[andrewgioia]

Their AI or whatever algorithm they've built for spam (or in this case, phishing) is getting worse and they have no incentive to care. Gmail users aren't leaving Gmail over this and their market size means everyone must cater to Gmail.

Somewhat related but I finally relented this week and now route my self-hosted email through SMTP2Go thanks to a tip from another commenter here. Over the past few months I've noticed an acceleration of my email going to Gmail user's spam folders and just couldn't deal with it anymore.

Perhaps given how big Firefox is they actually prune this one.

[swores]

> Gmail users aren't leaving Gmail over this

I'd change to "Not enough Gmail users are leaving over (just) this yet".

Yes Gmail is big enough and popular enough that any one change that pisses off a small chunk of their users won't kill the juggernaut, plus any any one thing like this is so small it won't change someone from a lover to a hater overnight, but gradually users do either find they dislike a product enough to move to one of the many much better paid but cheap options, or to one of the differently-flawed but perhaps now preferable rival free options, and gradually the users who make business decisions of whether or not their company uses Google's business suite also may find that the next time they need to make a decision, little annoyances in Gmail are the thing that tips them into considering putting a business on something like 365 instead.

Personally I'd like to see more and more smaller companies that really specialise and excel in their one area without either bloating into trying to do too many weird things (cough Mozilla) or being acquired by Google/Microsoft etc. but I've not always been good at voting with my wallet due to the convenience of for example having a single Microsoft license to cover everything from the Word license somebody wants to their custom domain email hosting.

[baisq]

And where exactly are you going to move to from gmail? The alternatives either cost money, suck more, or both

[ipaddr]

Free Email providers? There are alternatives some popular and niche. Some cost and others don't. Some offer different features gmail doesn't.

If you can't get off of gmail maybe you just like gmail.

[wrycoder]

A good paid email account is like $50 a year.

What is the problem?

[doublepg23]

$5 vs free is hard sell - let alone $50.

[wrycoder]

10% of an Internet bill?

One latte per month? Go away kid, you bother me.

[doublepg23]

Yes, the masses of the internet who've grown accustomed to free e-mail while being locked to an gmail domain are definitely going to shill out $50/y for...better spam flagging?

[antifa]

purelymail is probably about $10/year (actual billing specifics more complicated) and that's not billed per seat, they bill on actual usage.

[trasz]

iCloud?

[remram]

Yes, this month emails in my organization have been marked as spam. Those are emails from an @nyu.edu account to another @nyu.edu account, sent from the Gmail webmail, and nyu.edu is a (big) Google Apps domain.

I don't understand how this happens.

[ghusbands]

That happened for us (basically the same situation) many times over the whole time we used Google Apps, and I've seen other reports of the same over the last five years. It probably happened more than we noticed, because we only noticed when people happened to follow it up via some other mechanism. It also happens to non-commercial users - emails sent as a reply from gmail webmail to gmail in an existing conversation sometimes get spam-binned without obvious reason.

[sph]

Gmail's AI spam detection is a joke. Most of the spam I receive on my fastmail is from @gmail.com accounts. Most are a naked list of links offering "cheap guest post services", and it's been going for a year. The dumbest Bayesian filter would catch that.

[jcrawfordor]

Gmail seems to have a remarkably serious issue with outbound abuse. I've been dealing on and off with spam originating from gmail for years. In one case I submitted nearly daily abuse reports about a sender pasting around 600 addresses into the To: and Cc:, but Google took no action for at least four months. I had to edit the headers to even submit the abuse complaint because the number of recipient addresses made the headers so long the abuse complaint form rejected them... with the incorrect error message "headers are required." This was around 2013 and the issue seems to remain basically the same today. Every time I end up on someone's list that they're just pasting into gmail it persists for months, but I no longer bother with abuse reports.

The best part is that on one mail server I used to run this got bad enough that SpamAssassin started weighting down gmail.com in terms of domain reputation, which generated enough user complaints that we had to add a manual bump back up. Then that generated user complaints that our spam filtering wasn't working...

[autoexec]

I've seen an increase in phishing/scam sites hosted on google's services too. The automated system shuts them down fast enough once the URLs are reported, but Googles not so good at preventing new (even identical) sites/forms from being created or at locating other copies already on their platform.

[IIsi50MHz]

Are email headers still easy to forge? I'd like to think there have been significant improvements in 15 years, but I know it used to be common for some email to to have falsified return paths (among other things).

[kiwijamo]

I would check the actual IP address that was sending the spam and sure enough it was genuine Google IP addresses. I once tried black listing them only to stop receiving mail from friends so it was definitely the same IPs being used for both spam and actual ham mail. At the time I ran my own mail server it was not unusual for north of 50 per cent of spam to be originating from Google.

[jcrawfordor]

Valid DKIM signature is the best confidence marker that these are actually originating with Gmail. I have always seen the DKIM signature check out to a Gmail public key.

[n3storm]

It is. We provide consulting on email deliverability so I see many different emails coming from many different backgrounds. They go to Gmail Spam randomly, even follow-up emails. In fact, Gmail works with two Spam folders: SpamSpam and SpamSocial, and with latest it is a joke too.

[mistrial9]

Overall email spam was 1000x worse 12 years ago.. Google has had the fastest and most thorough filters for a decade+.. many capable people and companies have failed badly in public trying to do similar things. Complaining in exaggerated terms does nothing for either side of this.

[kiwijamo]

I have Fastmail and Google email addresses which have been active for over ten years each. The Google account sees several emails bypassing the spam filter every day and, worse, several ham mail being flagged as spam each month. Fastmail, despite that address being more exposed (it's my own domain name which I have used for over twenty years) and having higher overall traffic, sees maybe one or two spam a day hitting my mailbox and only one or maybe two ham to spam a month. I don't get where Google reputation for good spam filtering comes from. It's barely passable when it comes to detecting spam AND ham mail.

[sph]

You're arguing that Google had great spam detection and I agree. My point is that it's gone noticeably downhill since then.

[Nasreddin_Hodja]

> Most of the spam I receive on my fastmail is from @gmail.com accounts.

Do they really come from gmail servers or it's just fake "from" header?

[wnissen]

I have been sending through Ionos (was 1&1) for a decade, with only occasional problems (shared IPs getting on a blacklist). I have SPF working, and in the last few months I am getting routed into Spam 100% of the time. Even when I reply to email from my own family. It does not seem to matter if the recipients move the message out of Spam, you'd think a false negative on a legitimate message would be a wakeup call, ten false negatives should be an alarm. But there's no way to even help this. Google's online support has you set up tools that don't even measure the single-digit volumes I'm sending from my 20-year-old custom domain. I did confirm with DKIM that no one else is sending messages spoofing it, either. The Google monopoly is a real problem.

[theschmed]

Last time I checked, IONOS doesn’t implement DKIM, so if that’s still true I’m not surprised. Especially since, due to the inability to create true aliases, so many GMail users use forwarding that breaks SPF.

I use the $1/month DMARC monitoring from uriports and it’s a little scary how many emails only pass due to DKIM.

[wnissen]

Correct, I misspoke. I am only getting the DMARC reports from the domains to which I send email. Ionos doesn't support it and seems to have no plans to.

[sha256sum]

>now route my self-hosted email through SMTP2Go thanks to a tip from another commenter here

I think you're referring to this: https://news.ycombinator.com/item?id=31180604

> I host my own email server with Vultr on an OpenBSD VM using OpenSMTPD and Dovecot, relaying all outbound mail through SMTP2Go (their free tier more than meets my needs). I have all of the necessary DNS entries set to mark my mail as legit, and I sign all outgoing mail using strong 2048-bit RSA keys. Thus far, I'm able to send mail and not have it marked as spam (at least to everyone that I've corresponded with thus far). It was a lot of work to get to that point, but not terrible.

Been interested in doing the same since reading it and meant to bookmark for later!

[peppermint_tea]

> and their market size means everyone must cater to Gmail.

Would be nice to have an page detailing how the spam algorithm of google is a blackbox and might put legit email to the spam folder... This page could be added to email signatures to reverse the trend... Why am I in spam? ask google/your email provider.

[azinman2]

What are you doing for spam filtering?

[andrewgioia]

Just spamassassin and postgrey that ship with mail-in-a-box (https://github.com/mail-in-a-box/mailinabox).

I had an issue last year with it not detecting or learning a particular Russian spammer but as of ~4 months ago they all now correctly go to spam. Otherwise it's been very good.