Google Launches Gmail Postmaster Tools To Eliminate Spam

← Back to Stories (view on slashdot.org)

Google Launches Gmail Postmaster Tools To Eliminate Spam

Posted by samzenpus on Thursday July 9, 2015 @12:12PM from the no-spam dept.

Mark Wilson writes: Spam is a problem that is not going away for anyone who receives email — and who doesn't? Over the years Google has taken steps to try to reduce the amount of junk that reaches Gmail inboxes and today the company is taking things a step further with Gmail Postmaster Tools and enhanced filter training for Gmail. Part of the problem with spam — aside from the sheer volume of it — is that the detection of it is something of an art rather than a science. It is all too easy for legitimate email to get consigned to the junk folder, and this is what Gmail Postmaster Tools aims to help with. Rather than helping recipients banish spam, it helps senders ensure that their messages are delivered to inboxes rather than filtered out.

55 comments

Min score:

Reason:

Sort:

Just wait for the abuse by Anonymous Coward · 2015-07-09 12:23 · Score: 0

Rather than helping recipients banish spam, it helps senders ensure that their messages are delivered to inboxes rather than filtered out.
And how long before spammers use it to ensure the spam hits the inbox?
1. Re:Just wait for the abuse by w1zz4 · 2015-07-09 12:31 · Score: 2
  
  Well you need to add an exact key on you DNS TXT record in order to verify the ownership of the domain... If the hacker can mess with your DNS records, you problem is way worst than spamss..
2. Re:Just wait for the abuse by JS_RIDDLER · 2015-07-09 12:45 · Score: 2
  
  I have spammers create a new domain with valid SPF and start spamming that day. they are very hard to find and block the same day.
  
  --
  _JS
3. Re:Just wait for the abuse by Anonymous Coward · 2015-07-09 13:21 · Score: 2, Informative
  
  To block very young domains I recommend you use the fresh15.spameatingmonkey.net blacklist from Spam Eating Monkey.
Google account required by manu0601 · 2015-07-09 12:31 · Score: 1

So now I need to open a Google account to make sure my outgoing e-mails reach Gmail?
It is getting harder and harder to avoid using their services.
1. Re:Google account required by cheater512 · 2015-07-09 12:41 · Score: 1
  
  You don't need to.
  Its like if you want to have a bank account, you need to sign up with a bank. Oh the evil!
2. Re:Google account required by Anonymous Coward · 2015-07-09 13:03 · Score: 1
  
  It's more like having to open an account at a bank just to send somebody money who is a customer of that bank. That's kinda antithetical to the function of a federated banking system.
  That said, this seems to be more oriented toward mass mailers. It even says so in their announcement: "The Gmail Postmaster Tools help qualified high-volume senders analyze their email".
3. Re:Google account required by halltk1983 · 2015-07-10 00:37 · Score: 1
  
  It's almost like there are valid reasons to mass mail people.
  Valid reasons I mass email our customers: system maintenance that will impact them.
  Chance I want that to get through? 100%
  
  --
  Watch for Penguins, they eat Apples and throw rocks at Windows.
Probably Good by The+Raven · 2015-07-09 12:46 · Score: 4, Informative

I know that some people are looking at that 'help companies get their mail into inboxes rather than filtered' comment with trepidation. But I don't think it's nefarious like that. I work at a small university, and it's pretty common (and frustrating for students) to have important emails like 'Here is how you log in for the first time' get filtered out as spam because the same email is sent to thousands of students... it looks like spam. These tools just let us register our domain and add tags to our emails marking it as official email from the school.
That still allows the user algorithms to reduce the significance of the email, tossing it in the 'Advertisement' category, or 'Low Priority', or other variations of 'not spam, but maybe you'd like to hide it anyway' category. But it should reduce how ofter the email is thrown away completely, and they can't even search for it because it was tossed out with the garbage.
I took a look at the postmaster tools, and as soon as the DNS update goes through (which proves to Google that I'm allowed to manage our postmaster tools) I'll have a better idea what options it gives us.

--
"I will trust Google to 'do no evil' until the founders no longer run it." Hello Alphabet.
1. Re:Probably Good by fustakrakich · 2015-07-09 13:23 · Score: 0
  
  Still too easy to forge. The only workable solution is to whitelist your inbox to contacts only. Use a filtered second 'inbox' for new shit, and then dive into the spam box.
  
  --
  “He’s not deformed, he’s just drunk!”
2. Re:Probably Good by Anonymous Coward · 2015-07-09 15:56 · Score: 0
  
  Spamgourmet my friend. Too bad a lot of people don't accept them as "valid email addresses", but I can see who sold my address (eBay inadvertently, but I can allow "from eBay only"), and I can turn on/off without worrying about if a company wants to honor it (really, Delta, do I *look* like I fly every week?).
  But you get lots of comments like "oh, so you work for Advance Auto Parts?"...
3. Re:Probably Good by Anonymous Coward · 2015-07-09 16:08 · Score: 0
  
  Overrated
  Uh oh! Makers of spam tools have mod points to shed! Shame on you people!
4. Re:Probably Good by whoever57 · 2015-07-09 16:46 · Score: 1
  
  I took a look at the postmaster tools, and as soon as the DNS update goes through (which proves to Google that I'm allowed to manage our postmaster tools) I'll have a better idea what options it gives us.
  I registered and validated a couple of domains. However, the tools show no options for me. Probably we don't send enough emails to gmail, but I also wonder if what it needs is a number of emails AFTER registering.
  
  --
  The real "Libtards" are the Libertarians!
5. Re:Probably Good by swillden · 2015-07-09 23:45 · Score: 1
  
  The only workable solution is to whitelist your inbox to contacts only.
  Workable? That's nearly useless. Too many spammers harvest contact lists and forge "From" fields. That sort of whitelist will allow a lot of spam through.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
6. Re:Probably Good by fustakrakich · 2015-07-10 00:13 · Score: 1
  
  They only get your contact list if you give it to them. When my name is in somebody else's contact list, it's still no problem for me. If it is not in mine, it goes through the spam filter, very simple. It has proven far and away the best solution.
  
  --
  “He’s not deformed, he’s just drunk!”
7. Re:Probably Good by swillden · 2015-07-10 01:36 · Score: 1
  
  They only get your contact list if you give it to them. When my name is in somebody else's contact list, it's still no problem for me. If it is not in mine, it goes through the spam filter, very simple. It has proven far and away the best solution.
  You don't have to give it to the spammers. They get it from others who have you in their contact list -- which often means they're in yours as well.
  It's worked for you so far, but that's just because you've been lucky... or have a very small contact list containing nothing but very security-conscious people.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
8. Re:Probably Good by SlithyMagister · 2015-07-10 04:04 · Score: 1
  
  You send them an email to tell them how to log in?
  That's one of the classic BOFH jokes.
  
  For the very young among us: The Bastard operator from Hell archive
9. Re:Probably Good by Ravaldy · 2015-07-10 04:39 · Score: 1
  
  He's right. Spammers will pay a premium to obtain a list with cross references. There's an underground market for email list and those who collect enough of them make a pretty penny.
10. Re:Probably Good by rch7 · 2015-07-10 13:22 · Score: 1
  
  Actually you can do the same with gmail address and many other email servers (but not all). I.e. if you have foo@bar.com, you can use foo+anyRandomString@bar.com. Too bad many lame email checkers don't understand that + is valid character in email address.
11. Re:Probably Good by The+Raven · 2015-07-11 00:04 · Score: 1
  
  An email to their personal address (not their school account) for obvious reasons. Though I do have to admit that a few times mistakes have been made made (real mistakes, not BOFH in disguise) and the password reset template was emailed only to their school account.
  
  --
  "I will trust Google to 'do no evil' until the founders no longer run it." Hello Alphabet.
12. Re:Probably Good by Anonymous Coward · 2015-07-11 19:01 · Score: 0
  
  I know that some people are looking at that 'help companies get their mail into inboxes rather than filtered' comment with trepidation. But I don't think it's nefarious like that. I work at a small university, and it's pretty common (and frustrating for students) to have important emails like 'Here is how you log in for the first time' get filtered out as spam because the same email is sent to thousands of students... it looks like spam. These tools just let us register our domain and add tags to our emails marking it as official email from the school.
  That still allows the user algorithms to reduce the significance of the email, tossing it in the 'Advertisement' category, or 'Low Priority', or other variations of 'not spam, but maybe you'd like to hide it anyway' category. But it should reduce how ofter the email is thrown away completely, and they can't even search for it because it was tossed out with the garbage.
  I took a look at the postmaster tools, and as soon as the DNS update goes through (which proves to Google that I'm allowed to manage our postmaster tools) I'll have a better idea what options it gives us.
  Your email message looks like spam because you're stupid and send spam out to your students. Most of your students consider your messages to be spam, even if they contain a small nugget of useful (or even necessary) information every once in a while. Your fault is in putting necessary information in a spam message, instead of sending it to a list students voluntarily sign up for and register their email with.
  PS) Msgs filtered out as Spam are still viewable (and searchable even!) in the 'spam' folder. Seems you also accept a number of students who can't even work GMail competently.
Finally! by jordanjay29 · 2015-07-09 13:03 · Score: 5, Funny

I can finally rest easy knowing all the advertisements for penis enhancement will come straight to my inbox. No more hunting around in the spam box for these important emails.
Hmm, wish SBL would do this by Anonymous Coward · 2015-07-09 13:09 · Score: 0

... as it is, they offer no way for little people with the desire to run mailservers from IPs within the larger ISP's address space to mark their server as legit.
I'd like to run my own mailserver again, to do end-to-end encryption and stay out of the big providers' NSA dragnets. But it's pretyt much impossible now to run an SMTP service from a residential IP.
1. Re:Hmm, wish SBL would do this by guruevi · 2015-07-09 16:25 · Score: 1
  
  With most residential providers you have contractually agreed not to run a mail server. Also, you won't have a fixed IP so a receiving mail server is kind of useless. Use a commercial account/provider and you will most likely be able to obtain a fixed IP outside of the blacklisting that comes with residential IP's.
  
  --
  Custom electronics and digital signage for your business: www.evcircuits.com
Spam? by Anonymous Coward · 2015-07-09 14:45 · Score: 0

I used my same email address for years on some mail lists, with relatives and various other places. I don't get spam hardly ever. I might have gotten one spammer mail in the last year. Is it really that bad for everyone else?
1. Re:Spam? by arkane1234 · 2015-07-09 15:06 · Score: 3, Insightful
  
  I'm the same way. I got my gmail account back when you had to be invited. I was going to use it as a spam catcher account but I noticed quickly that no matter what I did nothing bad was really coming through. I've used it as my primary account for over 8 years now, and I think maybe 4-5 emails made it through.
  
  --
  -- This space for lease, low setup fee, inquire within!
Hotmail's whitelist is an effective system by JoeyRox · 2015-07-09 14:49 · Score: 1

Been using it for years and have never received spam. You can add individual addresses or entire domains and all your contacts are automatically included as well.
1. Re:Hotmail's whitelist is an effective system by JcMorin · 2015-07-09 15:55 · Score: 1
  
  As a customer it may be good but as a sender it's terrible. I'm sending thousand of email per day, never got a single issue except Microsoft domain that relies on the crappy Symantec spam detector. Once in a while our IP get listed there (probably because a spammer is in the same block as me). When you contact M$, they are clueless, after day they said it's Symantec. Symantec is clueless about why we get there. They can't point out a single spam email. They remove our ip. Then we get listed again a couple week later. Rince and repeat.
2. Re:Hotmail's whitelist is an effective system by Anonymous Coward · 2015-07-09 16:11 · Score: 0
  
  If we wanted your email we would specifically ask for it.
  You, however, will use any means to get our email (i.e. to create an account or read a document or post a comment or ...) and you infer that we also want your spam.
  If you send any email to any person that didn't say hey, send me some email, you are a spammer. If someone says "Hey, send me this one single email" and instead you add them to a list to get email blasted every day, week or month, well you're still a spammer. If you purchased a single email address from anyone or downloaded some list of email addresses, you are a spammer.
  I applaud everyone reporting you as a spammer because it is, in fact, the truth. You might not like it, but it is what it is. I applaud M$ blocking you as a spammer and making it hard to get labelled a non-spammer (they lose points for changing you back to a non-spammer).
3. Re:Hotmail's whitelist is an effective system by sexconker · 2015-07-09 16:22 · Score: 1
  
  I'm sending thousand of email per day
  Congratulations, you're a spammer.
  I don't care if the entire planet needs to be notified of an impending asteroid impact. If the information isn't specific to me AND the reasoning behind sending the message isn't specific to me, then it's NOT worth an email.
  Generic emails sent to thousands/millions of people are like traditional junk mail.
  Generic email sent one person (often phishing attempts) are like the old mail fraud scams.
  Specific email sent to thousands/millions of people are like pre-approved credit card offers, service coupons from the dealership you bought your car at, etc.
  Actual communication means you have something specific to say to someone specific.
4. Re:Hotmail's whitelist is an effective system by hankwang · 2015-07-09 17:57 · Score: 1
  
  "Congratulations, you're a spammer."
  You're jumping to conclusions. There are perfectly legitimate reasons for that kind of mail volumes, such as administrering mail servers of a company that handles customer support tickets or a web shop with order confirmations, shipping notices, and invoices (3 emails per order). It could also be an opt-in mailing list.
  
  --
  Avantslash: low-bandwidth mobile slashdot.
5. Re:Hotmail's whitelist is an effective system by Anonymous Coward · 2015-07-09 20:01 · Score: 0
  
  Opinions differ whether opt-in marketing emails are wanted or not. They often run on the line of being wanted (getting informed) and annoying (too commercial/irrelevant). Many may go unread, just like paper flyers. But opt-in means they want to get the email. If I catch a customer (try to) send non-optin mails, the account gets suspended first.
6. Re:Hotmail's whitelist is an effective system by eulernet · 2015-07-09 20:06 · Score: 1
  
  In fact, it's pretty easy to figure what happened.
  If your IP has been blacklisted, check the DNSBL.
  For example, with this site: http://www.dnsbl.info/
  Then go to the sites that block your IP and ask to be whitelisted.
  You can be blacklisted for a lot of reasons, like sending too much mails in a short amount of time on the same site (in France, we have an ISP that considers a mail is spam if you send to 10 people of their domain in a single mail), or somebody tagged your mail as spam, or it uses patterns that are considered as spam, or you send an email to a fake user.
  Emailing can't be trusted, so you have to accept that and stop fighting companies that block your emails.
7. Re:Hotmail's whitelist is an effective system by sexconker · 2015-07-09 20:12 · Score: 2
  
  And such information would be specific to the user and the motivation would be specific to the user.
  No one sending legitimate emails is getting blocked by the major blacklists. I personally haven't seen this happen in over a decade. It's always the people who spam and claim to be not spamming, or the people who run their "legitimate" email through a service known to let spammers run wild and cry when they get blocked along with the other trash.
  If you wouldn't buy a first class stamp or pay a human to pick up the phone in order to send the information, the information is worthless at best and malicious at the worst.
8. Re:Hotmail's whitelist is an effective system by Anonymous Coward · 2015-07-10 02:21 · Score: 0
  
  No, opinions don't differ to the folks that receive this crap, they just differ in the minds of the folks sending the crap.
  Most folks who "opt-in" are tricked into it (hide the checkbox where they are opting in, bind the marketing shit with a legitimate thing so to get one you get the other, etc.).
9. Re: Hotmail's whitelist is an effective system by spongman · 2015-07-11 05:24 · Score: 1
  
  How do you know his mail isn't solicited?
It seems like this is what DMARC is built to solve by MillerHighLife21 · 2015-07-09 15:01 · Score: 2

Except that Google basically just has a better spam filter for gmail accounts now too.
Either way, good for Google. The more awareness that can get out there for improved sender validation the better.

--
"Don't teach a man to fish, feed yourself. He's a grown man. Fishing's not that hard." - Ron Swanson
Well... by Anonymous Coward · 2015-07-09 18:24 · Score: 0

It would probably help if they could at least get "whitelisting" right: if I explicitly reply or send an email to a certain address, it should consider all emails from that email address as not-spam by default from then on (apart maybe from specific exceptions, like when a phishing URL or virus is contained in an email with "spoofed" email address).
As far as I can tell, Gmail can't get this simple thing right, since I keep getting other people's legitimate emails thrown into the spam folder way too often.
A link of a link of a link of a link.... by Zanadou · 2015-07-09 19:36 · Score: 2

http://gmail.com/postmaster ---- The actual relevant link
Re:It seems like this is what DMARC is built to so by Anonymous Coward · 2015-07-09 19:50 · Score: 0

You clearly have no idea what DMARC is about.
Re:It seems like this is what DMARC is built to so by CBravo · 2015-07-09 20:09 · Score: 1

No, DMARC authenticates you as a sender to fight phishing but does not tell you what the rest of the spamfilter concludes. You can still send spam using DMARC. The reporting feedback of DMARC is necessary to find problems in the authentication. An added bonus is that you can identify spammers.

Microsoft has SNDS which is pretty helpful in finding moments when things go bad. It does not identify your customers, I have to find that myself.

--
nosig today
Re:It seems like this is what DMARC is built to so by CBravo · 2015-07-09 20:10 · Score: 1

sed 's/you can identify spammers./you can identify spammers pretending to be you/'

--
nosig today
mail filter by chewy_fruit_loop · 2015-07-09 20:34 · Score: 2

well i hope they fix their mail filters first....no matter how many ways i tell gmail amazon isn't spam...thats where it ends up...even mail from the wife does that...which she isn't pleased about
1. Re:mail filter by fulldecent · 2015-07-10 01:01 · Score: 1
  
  This. Gmail has a hard time learn learning that "Please leave a survey for your last purchase!!!" is spam and "Your order shipped" is not. Either all my mail from one merchant wind up in spam or not.
  
  --
  -- I was raised on the command line, bitch
Re:It seems like this is what DMARC is built to so by MillerHighLife21 · 2015-07-10 01:22 · Score: 1

Right, but just based on a quick look at postmaster tools it appears that a big chunk of how it works is sender authentication. That's all I meant.

--
"Don't teach a man to fish, feed yourself. He's a grown man. Fishing's not that hard." - Ron Swanson
Yo Bitches! by Anonymous Coward · 2015-07-10 01:28 · Score: 0

Train our filters for us.
It's All A Matter Of Perspective by Anonymous Coward · 2015-07-10 01:31 · Score: 1

Valid reasons I mass email our customers: Penis pills for less!
Chance I want that to get through? 100%
Great, just great... by Andy+Dodd · 2015-07-10 01:54 · Score: 1

"Finally, the spam filter is better than ever at rooting out email impersonation—that nasty source of most phishing scams. Thanks to new machine learning signals, Gmail can now figure out whether a message actually came from its sender, and keep bogus email at bay."
As if that crap didn't false-positive on me way too much already.

--
retrorocket.o not found, launch anyway?
This was an avoidable problem by damn_registrars · 2015-07-10 02:02 · Score: 1

When we keep insisting on filters as the "answer" to spam, we end up with more problems like these as a result. The spammers are continuously changing their strategy to get around filters, which causes this to happen. Unless we approach spam as the economic problem that it is, we won't see this get better.

--
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
It's extra effort, but worth it... by QuietLagoon · 2015-07-10 02:09 · Score: 1

Emails from my domain were being routed to recipient spam folders, so I decided to become more compliant with the current email guidelines, DKIM, DMARC, SPF, DNSSEC, PTR records, etc.
.
DKIM is actually kind of cool. I like to see inbound emails being authenticated by my email server.
DNSSEC was a pain to implement, though. That is, until I found a good, DNSSEC-friendly registrar (gkg.net) that made the switch to DNSSEC for my domain quite easy.
Now I get daily DMARC data sent to me, and also to dmarcian.com for reporting.
Most important, however, is that my emails aren't winding up in spam folders anymore.
Um, er, whatever happened to Postini? by Anonymous Coward · 2015-07-10 04:18 · Score: 0

Google bought them a few years ago. Postini's approach to solving spam was to look for substantially the same message being sent to some large number of recipients within a window of time, with a "white list" for publishers of legitimate content (suitably vetted). Since GMail sees millions of messages a day, they are in the best position to stop spam at the source by never letting it go to inboxes when there are several incoming, nearly-identical messages (over a few seconds, admittedly, but who sends spam at the rate of one per minute or less?)
I suspect there something else going on here, because I get very little spam via gmail (an sbcglobal.net account, on the other hand, just fills up day after day), so I suspect Postini is still in place...or, perhaps, evolved.
Just turn of the spam filter by DarkStarSword · 2015-07-12 16:53 · Score: 1

My total volume of spam emails in GMail is very low - only about one/day (32 spam emails in the last 30 days), yet the false positive rate was extremely high and I was missing important messages on a regular basis. I ended up disabling the spam filter (which has to be done by a filter that matches every message) and haven't looked back since.