Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Why Can't Google Block Spam In Gmail?

Posted by timothy on from the spy-vs-jerkface dept.

An anonymous reader writes Every day my gmail account receives 30-50 spam emails. Some of it is UCE, partially due to a couple dingbats with similar names who apparently think my gmail account belongs to them. The remainder looks to be spambot or Nigerian 419 email. I also run my own MX for my own domain, where I also receive a lot of spam. But with a combination of a couple DNSBL in my sendmail config, SpamAssassin, and procmail, almost none of it gets through to my inbox. In both cases there are rare false positives where a legit email ends up in my spam folder, or in the case of my MX, a spam email gets through to my Inbox, but these are rare occurrences. I'd think with all the Oompa Loompas at the Chocolate Factory that they could do a better job rejecting the obvious spam emails. If they did it would make checking for the occasional false positives in my spam folder a teeny bit easier. For anyone who's responsible for shunting Web-scale spam toward the fate it deserves, what factors go into the decision tree that might lead to so much spam getting through?

10 of 265 comments (clear)

  1. WTF? by rodrigoandrade · · Score: 5, Informative

    Spam folder in my Gmail catches 99.9% of all spam I receive.

    As a bonus: it's also excellent about learning what I mark as spam, and dealing with false positives.

    1. Re:WTF? by jeremiahstanley · · Score: 5, Informative

      I'll second this sentiment. Gmail catches an obscene amount of spam sent to my account accurately and with so few false positives it blows my mind. I've dealt with lots of anti-spam software and some hardware and Google does a fantastic job.

      Pro tip: you have to just start flagging things with the convenient "this is spam" button and in a short time their filters figure it out.

      OP might just be getting a lot of legitimate list traffic that they signed up for. That isn't spam, you asked for that and need to hit 'unsubscribe'.

      --
      Hire me...
    2. Re:WTF? by Anonymous Coward · · Score: 5, Funny

      Then stop buying the penis pills and Google might actually believe you think it's spam.

    3. Re:WTF? by pz · · Score: 5, Informative

      I have found that essentially every time I give my email to a legitimate retailer, they automatically assume that this means they can send me marketing email on nearly a daily basis. However, most retailers also honor the unsubscribe requests, and if you are vigilant about clicking through unsubscribe and marking real spam as such, GMail does a really very good job. Also, I've found that when I unsubscribe to lists that I really don't read (including marketing email that I might have thought could be interesting but no longer want), the total volume of spam goes down.

      I cannot explain the OP's experience, as it runs completely counter to mine.

      --

      Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
    4. Re:WTF? by Anonymous Coward · · Score: 5, Informative

      This is not technically spam. You can disable every single one of those lists by click "unsubscribe" at the bottom or going to your Google account settings for that service and disabling those messages. I have never received a mail from any Google service on my Gmail account, because I always pre-emptively opted out. And this has been my main email account for about 5-6 years now. And I have an Android phone that I have set up with that account, and a Youtube account that I occasionally post videos to, so it's not like I am somehow not using their services actively.

      Real spam is not only unsolicited, but impossible to unsubscribe from, because they really and truly don't give a shit, and any system those fuckers have that appears like it might be an unsubscribe function is really just a system to confirm there's a real person behind the email address. This is the stuff Gmail is really really good about blocking. Stuff about penis pills, viruses, scams. Gmail catches 100% of these for me, and its false positive rate is probably 5% or lower for me, and the false positives are almost always automated messages from signing up for a new site or something similar, and never something written by a human or that I receive on a regular basis and actually desire.

      In your particular case, it's your fault you're getting those messages from Google's services, and if you took like less than 5 minutes to actually untick some boxes you'd never receive those messages again.

  2. Spam on Gmail? by Anonymous Coward · · Score: 5, Informative

    I realize that this is not a helpful response, but my Gmail account never gets spam, it's all properly filtered into the spam folder. Been years since I even gave spam a second though, actually. I imagine that most peoples' situations are similar.

  3. as a former mail site admin... by drama · · Score: 5, Informative

    I'm not sure what this guy is doing, but when I ran my own mail server (which I did personally and professionally for well over a decade), spam was a huge problem for me. No combination of spamassassin, rbl's, heuristics signature checks, virus, etc... Nothing got me past 85-90% blockage. And I did everything right. And it was a constant unending fight.

    When I switched to Google apps for my personal domain, my life changed. Google catches a HUGE amount of spam. Things still get through occasionally, and definitely get worse as black Friday and Christmas campaigns kick into high gear. But the majority of the spam I get is from legitimate business that decides to put me on their mailing lists without my permission.

    The op either has on blinders, or is baiting.

  4. If you think Gmail is bad... by Dishwasha · · Score: 5, Funny

    switch over to Yahoo mail

  5. Re:Article is stupid by BitZtream · · Score: 5, Insightful

    If the story wasn't so sort, I'd say it was Bennett Haselton talking out his ass again.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  6. Former Google Engineer - my internal perspective by brunobowden · · Score: 5, Interesting

    Disclosure: my name is Bruno Bowden and I managed the engineering team on Enterprise Gmail many years ago at Google before leaving to work in venture capital. My profile is www.linkedin.com/in/brunobowden. Though I didn't work on spam fighting directly, I interacted a great deal with the spam team while I worked there.

    One of the main architects of the spam fighting system - Brad Taylor - published a scientific paper on "Sender Reputation in a Large Webmail Service" - http://www.ceas.cc/2006/19.pdf. This has a lot of detail about the system. We keep much of the internals secret as it reduces the chance that a spammer can reverse engineer and work around the system. If you'll allow me to be vague, the number of signals it uses was stunning to me. There's a mixture of hard wired tests (e.g. is the sender in someone's address book), reputation (domain and content), machine learning and anything else we can make work.

    One of the principle improvements came when we switched to user classification through the "Report Spam" button. People have different opinions on what constitutes spam, so individual filtering is far more effective. It also avoids the politics of certain lists of domains and IPs from third parties which can be controversial. Even then it has challenges, as sometimes users will mistakenly pick out a phishing email and mark it "Report Not Spam". Because of that, Gmail now adds a red warning banner to indicate more strongly what is a likely a phishing attempt. In general, Google has tried to be very supportive of encryption, e.g. DKIM for authentication (and SPF) to STARTTLS for privacy. I would also like to mention the abuse team that works hard to prevent gmail being used as a source of spam, shutting down accounts as soon as possible after suspicious email is sent, then helping affected users to recover their account.

    In general, the Gmail has received a lot of compliments on the spam filtering, I'm sure the team will be grateful for the positive comments here on Slashdot. There are still things that can confuse the system, e.g. receiving forwarded email (which might be missing source IPs) or genuine email that is sent to the wrong address. Though the system isn't perfect, I know the team will continue to work hard on it.