucking right for not verifying who owns the address.
Another time some girl I don't even know sent me her nudies, but I just ignored the email.
Re:WTF? (Score:4, Funny)
Same here. I subscribed way back when it was in beta as well, only my address is my first and last name. Same problem with fucking morons that don't know their own GMail address.
Lately I've taken to responding to messages I receive for other people. I've cancelled items ordered over the internet because I receive a confirmation email. I've cancelled hotel reservations....that one was funny...I wish I could have been there when the jackass tried to check in. I've even responded to quite obvious business emails where someone was looking for feedback on a project and I told them it was complete shit, they were incompetent and they and their team was about to be fired.
Confuse my email address for yours because your too fucking lazy to learn the difference....then enjoy the consequences.
Re: (Score:2)
Re: (Score:3)
step 1 - change shipping address
step 2 ???
step 3 Profit!!!
Re: (Score:3)
I too have initial + last name@gmail.com and get a fair amount of misdirected email. I make some effort to find the right address (had to call someone who accidentally had her cell phone bills sent to me... Happened about 2 weeks after the XKCD cartoon.)
But I don't assume laziness, stupidity or malice when someone uses the wrong address. It's just a mistake. And people are almost always grateful when you help correct their mistake.
It must be a miserable world where everyone else's mistakes are due to cr
Re: (Score:2)
So periodically I get political emails from Democrats in Utah, and there's nothing I can do about it.
you can VOTE. one man can make a difference!
Another time some girl I don't even know sent me her nudies, but I just ignored the email.
sweeeet. was she hot?
Re: (Score:2)
Re: (Score:2)
I cant vote in Utah
Re: (Score:3)
Problem is, I end up getting subscribed to mailing lists all the time because a lot of people with the same last name and a similar first name don't pay the fuck attention to what address they're typing in.
THIS! I have a rather regional last name... it's not common. But every moron out there seems to think it's theirs. I've done a lot of the same things that others have done... responded, canceled, ignored, etc. I've even tried to get the sources of these to require a confirmation link be sent to the subscribing email... no luck there either.
Also, GMail is very good at catching SPAM, in my experience. Every once in a while, I'll get a few that I report and from then on, I don't see them anymore.
Re:WTF? (Score:4, Informative)
I agree. I can't remember the last time I had spam reach my Gmail inbox. Google is incredibly good at finding spam.
In fact, my complaint is the opposite, Gmail is too aggressive in flagging mail as spam. I get notifications from Fidelity about my account, and most emails are fine but things like dividend payments are consistently flagged as spam. I always flag them as "Not Spam", they match an existing filter, and I've even forwarded them to Google for review, but none of that has helped.
I occasionally have other emails incorrectly flagged as spam, but its pretty rare. The Fidelity messages aren't time critical, so this is more of an annoyance than a problem. I wish Google (or Fidelity) would get better at recognizing the difference between spam and legitimate emails that happen to be sent to a lot of people.
Re: (Score:2)
Re: (Score:2)
Almost all the mails I find in Google's spam filters are false positives, including Fidelity mailings and many legitimate mailings such as e-newsletters. My gmail accounts get virtually no "real" spam, but Google seems to program its filters to catch something. Mostly it's press releases, some of which do look spammy, but as a journalist I need to receive some of them. But it could be any mailing that meets Google's spam criteria, including a series of rapid-fire emails back and forth or routine administrivia like dental appointment reminders. (Interestingly, it has never flagged LinkedIn notices as spam.)
If you're missing something important, check your Gmail spam folder. You may be surprised.
Or disable the filtering.....
https://support.google.com/a/a... [google.com]
Re:WTF? (Score:5, Informative)
This is not technically spam. You can disable every single one of those lists by click "unsubscribe" at the bottom or going to your Google account settings for that service and disabling those messages. I have never received a mail from any Google service on my Gmail account, because I always pre-emptively opted out. And this has been my main email account for about 5-6 years now. And I have an Android phone that I have set up with that account, and a Youtube account that I occasionally post videos to, so it's not like I am somehow not using their services actively.
Real spam is not only unsolicited, but impossible to unsubscribe from, because they really and truly don't give a shit, and any system those fuckers have that appears like it might be an unsubscribe function is really just a system to confirm there's a real person behind the email address. This is the stuff Gmail is really really good about blocking. Stuff about penis pills, viruses, scams. Gmail catches 100% of these for me, and its false positive rate is probably 5% or lower for me, and the false positives are almost always automated messages from signing up for a new site or something similar, and never something written by a human or that I receive on a regular basis and actually desire.
In your particular case, it's your fault you're getting those messages from Google's services, and if you took like less than 5 minutes to actually untick some boxes you'd never receive those messages again.
Re: (Score:2)
Parent could use a moderation bump. It's an AC, but saying exactly what (I'm sure) many here are thinking.
Re: (Score:3)
Real spam is not only unsolicited, but impossible to unsubscribe from
Technically, spam is unsolicited commercial email. So the ability to unsubscribe from it is immaterial. If you didn't sign up for it, it's spam. The only caveat here is that in many countries, if you cant unsubscribe from it, it's also considered spam but these are separate conditions, either one classes the email as spam.
The problem is, a lot of companies use sneaky methods to get you to opt-in. The most common is the pre-checked box saying "Yes I'd love to receive your delicious spam, email me thrice d
Re: (Score:2)
That's not really spam. You wouldn't want your email service blocking email you're supposed to get.
Re: (Score:3, Insightful)
Re: (Score:2)
Maybe it shouldn't delete it but maybe more than one folder or putting a confidence level might be nice.
It has multiple categories for the inbox now, why not multiple categories for spam? There is spam and
then there is SPAM. My spam folder on google is full of stuff like viagra, russian bride, nigeria scams,
emails written in chinese I can't even read and other 110% obvious SPAM. There are also a few emails
or newsletters from companies with mediocre records. If my spam was split into 2 categories, my
gue
Re: (Score:2)
Maybe it shouldn't delete it but maybe more than one folder or putting a confidence level might be nice.
It has multiple categories for the inbox now, why not multiple categories for spam? There is spam and
then there is SPAM. My spam folder on google is full of stuff like viagra, russian bride, nigeria scams,
emails written in chinese I can't even read and other 110% obvious SPAM. There are also a few emails
or newsletters from companies with mediocre records. If my spam was split into 2 categories, my
guess is that 100% of the messages that occasionally get misplaced in my spam folder are in this
questionable category not the blatantly obvious category.
You mean you don't have the option to use a "Promotions" folder in Gmail where commercial email will go automatically? What are you using, the free version? Chuckle.
Re: (Score:2)
The free version has a promotions folder. It just doesn't really work well with an IMAP configuration.
WTF? (Score:3, Interesting)
Re: (Score:2)
Indeed. Now that I've trained it to treat unsolicited e-mails from Twitter as spam, I hardly see any.
Re: (Score:3)
As other's have stated using the Report Spam feature should make 99% of spam a thing of the past by putting in the spam folder.
The Original Submitter did not say but based on their description of running their own MX I would guess they are using IMAP (or maybe POP) to pull down their gmail to a local client and thus missing out on the opportunity to mark them as spam...
I occasionally check my gmail from a local client but use the web interface enough to help the spam filter figure me out by marking messages
Re: (Score:2)
There seems to be an easy end-route around Gmail's filters that I get hit with. Someone sends me spam from "royalwatches[nn]@gmail.com" and has done for years now. Every time Gmail blocks royalwatches19@gmail.com, they start sending out spam from royalwatches20@gmail.com. And so on. And on. And on.
I don't know whether the reserved royalwatches up to 100 or 1000 or 1,000,000 or beyond, but if they have, it looks like Gmail is never going to figure out that they're all bloody spam before the heat death of th
Re: (Score:2)
Re: (Score:2)
Huh, did not know that but I usually only map inbox so that's probably why. If I get my gmail from anywhere but the web interface it's just to do a quick check. If I have to respond to something new I log into gmail.
Re: (Score:3)
Same here. I see maybe one legit piece of spam a week in my Gmail inbox. Now if they can just figure out how to predict if an email is unwanted marketing from and block that, I'd be even happier. Sick of having to manually unsub.
I have email accounts with about 10 different domains. Some are related to work and use various filtering tools, some are with free services. Between all my accounts I see maybe half a dozen spams a week. From an end-user perspective, spam for me died out years ago. I'm always amaz
Re: (Score:2)
Should have read "unwanted marketing from some random company that still does opt-in-by-default and block that". I forgot that /. still runs off 1970's technology and can't handle angle brackets.
Angle brackets ... (Score:2)
... It's what makes HTML markup like bold and italics and stuff.
Re: (Score:2)
Yes, and an intelligent text parser can differentiate between markup and angle brackets in text. Half-assed parsers assume that all angle brackets are surrounding markup, even when they aren't. Modern parsers tend to be of the former, Slashdot's is still the latter.
Re: (Score:2)
To get this < and this > type:
& l t ; and & g t ; (less that, greater than)
With no spaces.
Re: (Score:2)
Spam folder in my Gmail catches 99.9% of all spam I receive.
As a bonus: it's also excellent about learning what I mark as spam, and dealing with false positives.
Exactly. Even without much training, my gmail inbox is as clean as clean can be. Soliciting emails that I want to see (stores I frequent, etc) are properly shunted into "promotions". It has been at least a year or two since I have seen anything resembling a 419 email. I would posit one of two things is going on; either the submitter has done a good job of confusing the filter by moving/marking the wrong items out of the spam folder, or there really is a Nigerian prince looking to strike a deal to get hi
Re: (Score:2)
Re: (Score:2)
I'm going to join the "Me too!" brigade - Google gets almost all of my spam (and I pet a lot of stray dogs) - but add a quick comment.
Every couple of months, as part of the never-ending cat-and-mouse game, someone figures out a pattern of text, words, links, and/or images that pass the Google sniff test for long enough to break through to mailboxes. I had one particular "class" of message this year that survived the onslaught of "mark as spam" that countless other gmail users must have been engaged in for
Re: (Score:2)
Me too. I'm very confused seeing this ask /.
Re:WTF? (Score:5, Funny)
Then stop buying the penis pills and Google might actually believe you think it's spam.
Re: WTF? (Score:2, Funny)
The only way that I will accept your 50% claim is if you convince me that you have many pen pals in the Nigerian Royal family.
Re: (Score:2)
Spam on Gmail? (Score:5, Informative)
I realize that this is not a helpful response, but my Gmail account never gets spam, it's all properly filtered into the spam folder. Been years since I even gave spam a second though, actually. I imagine that most peoples' situations are similar.
Re: (Score:2)
Totally agree. Maybe once a month a single 'spam' message ends up in my inbox, and maybe 2 or 3 non-spam ends up in my spam folder. But even the ones that end up in the spam folder are from mailing lists or subscriptions. I've never had an actual hand-written e-mail from a person I know, writing to me about something we actually need to discuss, end up in the spam folder.
Re: (Score:2)
Anyone want to guess the age of the poster? Because while "Gmail gets a lot of spam" may be true for what he's used to it's nowhere bad as it used to be.
You want to see spam? Register a domain and create a catch-all address.
Re: (Score:2)
I second that.
I have a domain for my business, and also another domain to catch the most typical typo. The latter one was previously used.
I hardly get any spam addressed to my primary domain; those would be mainly from my "national" spammers harvesting companies registry.
And with the second domain - typically I get 300-500 messages per day, with false negative every 10-20 days. So gmail is indeed very efficient.
However, on the break of August and September there were 4 or 5 days when I would get between 400
Re: (Score:2)
IMO, the spam folder should be sorted, not by date, but by likelihood of being a false positive....
That's interesting (Score:5, Insightful)
This has not been my experience at all. I've found Google's email filters to be significantly better than anyone else's.
I can think of several other reasons not to use gmail - but spam filtering is not on that list.
Not me... (Score:2)
I get almost zero spam in my inbox, it all goes to the spam folder, where I look occasionally for things that might have been false positive, but even that happens almost never unles I've accedentally ID'd something as spam myself.
Re: (Score:2, Informative)
I don't have a Gmail account, but Google blocks all e-mail from my server to its accounts...
Than your email server is not configured correctly.
Re: (Score:2)
Does your domain have SPF and/or DKIM set up? Does your server have a correct rDNS entry? Is your server on a static IP address?
GMAIL SPAM is fairly accurate (Score:4, Insightful)
I think more likely what occurs is that they need to be extremely careful about false positives. So they push everything into a SPAM folder. But if you miss a critical email because Google accidentally thought something was spam when it wasn't, then Hello lawsuits. From a legal perspective, blocking anything going into their inboxen is a risk.
Re: (Score:3)
But if you miss a critical email because Google accidentally thought something was spam when it wasn't, then Hello lawsuits.
I'm betting you've never read the TOS of your e-mail provider.
For Gmail, the short version is that that they make no commitments about anything, including reliability.
When permitted by law, Google disclaims all warranties and liability for damages.
To the extent permitted by law, Google limits its total liabilities to the amount you've paid them.
Also, you agree that Santa Clara County, California is the controlling jurisdiction for any dispute.
I'm not saying you can't sue Google over misdirected e-mails, jus
Article is stupid (Score:5, Insightful)
Google does an excellent job of catching spam. The submitter's problem isn't that, it's that he's got other numpties giving out his email address and then he's not using the Google-supplied tool (that little "mark as spam" button) to mark unwanted email so that Gmail learns his preferences. Instead, he's Dunning-Krugered together his own solution that barely works.
Submitter's problem is PEBKAC.
Re:Article is stupid (Score:5, Insightful)
If the story wasn't so sort, I'd say it was Bennett Haselton talking out his ass again.
Article is valid, answers are stupid (Score:3)
Re:Article is valid, answers are stupid (Score:5, Insightful)
Re: (Score:2)
Google does an excellent job of catching spam. The submitter's problem isn't that, it's that he's got other numpties giving out his email address and then he's not using the Google-supplied tool (that little "mark as spam" button) to mark unwanted email so that Gmail learns his preferences. Instead, he's Dunning-Krugered together his own solution that barely works.
Submitter's problem is PEBKAC.
Sorry, but I completely agree with the story explained. My previous employer gave me an email address managed by Google Apps. I subscribed and posted to about 3-4 different open source project mailing lists. Obviously that's enough to make your address well known to spammers.
The amount of email in the spam folder was surprisingly high, given that my very personal email address, which has appeared during a decade (not just two years) on online archives of about 20 times more lists, receives a little bit less
You vs everyone (Score:5, Insightful)
Google can not do that because while for YOU an email in Chinese is a huge red flag, it means nothing to the chinese american student living in New York who still gets emails from her cousin in Hong Kong.
Most of the decisions you make are like this one. For you, country, language, etc. etc. are indications of spam, but they are not true for the general population.
So a spam filter designed for your personal use will always work a lot better than one designed for all users of google.
Re: (Score:2)
But GMail does, to my understanding, use a personalized filter, in addition to the global filters. I get some legitimate email in a foreign language (not Chinese, but one with a non-latin alphabet), and some spam in that language as well. GMail gets them 100% right. Alphabet is just another feature that you perform Bayesian analysis on.
What any big message processing service has that a single user won't, is access to the content of messages across users, and the collective action by its users. So, for e
SubjectsInCommentsAreStupid (Score:2)
There's a much better solution (Score:2)
Track down and punish all the retards that actually buy the stuff advertised by spam.
Re: (Score:2)
No need for that.
For each account with any supplier, charge a very small fee.
That would knock down the big spammers. For hijacked computers, the fee would motivate ISP to track down large abusers.
as a former mail site admin... (Score:5, Informative)
I'm not sure what this guy is doing, but when I ran my own mail server (which I did personally and professionally for well over a decade), spam was a huge problem for me. No combination of spamassassin, rbl's, heuristics signature checks, virus, etc... Nothing got me past 85-90% blockage. And I did everything right. And it was a constant unending fight.
When I switched to Google apps for my personal domain, my life changed. Google catches a HUGE amount of spam. Things still get through occasionally, and definitely get worse as black Friday and Christmas campaigns kick into high gear. But the majority of the spam I get is from legitimate business that decides to put me on their mailing lists without my permission.
The op either has on blinders, or is baiting.
Re: (Score:3)
I'll echo this experience. I used to run my own MX, and it was constant work to stay current enough to keep spam to barely acceptable levels. Constant work.
Since switching to Google apps, however, I almost never see spam. I even run a wildcard for my domain (with a blacklist for egregious offenders - every company gets a unique address) and still it's 1000 times better than when I was doing it myself - for no time investment at all. All for 'free' (letting Google read my mail is the true cost).
Not sure what
Opposite Experience (Score:2)
I've had the exact opposite experience. GMAIL's filters are so much better than any service out there. I get less than 1 SPAM email a month into my actual inbox.
If you think Gmail is bad... (Score:5, Funny)
switch over to Yahoo mail
The arms race continues (Score:4, Insightful)
I've seen a lot of recent spam campaigns that get through my basic scanning using the following tactics:
1. Careful design to not trigger Spamassassin content rules, including blocks of text to fool the bayes filter.
2, Careful omission of any identifying headers except for completely valid SPF and DKIM headers with appropriately configured DNS.
3. Real Linux mail servers dropped onto virtual hosting providers.
4. Fresh IP addresses and domains - never used domains that are not blacklisted yet and IP addresses blocks from the hosting providers that take 10-30 minutes to get blacklisted
Then they use snowshoe spam tactics to trickle them out until they're blacklisted and then move to the next domain and address.
If your address is on the lists that the perpetrators of these campaigns are using, it's really hard to avoid spam right now. Not impossible, there are some countermeasures, but vanilla Spamassassin and your standard appliances are going to have problems. I can imagine google is going to have an easier time with this because of its size and volume (=more information), but it's far from trivial.
-db
That's the WRONG way to do it (Score:3)
As I have said many times before, the only effective way to deal with spam is to approach it from an economic angle, as spam is an economic problem. Spam isn't sent out to piss you off, it is sent to make money. The spammers don't need you personally to buy anything, they just need someone else to buy something. The ROI on spam is incredible as the cost is almost nothing to send to billions of addresses, and only a couple of suckers are required in order to make money off the venture.
If you want to actually help end the spam epidemic, stop talking about filters and other crappy "solutions" that only accelerate the arms race with the spammers. The way to stop spam is to remove the profit motive. This has been done successfully already; if you can prevent the spammers from getting paid they won't send spam because it won't be worth their time. Groups have succeeded in this and the effect has been dramatic. By contrast filters just encourage spammers to employ more creative measures to get their messages through - many of which result in reducing the S:N ratio of filters.
Re: (Score:2)
They won't get paid if people don't see their messages due to filtering. That's why filtering is a good thing.
Re: (Score:2)
They won't get paid if people don't see their messages due to filtering. That's why filtering is a good thing.
Except that they will keep finding ways to get around the filters. Which makes for more wasted time on adjusting the filters. Which means that the filters are not solving the problem but just creating a new one.
.001% of 1 billion is still 1 million. And if only .001% of the 1 million who receive the spam actually buy something, that is still 1,000 sales which is a great return considering the investment is so
The spammers don't care in the least if 99.99% of the spam they send out gets filtered, as
I MOVED to Google to avoid the spam (Score:2)
Okay, I moved because I had someone spoof my email a couple times, and the IP range of the server farm I was based out of (The Planet) on my shared box got flagged in spamhaus twice in 3 years. For a business, that's death to have everyone in the world reject your (legitimate) incoming emails.
I might get 1-2 actual spam emails a month through Google's filter, with hundreds blocked every day - easily four 9s. Now, that doesn't include the friend who's email got hacked and now needs $1200 wired to him because
Some Stuff is Just Hard to Act Correctly on (Score:2)
I use a spam filter which quarantines suspected spam. I then review the quarantine and white list or black list as appropriate. Not an ideal solution for large scale users, but for us it works.
Last week I black listed an email. The subject was "You've got to see this!" and the body was only a link. It turned out that it was a legitimate email so I turned around and white listed the sender. But that email would set off the spam flags on just about any filter, including human based filters. Sadly, there is no
GMail Spam filters are GREAT! (Score:2)
My first language is not English and even for those mails gmail's spam filter works really, really well. I am starting to wonder whether running your own little email server has got something to do with it. I am assuming you are running a typical home server on a home connection with maybe a static IP. This is generally a very bad idea. Whatever Ip you are connecting from, it is flagged as a "dial up pool" or "home connection pool" so emails coming from there will instantly look very suspicious to any spam
You're doing it wrong. (Score:2)
Using the selfie-post theorem (Score:2)
According to 'blame the victim' mentality, you shouldn't send your e-mail address around and it's your fault you're getting spam.
anyone still runs their own mail servers? (Score:3)
I was actually thinking of the opposite trend since a couple of years ago: even people fully capable of running their own mail servers are all using gmail these days; I think we're easily at the breaking point where noone really knows how to run a mail server anymore.
Worse things about Gmail than Spam filtering (Score:2)
We have Gmail at work, and the spam filtering seems to work reasonably well. We get an occasional spam message to come through, and for some reason, most of the ones that get through are written in Chinese.
Two features that drive me nuts are a lack of sorting by headers, and not being able to set a message priority. Yes, I know you can search by sender, keywords, etc., but that only gets you so far. Sometimes I only have a vague idea of what I'm searching for, and being able to sort by subject would be a bi
Refine your definition of spam (Score:3)
This isn't spam; at worst, it's bacn with a case of mistaken identity.
As someone whose full-time job is preventing spam (I work on Akismet [akismet.com], which checks about 380MM Web comments per day for spam), my general response to these kinds of questions is this: Fighting spam is hard because what's spam for you is not always spam for someone else, and spammers are continually changing tactics -- what worked to prevent spam yesterday may not work as well tomorrow, so it's a constantly moving target.
In my experience, GMail's filter is just ok. I see about 50 spam per day end up in my spam folder, 3 or 4 that make it to my inbox, and maybe one false positive per month (when I bother checking). That's a 94% success rate with a 0.3% FP rate (based on my ham email activity), assuming that they're not instantly discarding blatant spam that wouldn't even merit ending up in the spam folder (which they very well might be doing). If Akismet had this same success rate filtering comments on my blog, I'd have to manually mark 230 comments as spam each day instead of Akismet's missed spam average of about one per day. I don't complain about it though, since fighting spam is hard (see above).
Reading Comprehension Sucks (Score:3, Informative)
The OP wrote, "I'd think with all the Oompa Loompas at the Chocolate Factory that they could do a better job rejecting the obvious spam emails. If they did it would make checking for the occasional false positives in my spam folder a teeny bit easier." In other words, he's saying that he wants Google to reject the mail before it gets to his spam folder. He's not complaining about the efficacy of their spam filters, but is instead suggesting that Google should find a way to reject it before it even hits his spam folder.
Former Google Engineer - my internal perspective (Score:5, Interesting)
Disclosure: my name is Bruno Bowden and I managed the engineering team on Enterprise Gmail many years ago at Google before leaving to work in venture capital. My profile is www.linkedin.com/in/brunobowden. Though I didn't work on spam fighting directly, I interacted a great deal with the spam team while I worked there.
One of the main architects of the spam fighting system - Brad Taylor - published a scientific paper on "Sender Reputation in a Large Webmail Service" - http://www.ceas.cc/2006/19.pdf [www.ceas.cc]. This has a lot of detail about the system. We keep much of the internals secret as it reduces the chance that a spammer can reverse engineer and work around the system. If you'll allow me to be vague, the number of signals it uses was stunning to me. There's a mixture of hard wired tests (e.g. is the sender in someone's address book), reputation (domain and content), machine learning and anything else we can make work.
One of the principle improvements came when we switched to user classification through the "Report Spam" button. People have different opinions on what constitutes spam, so individual filtering is far more effective. It also avoids the politics of certain lists of domains and IPs from third parties which can be controversial. Even then it has challenges, as sometimes users will mistakenly pick out a phishing email and mark it "Report Not Spam". Because of that, Gmail now adds a red warning banner to indicate more strongly what is a likely a phishing attempt. In general, Google has tried to be very supportive of encryption, e.g. DKIM for authentication (and SPF) to STARTTLS for privacy. I would also like to mention the abuse team that works hard to prevent gmail being used as a source of spam, shutting down accounts as soon as possible after suspicious email is sent, then helping affected users to recover their account.
In general, the Gmail has received a lot of compliments on the spam filtering, I'm sure the team will be grateful for the positive comments here on Slashdot. There are still things that can confuse the system, e.g. receiving forwarded email (which might be missing source IPs) or genuine email that is sent to the wrong address. Though the system isn't perfect, I know the team will continue to work hard on it.
Google seems to do a good job for me (Score:2)
Google filters out ~100-200 spams a day from my email box (which I universally forward all my domain mail through) and leaves me with (usually) only one or two that I have to specifically mark as spam. I've never been able to do better running my own spam filter.
-Matt
The real question is: (Score:2)
Can NEVER please everyone (Score:2)
I think not too long ago, folks were discussing how the spam war was won [moderncrypto.org]. Their spam filtering is so good, that, for the most part for users, incoming spam is no longer a huge issue.
If they did it would make checking for the occasional false positives in my spam folder a teeny bit easier.
If it's IN your friggin' spam folder, then they've blocked the spam. They decided it was spam and hid it from your inbox. No filter's gonna be perfect, and the Spam folder is to help you go back if you become aware yo
huh (Score:2)
Re:Because they don't want to. (Score:5, Informative)
Re: (Score:3)
... and may chance you didn't read my post: (There was a LOT more to my presentation that just this; this single part presented here to convey the concept).
The trouble is - the single part that you presented is clearly broken (eg it doesn't work well with the way many mailing lists work), so if it conveys the concept of your whole presentation, people are naturally going to assume that the whole presentation was broken...
Re: (Score:2)
and it will work with mailing lists - that was directly covered (along with sending email from a different domain, and sending email for someone else... )
Re: Because they don't want to. (Score:2, Informative)
You have to be careful not to break mailing lists etc. there are plenty of systems which mess up the headers.
Re: (Score:2)
Re: (Score:3)
And related ... there should be the ability for me to restrict where my email is access to/from and where it was sent from. I'm not going to Russia -- so why can't I block all access to my account from Russia?
Yeah, it's not quite a solution to spam, but I've had periods where I get a lot of spam in Cyrillic or Chinese/Japanese characters, and it would have been nice to be able to at least say, "If the email isn't using the Latin alphabet, treat it as suspect because I don't read any languages that use any other alphabets."
I've always thought part of the key to putting a dent in spam would be to make cryptographic email signatures ubiquitous. Then we could check the signature against a valid authority, and if a
Re: (Score:2)
My intent with the 2nd half
Re: (Score:2)
Did you throw in a perpetual motion machine for kicks?
Seriously, if you think you have a better spam filter than everybody else, patent it, make it a hosted service and offer for-pay filtering to people who want it. If it works, you'll have a bidding war for your startup within a few years.
Re: (Score:2)
If false positives are a 100% no-no for you, then you get to enjoy reading every mail in your spam folder, or you get to switch to a different technology than email.
Re: (Score:2)
Your statement "Some will get legal on you." is bogus. Gmail is free and, if you bothered to read the ToS, Google is not liable for shit, in fact YOU agree to indemnify THEM and, because it's FREE, what do you propose to list a "damages?"
Re:false positives (Score:5, Insightful)
" It cannot just mark all advertisement as spam"
Advertisements in email are competition, not revenue. Google's incentives and your own are aligned.
Re: (Score:2)
I have the same problem with multiple email discussion lists that I am on. I would always flag the messages as Not Spam and that would work for a few weeks and then the messages would start going into the Spam folder again.
Several other Gmail users had the same problem with those lists. The List admins finally figured out that what was happening was that some users were hit