
Alarming number of spam false positives in Gmail - davidw
http://journal.dedasys.com/2015/03/12/alarming-number-of-spam-false-positives-in-gmail/
======
makeitsuckless
Google's spam filtering in general is abominable. For years they even managed
to flag mail from some of their own services, like Analytics, as spam. Way too
many false positives for main stream services that send perfectly ordinary
decent emails in general.

On the flip side, the spam filter seems to be very US-centric, allowing a lot
of spam through my local ISP's spam filter does catch.

Finally the lack of control over the spam filtering is ridiculous if you
compare it to what many ordinary ISP's offer.

~~~
jacquesm
I can actually see the point of the analytics messages being labelled as spam.
That's precisely what it is usually.

~~~
cpncrunch
But it's not technically spam, as you have actually signed up for the
analytics account. Perhaps this illustrates the reason why it is tagged as
spam: a lot of people just hit the 'mark as spam'.

The irony is that most of the spam that gets through my spam filter comes from
gmail.

------
Will_Do
I'm beginning to think that we should have two different spam filters.

One that is with p > .995 spam for all the viagra pills and lasik and
everything.

Another should be for the emails that are probably spam but not certainly.

For the record, I just went over the 151 spam messages I've received over the
past 2 weeks and had 0 false positives. That's pretty good.

~~~
bryanlarsen
And I went over the 300 spam messages from the last month and found 6 false
positives. None were important, but one could have been.

~~~
iak8god
I go in every month or so to retrieve a handful of legit messages and mark
them as _not spam_. Today I had about 50 things in my spam, about ten of which
didn't belong. Most were things I don't really care about, like LinkedIn
invites to: some email address other than my main one, and some mailing lists
I've subscribed to, but still this is bad and getting worse.

On a side note, about 20% of my actual spam over the last few months purports
to be from young women named "Jessica," though it's not clear that I'm
supposed to believe that it's coming from the same person. Is this just a go-
to name for spam pretending to be from friendly (young female) strangers?

~~~
pionar
Using female names (especially "attractive" names like Jessica, Tiffany, etc.)
is an old trick. Males will generally be more receptive to opening an email
with a name like this in the from field.

~~~
iak8god
Yeah I get that. They they wouldn't do it if it didn't work, though I'm not
sure quite who falls for this. In any case, I'm just amused that mine are so
heavy on the Jessica.

~~~
iak8god
Kind of talking to myself here, but thought it was worth noting that "Jessica"
was the top female baby name of the decade for both the 80s and 90s:
[http://www.ssa.gov/oact/babynames/decades/](http://www.ssa.gov/oact/babynames/decades/)

------
afandian
I regularly get emails (from Apache mailing lists if you care) that go to
spam. No amount of flagging fixes it. The way to deal with it is regularly
check the spam filter, train the filter every time it makes a mistake,
occasionally sacrifice a goat and pray to Google that they'll fix it.

Then again, you could say it's just a cost of using GMail, and it's offset by
all the correctly identified spam emails.

~~~
breakingcups
You can set a filter on any kwyword / subject / sender / receiver and mark it
as "never send to spam", that might help you.

~~~
afandian
Thanks very much, never saw that!

------
jacquesm
This has happened to me too, several times with increasing frequency over the
last two years. My messages end up being labelled as 'spam' even with people
that I have long standing relations with and that blindly rely on gmail to do
its bit. Extremely frustrating because even though I'm not a gmail user this
still affects me.

------
globile
This might be pretty obvious, but if you forward personal email to a google
apps account a lot of stuff like this can happen.

The other way, too. If you forward email from a google apps account to gmail
(or another google apps account), funky stuff happens.

Colin from customer.io wrote about this once...
[http://iamnotaprogrammer.com/Dont-Forward-Google-Apps-to-
Gma...](http://iamnotaprogrammer.com/Dont-Forward-Google-Apps-to-Gmail.html)

------
unltd
Noticed a lot of false positive too since the new year.

After investigation, it appeared that the ahbl.org's RBL was now wildcarding
everything as spam : [http://ahbl.org/node](http://ahbl.org/node)

In my particular case I use my own servers that flags mails before sending
them to google. I doubt that google relies on ahbl but most servers with a old
version of spamassassin do.

IMHO Those false positive by gmail might be due to a large amount of false
positive forwarded to them by servers that rely on spamassassin.

------
Vendan
I kinda wonder if a significant portion of the issue is people who sign up for
stuff, then rather then unsub, just tell gmail it's spam?

~~~
Goronmon
Due to the simplicity of my email address, I get emails almost everyday from
stuff other people have signed up for and mistakenly put in my email address
thinking it was theirs. Sometimes if it's in a foreign language I can't tell
if it's spam or just normal stuff that came to the wrong address.

I have had moments of frustration where I've selected a whole group of these
emails and marked them as spam in the hopes that they would stop showing up in
my inbox.

~~~
coliveira
It turns out this is a serious problem with using a gmail account. I receive
all the time email that was sent to some other unrelated person with similar
name. This happens with lots of people that I know. I decided it is better to
stop making gmail my main email, and treat it just as a junk mail destination.

------
sp332
I've actually been getting a lot of false negatives in Gmail lately. It's
funny that it's much more surprising to see spam in my Gmail account now just
because it was so rare before.

------
PeterWhittaker
Motivated by this thread, I just checked my personal account (gmail, email
address hardly publicized at all) and my business account (GAE business, email
address widely publicized). In the interest of balance, my anecdata is that
the gmail anti-spam filters work very well for my two accounts.

No false positive spam at all in the personal account, and only a few dozen
spam over the last several weeks.

One false positive spam in the business account out of the several hundred I
bothered to check before I got bored (I've close to 800 spam over the last few
weeks) - and that false positive is something I could easily have ignored.

Works for me, FWIW, YMMV and likely does.

------
gambiting
The worst one I got was a legitimate email from Origin telling me that my
password was changed.....someone broke into my account and changed everything
they could. It went to Gmail's spam,because whoever broke into my account
changed the language to Russian - so the email from Origin arrived in Russian
and automatically went into spam - even though it was completely legitimate.

------
Tepix
People who are capable of running their own mail server should really consider
doing so. It's super easy with projects like sovereign
([https://github.com/al3x/sovereign](https://github.com/al3x/sovereign)).

More privacy and more power over spam filtering.

~~~
Joeboy
I run my own mail server. I recently started finding out that my friend's
gmail account has been classifying my messages as spam. I suspect the general
trend is going to be increasing hostility to emails sent by small servers.

~~~
gtufano
I found that DKIM and SPF decrease greatly the Gmail hostility. Not so
difficult to implement. Overall, I fully agree on your suspect.

------
shiftpgdn
We recently ran into the issue of Google sending all of our new client emails
to spam. At first I chalked it up to Google launching a competing service but
we switched to Amazon's SES service to send email and it entirely fixed the
issue.

------
ynak
Just out of curiosity, are free mail providers like Gmail and Yahoo! mail
using postfix and Dovecot to manage their mail services? Also to filter spam,
do they rely on spamassassin or other free software with some customizations?

~~~
wodenokoto
No, they rely on in-house solutions.

------
DanBC
Google is struggling to identify and sort the blizzard of emails I get from
Paypal and Ebay.

Some stuff I want in my primary account. Some stuff I want in the commercial
tab. A lot of it I don't want at all and I'm really happy if Google marks it
as spam.

I don't blame Google at all for this. The blame lies squarely with fucking
arseholes who have no concept of me not wanting their shitty fucking email.
"We get more conversion if we poke people in the eye with this pointy stick!"
Maybe, but you're an arsehole if you do and you should feel bad for doing it
and you should stop doing it.

------
josefresco
"Ironically, I am a paying customer of Google as of a few days ago, in order
to have extra storage space."

I don't believe paying for more space changes your _free_ Gmail in any way. I
too used free Gmail and paid for Drive space but it's not comparable to paying
for Google Apps.

------
allending
I've received 3 emails from Apple in the past about requesting promo artwork
for my app for a possible feature, and every one of them landed in the spam.
The first time it happened, it was only 2 days before the request expired.
Ever since then, I check my Spam everyday.

~~~
mhomde
Might be a good idea to make a folder and a filter for Apple mail :)

------
billpg
"I live in email… and if I can’t trust it, I’m in big trouble."

Sorry, who told you that you could trust email? It has been broken ever since
we decided an arms race was the best way to fight spamming.

No, I don't have a better solution. Doesn't stop email being broken.

------
Scramblejams
I run a small server that's never been an open relay and never spammed, yet
deliverability to Gmail has long been poor. Very frustrating and from what
I've read all too common.

------
PaulHoule
Once you start paying for something many web services suddenly get worse. For
instance get linkedin premium and you find yourself sandboxes and the moment
stumbleupon realizes you are a mark who will pay for traffic the organic
traffic stops.

------
blawa
Its happened with me too, and a friend of mine as well. Funny story with that
friend- he missed summer job emails because of Google, and cursed them a lot
:-). But later ended up visiting Google for his summers.

------
nodata
... for this one particular person.

~~~
davidw
Well, yeah, and since that one person is me, I'm very, very unhappy with it.

~~~
nodata
But your headline reads as if it's a general problem.

~~~
jacquesm
It is general enough that it affects me too. Also, if with a service the size
of gmail _someone_ has a problem you can bet that that problem affects at a
minimum thousands of users.

------
aleem
The thing that annoys me most is that now GMail by default shows images which
can allow spammers and marketers to detect open rates and validate active
email addresses.

This is made worse by the fact that marking messages as spam requires you to
open the email first. By the time you open it, the spammer knows your email
address is valid and active and even if you mark it as spam, your email will
probably have made it to some other list of 'validated gmail users'.

~~~
nkozyra
The images are precached by Google so that this doesn't happen. The requested
image doesn't come from its originating source.

For example, here is Basecamp's logo as it's displayed by Gmail:

[https://ci5.googleusercontent.com/proxy/YBj6RKkd7c8dtR81gfn-...](https://ci5.googleusercontent.com/proxy/YBj6RKkd7c8dtR81gfn-
tIDDfaoyx6dXVlgJX2r5Ez9nK8CFb8Xy6p_OFNVjTRvOx9KoNNDfok-
Kkj5eU8vdqS9AKM2vCiieL1BWhijFavW731Qb-vMdstbSmJ0OM9kGqIVKDXbjl-
VJBK92hBndHA=s0-d-e1-ft#https://bcx.basecamp-
static.com/assets/mailer/bc_logo-f21bbd816610203623eb078e63a6c39e.png)

~~~
kretor
Google acts as a sort of proxy for those images, so by setting certain http
headers, the marketers can make the proxy access the original image every time
the email is being opened. So they can track the time you open their email.

