Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Look At Google's Email Spam Prevention

Posted by Soulskill on from the click-here-to-report-as-spam dept.

CNet has a story about the security measures Google employs to protect their email systems and fight the never-ending war on spam. Their Postini team, acquired two years ago, has a variety of monitoring tools and automated response systems to find and block undesirable messages. Quoting: "The system scores each message on numerous combinations of criteria, assigning a weight to each and then comparing the score to those in a database of several hundred thousand message types that have been flagged as good or bad from Postini honey pots and customer spam reports. ... To block fresh spam attacks not covered by existing heuristic technologies and viruses not covered by existing signature databases Postini relies on proprietary Zero-Hour technology to identify new outbreaks that show up in the traffic patterns and quarantine them for later rescanning. Customers can also create and build out their own white lists of message senders they trust and blacklist others they don't trust. It takes an average of 150 milliseconds for a message to be scanned by the antivirus engines that Postini licenses from McAfee and Authentium.

5 of 176 comments (clear)

  1. Re:"Postini"? by icydog · · Score: 4, Interesting

    I have had a similar experience with Postini, but from a different point of view. I usually use my own mailserver to send emails, and in the beginning I was greylisted and occasionally blocked by a few servers here and there, but after just a few quick emails here and there to ask why I was blocked, I was always promptly unblocked. I just use it for personal email so I'm not sending commercial or bulk emails. And before someone asks, no it's not on a dynamic IP or anything, it's in a fairly large colocation facility.

    Google is the only mail service that I know of who still just won't accept my emails. They make it very difficult to contact them. There is a form buried somewhere in their help system, but it says that they won't respond unless they need additional info from you, which leads me to believe that they never actually read anything submitted through that form. (I have tried a few times.) They also specifically say they don't take whitelist requests. I have SPF records, I have correct reverse DNS, I'm not on any blacklists, etc.

    This means when I send emails to my friends who use Gmail, or comparies who use Postini, I get blocked without cause. Then I have to use a different server. It's kind of annoying.

    (Why do I use my own email server? Because I can. This is /., after all.)

  2. McAfee by contrapunctus · · Score: 4, Interesting

    So by using gmail, am I indirectly making money for McAfee?

  3. Re:"Postini"? by Jay+L · · Score: 5, Interesting

    Google is the only mail service that I know of who still just won't accept my emails.

    I had a similar experience; I run my own mail server, send no bulk mail whatsoever, and both Postini and GMail independently decided I was a spammer. No DNSBLs had me listed, ReturnPath was happy, etc. Meanwhile, I was blocked from sending mail to my lawyer, my financial advisor, my chiropractor, etc., all of whom turned out to be downstream from Google. Despite Google's claims that the customer is in full control of filtering, none of them were able to get at my e-mail without getting their sysadmins involved - which often required discovering that they had sysadmins at all.

    Worse, Postini's spam filtering takes its own output as input. Once it's scored a message of yours as spam, future messages will be more likely to score as spam - which of course makes any subsequent messages even more likely to score as spam. Brilliant. At one point, my spam score from a triple-signed (SPF/DK/DKIM) server was 98 out of a possible 100.

    Google's philosophy of "we don't do it unless we can automate it" works horribly when it comes to customer service. There's no feedback loop, no whitelisting, no channels, no nothing. It's SPEWS all over again, or perhaps the Kafka International Airport.

    But Google has no reason to worry about false positives; the more messages they call spam, the more spam they can say they blocked. Perverse incentives.

  4. Re:Don't care how they do it.. by DrXym · · Score: 4, Interesting
    Spam is now so bad for me on my home account that I reckon for every 100 messages, only two or three are legitimate contact. I literally get 200-300 spams a day. Bayesian filters will get rid of about 20%, and rules I've added such as deleting any email with cyrillics or other foreign characters still leave me with 100 or so to delete manually.

    I've set up GMail to filter my email and by comparison I'd say one or two spams get through. So I'm very happy with GMail's level of coverage. It's not perfect but it makes things tolerable. I'm not at all happy with Yahoo's level of coverage. Yahoo allegedly also has spam filters, but I've yet to see they actually work. It's not uncommon to find my email box filled with Nigerian and other scams.

  5. Re:"Postini"? by SanityInAnarchy · · Score: 4, Interesting

    For what it's worth, Gmail has been just the opposite for me. It's Yahoo and AOL which randomly decide to block me -- sometimes with some cause, sometimes just because it's on a residential connection.

    Yet Gmail never so much as greylists me -- everything goes straight through, every time.

    --
    Don't thank God, thank a doctor!