Ask HN: Has Gmail spam blocking taken a sudden nosedive?

[sb057]

I woke up this morning to find five obviously spam emails in my Gmail inbox. In the preceding decade of using Gmail, I don't believe even a single one has made it past the spam filter, so I'm quite curious what could be causing the sudden influx. These aren't some cleverly crafted ones either, subject lines include:

𝐘𝐨𝐮𝐫'𝐥𝐨𝐚𝐧-𝐢𝐧𝐯𝐢𝐭𝐚𝐭𝐢𝐨𝐧_for_up to$𝟓𝟎,𝟎𝟎𝟎'. (sent from noreplay.loanpro@gmail.com)

Roundup-Lawsuit..See if YouQualify LRT. (sent from emily.roundpro@gmail.com)

Welcome-To_CarShield (sent from thanhngan1878@gmail.com)

[adrianmonk]

Yes, same here. For many years, I got like 0-10 messages in my Spam folder per week.

Then suddenly in maybe mid-December, an absolute flood started. I started getting at least 100 messages every day in Spam. Many of them were similar to each other, and nearly all of them were obvious spam like you say.

In the last week or two, the volume has decreased again to maybe 10-25 per day. I don't know if the spammers slowed down or Google tweaked something.

---

Also, does Gmail route some spam to /dev/null and other spam to Spam? I somehow have the impression that it does.

That is, rather than doing a basic 2-way categorization (non-spam -> Inbox, spam -> Spam), it could be doing a 3-way categorization (non-spam -> Inbox, confidently spam -> Spam, undoubtedly spam -> /dev/null).

If so, I wonder if the issue could be with the confidently vs. undoubtedly categorization rather than necessarily an increase in total spam.

[remram]

At the very least, they are blocking/greylisting some domains. So they can't even submit an email to Gmail over SMTP, they get stopped at the protocol level.

They might be accepting mail that never shows up in your account as well, I don't know for sure.

[Avamander]

> Also, does Gmail route some spam to /dev/null and other spam to Spam? I somehow have the impression that it does.

Very likely. O365 does and I'm quite certain many others as well.

[alexiaya]

Yeah, I don't know if Gmail does, but I know Outlook.com accepts some emails with a 200 OK status code and then routes them to /dev/null.

[byoung2]

I have similar ones:

PersonalLoanforYou (sent from Personal Loan Pro <pedrojoilmaantonio@gmail.com)

𝐃𝐨𝐧'𝐭 𝐥𝐞𝐭 𝐡𝐢𝐠𝐡_𝐈𝐧𝐭𝐞𝐫𝐞𝐬𝐭 𝐃𝐞𝐛𝐭 𝐑𝐮𝐧𝐔𝐩 𝐓𝐡𝐞 𝐬𝐜𝐨𝐫𝐞 (sent from Personal Loan <xarthostalorr@gmail.com>)

The common thread appears to be that they are sent from gmail addresses. It could be that they are using a tool like Gmass (https://www.gmass.co/) that lets you send bulk email from Gmail by batching them in groups of 500 per day. Mail originating from Gmail must have a lower spam flag rate.

[Terretta]

The best are the ones with 87 people on the TO: line with alphabetically increasing box names (username@). Often the set continues right into the CC: line as well.

I cannot conceive of any legit use case that would result in that pattern, which it appears both O365 and Gmail are fine with.

[DIVx0]

So much low effort spam is making it through. I've had actual 90s era "help an inconvenienced Nigerian Prince" spam in my inbox several times the past few months

[lern_too_spel]

I'm getting spam in my inbox that doesn't even DKIM verify.

[Avamander]

The issue is partially the fact that a lot of domains send mail without, they can't require it. They should, but they can't.

[lern_too_spel]

The fact that an email doesn't DKIM verify should make it less likely to get into my inbox if the rest of the email I receive does verify. Instead, I see at least one example per day, with text that is also clearly spammy.

Not only can Google require it, they already have done something similar with Chrome ratcheting warnings to force HTTPS on the web in just a few years.

[Avamander]

> The fact that an email doesn't DKIM verify should make it less likely to get into my inbox if the rest of the email I receive does verify.

Either you've gotten lucky or not as much e-mail verifies as you think. A lot of very legitimate e-mail is without DKIM, I'd say it's approx 50:50.

> Not only can Google require it, they already have done something similar with Chrome ratcheting warnings to force HTTPS on the web in just a few years.

They only have Gmail, not a near-monopoly of the e-mail market.

[lern_too_spel]

> Either you've gotten lucky or not as much e-mail verifies as you think. A lot of very legitimate e-mail is without DKIM, I'd say it's approx 50:50.

Personal communications come from users of legitimate email services with DKIM. Legitimate commercial email comes from mail servers with DKIM for deliverability. Theonly email I get that doesn't verify is spam. I doubt my experience is out of the ordinary for US users.

> They only have Gmail, not a near-monopoly of the e-mail market.

They have effectively similar dominance in email because nearly 100% of mail servers have to send to Gmail users, just as nearly 100% of web servers have to serve Chrome users.

[Avamander]

> I doubt my experience is out of the ordinary for US users.

It's absolutely ordinary, but so is the opposite. Considering that DMARC is either-and, a lot of companies only employ SPF to reduce access and burden of updating DNS for DKIM keys for large amounts of senders.

[roosgit]

For me it started at the beginning of 2021. I still get the most obvious kind of spam. From Bitcoin to Paypal to USPS. About 100 messages a week. Before, I used to delete them, but they just kept coming, so I decided to let them sit there. At one point I had more than 1000, when before 2021 I had less than 10. Now I'm down to about 430. I think the system deletes spam after 30 days. So at least that thing works.

[superasn]

For me gmail spam blocking has been doing quite the opposite, putting legit customer emails in spam that I had to create a filter to not mark anything as spam. The current approach to email filtering is not very good to be honest.

[Raed667]

The canned response of Gmail Twitter account when I reported a similar issue earlier today:

> Our team is working on this issue. Meanwhile, have a look at this article to mark the emails as spam in Gmail

https://twitter.com/gmail/status/1480816476458262530

[ww520]

Yes. Yesterday. It's probably an A/B experiment went astray, or old learned rules got flushed and needed to relearn over time. Couple months back it was pretty bad. Almost daily for couple weeks.

[oynqr]

Gmail is also a huge source of spam for me.

[rlpb]

Indeed - my self hosted email now gets the majority of its spam from (not forged, DKIM-validated) @gmail.com addresses. I'm on the verge of blocking everything @gmail.com except for known contacts.

[jokethrowaway]

I had an empty mail saying Good Morning in the subject today.

Generally it seems like a few more things can get through, compared to 10+ years ago. I'm thinking just bugs sneaking in the codebase over a long period of time.

I get plenty of Russian spam because I visited Russia and connected to the free wifi of the airport. Apparently the list of people connecting to wifi (or someone who they're reselling their data to) is easily hackable.

Somehow they evaded Google for a long time. For a period they were pretty successful with Google Drive / Google Calendar invitations containing spam, but Google blocked them - then I got a string of emails. After a bit of flagging I stopped seeing them.

I also get some false positives flagged as spam so I started keeping my spam folder clean, so I can inspect what spam I receive and whether it's spam or just a service Google doesn't like.

I interact with people at Yandex and their emails often end up in spam, no idea why. They're perfectly legit mails.

Some forums also are regularly ending up in spam.

[hammyhavoc]

I get tons of Russian spam and have never been to Russia. Russia is quite literally the #1 source of spam globally: https://www.statista.com/statistics/263086/countries-of-orig...

If you had used the Gmail '+' trick on the address you used, you could have proven whether this was the case. If so, stopping any more of it would also be as easy as setting up a filter to delete all inbound email to that '+' variation.

[TheBozzCL]

I've been getting emails like the last one in my university inbox (Gmail-powered) for months now. They always follow the same format: a Vietnamese-sounding name (correct me if I'm wrong about that), followed by a 4-ish digit number. Most were going straight to my inbox instead of my spam folder.

I cut a support ticket to the university IT team, asking if they had turned off spam filters or something. It just seemed very unlikely Gmail would not detect them as spam. I think it's gotten better recently, but I don't open that account a lot since I avoid Google like the plague.

EDIT: to add to that, many of them had subjects that started with a green heart emoji. I was super disappointed that Gmail didn't let me create a filter based on that to at least delete them.

[memcg]

I have been getting about two a week that are similar to what you describe. Most are for nail clippers, T-shirts and gifts imprinted with my first name. Most have links to domains registered on namecheap.com and an unsubscribe link to a Google form. I don't attempt to unsubscribe, but I do click the abuse link and report the form as spam to the Google black hole. I report most spam through Spam Cop, but most recent spam ends up going to google-abuse-bounces-reports@devnull.spamcop.net.

My email is an 20 year old alias @verizon.net address accessed using AOL Mail web site and Yahoo servers.

[reactspa]

In case anyone from Gmail is reading: we need a block button that blocks an email address from the inbox, and also deletes the email (i.e. it doesn't park the email in spam, as is the current practice). There are two domains that send me constant emails: Chopra.com (Deepak Chopra's website), and ICICI (an Indian bank). The emails from both domains contain "unsubscribe" buttons that don't work (I think they do this on purpose... my experience with Chopra.com has been that it's an unethical organization).

Currently, the block button parks the emails in the spam folder. And I wake up every day to 3 emails from Chopra.com, and 5 from ICICI, in my spam folder. Even though it's the spam folder, it's still draining.

[hammyhavoc]

Call Chopra.com out publicly via Twitter if that is the case and you can prove it. Remind them of the law with CAN-SPAM.

[Matheus28]

You can setup a filter to delete them automatically, it won't even go to your spam box

[Blahagun]

It appears so. About an year ago I started getting the most obvious spam messages directly to my inbox. I have been using my current gmail account for more than 16 years now and I've never received such low effort spam messages before. Obviously there was a specific change in gmail's side and I am really hoping it's temporary, but it has been too long that I've been receiving spam in my inbox and I'm really annoyed, even planning on just abandoning my email address and looking for another provider.

[lostdog]

3 months ago every political email started getting through Gmail's spam filter all of the sudden. I've marked hundreds as spam, and the filter still lets some through.

[andrewinardeer]

I don't check my spam folder so I can't say if that has increased in volume.

I do know I now get 3-4 obvious spam mails landing in my actual inbox. This started maybe three months ago.

[sircastor]

Interestingly, I had the opposite problem recently. The spam filter started collecting legitimate emails frequently. I had years go by where in wouldn’t even think about going to my spam folder, then over the last couple of months, it’s gotten substantially worse. I now check spam daily to make sure I’m not missing things.

[notananthem]

I get a lot of french dating site spam (?) my custom filters are ever-evolving, but also I get less and less needed email. Things I need are automated so I check less and less, and have less need for it. Wonder if less users or less importance of email leads to less prioritization for email providers.

[magicjosh]

I've never seen bold text formatting in an HN post, how do you do that? test #test# *test*

𝐘𝐨𝐮𝐫'𝐥𝐨𝐚𝐧-𝐢𝐧𝐯𝐢𝐭𝐚𝐭𝐢𝐨𝐧

[sb057]

It's just specialized Unicode characters, you can do all sorts of fun things with them.

https://qaz.wtf/u/convert.cgi

𝕾𝖕𝖍𝖎𝖓𝖝 𝖔𝖋 𝖇𝖑𝖆𝖈𝖐 𝖖𝖚𝖆𝖗𝖙𝖟, 𝖏𝖚𝖉𝖌𝖊 𝖒𝖞 𝖛𝖔𝖜.

[cplusplusfellow]

I too have seen these, generally my subject matters are insurance of some sort from one of the “Mutuals”, despite having not received any legitimate emails in this category for years.

I can’t imagine how these are slipping through, particularly with the consistent random characters at end of the subject line.

What gives??

[Akinato]

Yup same here. So many for Shoppers Drug Mart or other silliness. They’re very clearly fake and have all the tell-tale signs of spam that Google used to properly filter for me. I’m very surprised at the recent drop in quality and it’s had me looking at other providers.

[hammyhavoc]

I'm getting a lot of false positives too. Just because I hit delete on unread messages that are simply notifications from x services, which I already know about because I saw the push notification for them.

[gustavo456]

Just looked into my spam folder and it seems that they have added a hook icon to the phishing emails. Took me a while to figure out, almost opened one out of curiosity!

[tmaly]

I see these on my yahoo email often with weird fonts. I have yet to see any in my gmail account.

[fulvioterzapi]

I had a legit mail end up in spam last month, and one just today.

Never happened before.

[flamesofphx]

I have been getting a lot of legit email going to spam, and a lot of what appears to be obvious spam coming to my inbox... In the last week or so.. I though I was going crazy, but apparently my meds are still working

[weare138]

I'm getting that crap too. I just got 2 today.

[jeffrese]

Yes. Lots of cigarette spam lately.