[sph]

Gmail's AI spam detection is a joke. Most of the spam I receive on my fastmail is from @gmail.com accounts. Most are a naked list of links offering "cheap guest post services", and it's been going for a year. The dumbest Bayesian filter would catch that.

[jcrawfordor]

Gmail seems to have a remarkably serious issue with outbound abuse. I've been dealing on and off with spam originating from gmail for years. In one case I submitted nearly daily abuse reports about a sender pasting around 600 addresses into the To: and Cc:, but Google took no action for at least four months. I had to edit the headers to even submit the abuse complaint because the number of recipient addresses made the headers so long the abuse complaint form rejected them... with the incorrect error message "headers are required." This was around 2013 and the issue seems to remain basically the same today. Every time I end up on someone's list that they're just pasting into gmail it persists for months, but I no longer bother with abuse reports.

The best part is that on one mail server I used to run this got bad enough that SpamAssassin started weighting down gmail.com in terms of domain reputation, which generated enough user complaints that we had to add a manual bump back up. Then that generated user complaints that our spam filtering wasn't working...

[autoexec]

I've seen an increase in phishing/scam sites hosted on google's services too. The automated system shuts them down fast enough once the URLs are reported, but Googles not so good at preventing new (even identical) sites/forms from being created or at locating other copies already on their platform.

[IIsi50MHz]

Are email headers still easy to forge? I'd like to think there have been significant improvements in 15 years, but I know it used to be common for some email to to have falsified return paths (among other things).

[kiwijamo]

I would check the actual IP address that was sending the spam and sure enough it was genuine Google IP addresses. I once tried black listing them only to stop receiving mail from friends so it was definitely the same IPs being used for both spam and actual ham mail. At the time I ran my own mail server it was not unusual for north of 50 per cent of spam to be originating from Google.

[jcrawfordor]

Valid DKIM signature is the best confidence marker that these are actually originating with Gmail. I have always seen the DKIM signature check out to a Gmail public key.

[n3storm]

It is. We provide consulting on email deliverability so I see many different emails coming from many different backgrounds. They go to Gmail Spam randomly, even follow-up emails. In fact, Gmail works with two Spam folders: SpamSpam and SpamSocial, and with latest it is a joke too.

[mistrial9]

Overall email spam was 1000x worse 12 years ago.. Google has had the fastest and most thorough filters for a decade+.. many capable people and companies have failed badly in public trying to do similar things. Complaining in exaggerated terms does nothing for either side of this.

[kiwijamo]

I have Fastmail and Google email addresses which have been active for over ten years each. The Google account sees several emails bypassing the spam filter every day and, worse, several ham mail being flagged as spam each month. Fastmail, despite that address being more exposed (it's my own domain name which I have used for over twenty years) and having higher overall traffic, sees maybe one or two spam a day hitting my mailbox and only one or maybe two ham to spam a month. I don't get where Google reputation for good spam filtering comes from. It's barely passable when it comes to detecting spam AND ham mail.

[sph]

You're arguing that Google had great spam detection and I agree. My point is that it's gone noticeably downhill since then.

[Nasreddin_Hodja]

> Most of the spam I receive on my fastmail is from @gmail.com accounts.

Do they really come from gmail servers or it's just fake "from" header?