Ask HN: What's happening with Gmail spam filtering?

203 points by mirkodrummer 6 days ago

In the last 2 weeks my gmail inbox went from zero spam to at least 2/3 spam/phishing emails per day on the inbox. I'm marking them as spam but nonetheless it keeps happening. I'm wondering if because spam traffic increased and spammers found a new way to trick anti-spam or if gmail engineers changed something on their end. Is anyone experiencing the same?

Not a big deal as it's been almost a year I'm migrating off gmail and I'm keeping it only for a few things, but still annoying

SyneRyder 6 days ago

The spam is quite likely coming via Google itself.

Google's mail servers have been compromised for several weeks now. It's commonly being used for infected crypto spam (all those "new traderbot" emails with the attached infected PDF, for example). I'm not yet sure if these are just compromised GMail accounts, or if the mail servers themselves have been compromised. There seem to be some reports on AbuseIPDB of intrusion attempts coming directly from Google's mail servers.

I've tried reporting it to Google (eg via SpamCop), and Google declines to receive reports. I have been reporting it through AbuseIPDB as well. Here is one Google mail server that has had over 300 abuse reports:

https://www.abuseipdb.com/check/209.85.167.48

There are many more, and I linked to a few more when I posted about it here on HN over a month ago:

https://news.ycombinator.com/item?id=32434810

  • nwellnhof 6 days ago

    Yes, I've noticed this crypto/traderbot spam campaign a few weeks ago, and it definitely comes from Gmail itself. It's nice to see that it also affects other Gmail users. Maybe Google will finally get their act together and stop all the Gmail spam. Right now, I get about 100 spam emails from Gmail each month, making it the biggest source of spam for me. If it wasn't that half of the world uses their services, I'd have blocked Google's mail servers a long time ago.

  • 0___0 6 days ago

    weeks? more like months. Yep, can't report them via SpamCop. I always report them via https://support.google.com/mail/contact/abuse?hl=en Not sure why they can't fix their crap.

    • SyneRyder 6 days ago

      Thank you! I somehow never came across that URL before. It's worth a try, though I'm not very optimistic it will help!

      I'd genuinely be interested to know from someone working at Google why Google can't / won't solve this, even for the narrow clearly-defined cases I see.

      • dylan604 5 days ago

        A) How much money does it cost Google to fix a problem?

        B) How much money does it cost Google to not fix a problem?

        If A > B then, duh!

        • alexvoda 4 days ago

          Just set a filter to automatically forward spam to sundar (at) google (dot) com

          • dylan604 3 days ago

            You assume of course someone not related to Googs other than having a gmail account is NOT the one with that email address.

        • hulitu 5 days ago

          How many Google "engineers" do you need to change a lightbulb ?

          • mrguyorama 5 days ago

            100: 1 to actually change the lightbulb and 99 to build a new chat app

            • dylan604 5 days ago

              How many GoogExes does it take to unscrew the lightbulb is the next question that comes to mind

          • dylan604 5 days ago

            Apparently, 10% less than they currently have?

      • stazz1 5 days ago

        Occasionally I e-mail code@google.com I think someone somewhere actually reads it

  • tallanvor 6 days ago

    Unfortunately every major provider has this happen. Google and Microsoft especially since they have their productivity platforms that send mail through the same infrastructure as their free email services. They also have to deal with more problems through compromised education accounts - students aren't that great at protecting their school credentials, and some businesses aren't much better.

    • sodality2 6 days ago

      I don't think that it's common for a Google mail server to be brute forcing SMTP logins for other servers, and also sending high amounts of spam. It looks like the server has been compromised, or else why would Google be making SMTP login requests?

      • declon 6 days ago

        You can give Gmail your SMTP login details and tell it to send your mail via another server.

  • jeffbee 5 days ago

    Those outbound VIPs aren’t attached to “a mail server”. If some outside party has gained the level of access you are suggesting, to just freely use these VIPs, then they have compromised the entire Google.

  • mc32 5 days ago

    Whatever happened to the Postini acquisition, did they get diluted over the years?

  • chrisjc 5 days ago

    > compromised GMail accounts

    If it is coming from compromised Gmail accounts, I wonder if these same accounts are also being used to post the handful of deep-fake Elon Musk crypto YouTube Shorts that inundate the Shorts feeds.

    There's hundreds, maybe thousands of these videos being posted making Shorts practically unusable. And no amount of reporting or downvoting seems to affect their algorithm.

bluedino 6 days ago

I get about 10 per day. They all seem to come from hacked O365/Gmail accounts. All 4 of my Gmail accounts are affected.

It's all the same crap that's obviously spam.

"Dear Friend, I hope this email finds you well. I need your assistance in a matter..."

"You've been chosen!"

"Home Depot/TruGreen/Dicks Sporting Goods/ADT-Security"

"Invoice enclosed"

"You've received a direct deposit..."

"Hot sex <insert emojis>"

I would guess that Gmail is simply a legacy/commodity function at Google, so they have spam handled by lower-end employees or even contractors.

  • tgraham 6 days ago

    The "Dicks Sporting Goods" email is insane - probably hourly at the moment, from what would appear obviously bogus email senders. What is the non-obvious answer as to why these get through?

    • lumost 5 days ago

      These are so absolutely ridiculous. The only (dumb) reason I can think of is that there is a large ML model which got used to seeing certain character sequences as not spam and spammers are starting to exploit it.

      It's kinda shocking as Gmail spam filtering was virtually flawless for over a decade, and now it's falling apart.

      • Maken 5 days ago

        Maybe the spammers learned about adversarial networks?

        • lumost 5 days ago

          Any non-ML method would trivially catch these spammers though. They share the common traits of

          1. Sending identical emails to large numbers of users. 2. Using fake emails from fake domains. 3. Not looking at all like a regular email.

          This is the stuff that 90s era spam filters could block.

          • hulitu 5 days ago

            > This is the stuff that 90s era spam filters could block.

            But we are now in 2022. Those filters are loooong gone. I bet that in 20 years they will be sold as new technology.

    • bluedino 5 days ago

      I received 3 of these the other day. For those not aware, Dicks is the largest sporting goods store chain in the USA.

      DICKS SPORTINGGOODS!! <wqrwrsss-@acohhovldzbqmulu.ml>

      Subject: You've beean chosen! SPF: PASS with IP 40.107.117.103 Learn more DKIM: 'PASS' with domain acohhovldzbqmulu.ml

      Dicks Sporting Goods Winner <eushfyuefdsf-@chistezlhekofu.ml> Subject: -You've been chosen! SPF: PASS with IP 40.107.215.70 Learn more DKIM: 'PASS' with domain chistezlhekofu.ml Learn more

      Google detects them all as Persian, and asks if I want to translate.

      Also interesting:

      Message ID <6324876e.050a0220.efb1a.fe7bSMTPIN_ADDED_BROKEN@mx.google.com>

      The only text in the message:

      Your Name Came Up For a YETI Hopper M//20 Cooler customer Gift

      Ends up linking to here: https://templarswoards.com/39adf46955f3971c805bc32b65a2cb08

      After filling out a 'survey' it asks for name, address, email, phone

      https://www.simplediscountshop.com/staging/backpack/refresht...

      It then asks for a credit card number to pay the $6.95 shipping

    • janef0421 5 days ago

      I would guess that gmail is using some kind of sender address reputation system, and these hacked accounts have high reputation on account of being used for legitimate mail traffic for a significant amount of time.

  • davidbarker 6 days ago

    Yes! I'm getting around 10 Dick's Sporting Goods emails per day. It's a relief to know it's not just me.

    • SteveNuts 6 days ago

      I'm expecting my Yeti cooler any day now

      • lupire 5 days ago

        That's what so crazy. Millions of people marking the Yeti cooler mail as spam, yet the same email continues for months.

        • Spooky23 5 days ago

          I have 4 Dicks yeti emails, all in my spam folder.

      • goshx 5 days ago

        Im waiting for the M20 cooler and the Samsung Neo QLED 8K Smart TV

    • dwighttk 5 days ago

      I got one Dicks sporting goods spam and it was almost convincing because I’m pretty sure I signed up for a raffle in store recently

      Haven’t been seeing any more since that one though.

    • martinko 5 days ago

      Same here, started a few months ago.

  • civilized 5 days ago

    Weirdly awed and relieved to know that I'm just a small part of the Dick's Sporting Goods spam epidemic.

  • estebarb 5 days ago

    In my case is a meeting invite: "Invitación: Great, you are now the winner of the mega prize! ⬅ Cada día de 18:00 a 19:00 (CST)" every day, although I marked it as phishing. I would have thought that at this point all prizes had been marked as spam.

  • lupire 5 days ago

    There are no humans "handling" spam. It's done by AI.

enlyth 6 days ago

To offer a singular data point, contrary to other posters here, I am not seeing this at all, and I pretty actively use my two Gmail addresses which have been active since 2005. My spam inbox regularly gets correctly categorized spam, and important emails still correctly land in my inbox.

  • crazygringo 5 days ago

    Same here. I haven't had Gmail let a single spam email through in years.

    To the contrary, I find myself going through my spam folder to mark as NOT spam things like monthly newsletters from arts organizations. There are a bunch of concerts and plays I've sadly missed because of this. (Which I can only assume comes from people abusing the mark-as-spam button instead of properly unsubscribing, which sucks because it leads to other people missing the legitimate emails.)

    Also things like invoices from Apple purchases (e.g. a paid app or AppleCare) show up in spam. Which isn't a biggie, but it does seem like bizarre that Gmail could ever get that wrong.

  • rconti 6 days ago

    It is incredibly strange to hear from you (and others in this thread) who don't have a spam problem with GMail. From everyone I've talked to, it seemed endemic. From my experiences with my own account (circa 2004), GMail has moved backwards in recent years. I'd say it became a serious problem a few years ago. Marking things as spam is useless because then you immediately start getting legitimate mail marked as spam. Marking those as not-spam just leads directly to getting more spam. It happens with a single click. It's a 2 position slider at this point.

    • twic 5 days ago

      Zero spam in my inbox, zero items in the spam folder (where they are deleted after 30 days).

      GMail is not my primary email, though. I use it for Meetup.com, Slack, Steam, maybe one or two other things. A quick google search suggests that my email address does not appear on the internet. Maybe people not suffering from spam have similarly private addresses?

      • mrguyorama 5 days ago

        I'm pretty sure my main gmail account has actually been dumped in a hack somewhere, it's old as time itself, and I STILL don't get any spam in it.

        In fact, I actually miss occasionally useful stuff because half my incoming email gets classified as "promotions" and put in a separate folder I never check that was automatically created when I made the account. It's stuff like emails from humble bundle about new bundles and GOG about sales etc, so spam-adjacent

        • devilbunny 4 days ago

          That subfoldering made me miss a lot of important stuff too. I turned it off when I realized what I wasn’t seeing.

          Everything goes to inbox now. I heavily pruned the number of lists I’m on and just deal with the spam-adjacent stuff as it comes in; better than missing something I need to know.

      • fluoridation 5 days ago

        My main account is reachable from a few public places. I get spam but all of it goes to the spam folder and none of it to the inbox.

    • dwringer 6 days ago

      I get an unfiltered spam message in my inbox maybe once every month on average. I always assumed these are new campaigns with the newest "zero-day" exploits of the spam filter. Much more common is getting newsletters for which I have actually signed up, and marked as "Not Spam" in the past, delivered straight to my Spam folder.

      The number of spam messages I get in general, judging from what shows up in the Spam folder, varies wildly from week to week. Sometimes I'll get five over a two-week period, and then get a week where I receive about 15 per day.

    • enlyth 5 days ago

      I agree it seems that there is a very polarized effect happening, according to the comments some people get constant spam in their inbox and some people have never gotten anything.

      It would be interesting to know the cause. I have actually signed up to loads of dodgy websites over the years, my email has been "pwned" according to haveibeenpwned, etc. So there's nothing particular that I've been doing to shield myself from spam, but Google still catches it all perfectly.

      But then again, I completely believe all the other people saying they _have_ had spam come through, so it remains a mystery as to why. Is it some specialized spam list of a certain group that know how to bypass the spam filter? Is it Google A/B testing their spam filter? Who knows.

    • nkozyra 5 days ago

      It comes periodically for me - I'll get 4-5 in a week and then months or a year will go by without one.

      I have manually marked a large amount of prior emails as spam, not sure how personalized the filters are.

  • mFixman 6 days ago

    As a middle point between the main post and your comment, I have been getting 1 or 2 spam emails every week for the last couple of months.

    Gmail's spam filtering was perfect before, so something is going on on my account (although not as dramatic as OP's).

  • 1123581321 5 days ago

    I could’ve written your post (except I would’ve said 2004 instead of 2005) until a few months ago. Since then, about 10-20 of these types of emails get through the spam filter daily. I’ve had some luck creating filters after they hit my inbox, but about half of them don’t have predictable elements.

    So I do believe something has changed and I wish I was still in your situation.

  • jader201 5 days ago

    +1. I have a ridiculous number of Gmail accounts (like 20+), and regularly monitor 5 of them, and none are seeing regular spam.

    I will say I’ve gotten what I consider spam from Experian where they claim to be MSAs (mandatory service announcements) on my account, but they’re clearly marketing, and I’ve just set up a rule to delete those. Done.

    I also have gotten on political lists where unsubscribing doesn’t seem effective, so set up another rule to block those. Done.

    Other than these 2 edge cases (that don’t seem to be blatant spam, just dark patterns), my inboxes are clean of spam.

    I also have family (wife and two older sons) on Gmail, and haven’t heard them complain about spam.

    One potential hint though: all of my Gmail comes through personal domains. So maybe these spam attempts are targeting gmail.com domain? I do have a gmail.com email, though, that gets forwarded to my personal domain one, and I still haven’t noticed any spam, FWIW.

  • jeffbee 5 days ago

    Also just offering anecdata, the last 10 messages in my spam folder have these origins:

    1) 3 "legitimate" spams, i.e. unsolicited messages that the senders believe they should have sent. 3 of these. 2 via Constant Contact and 1 via Salesforce.

    2) 1 random porn spam, via random spammer domain with valid SPF and DKIM.

    3) 2 phishing scams with the same body arriving from random commercial domains without DKIM. These are almost certainly spread via malware/viruses/worms.

    4) 1 Google promotion originating from Google with valid DKIM, because I mark all these as spam.

    5) 2 phishing messages, with the phishing warning, that originated from gmail itself via HTTP. These are pwned google accounts or google accounts logged in on machines with malware (effectively, same thing).

    6) 1 idiot Republican politician, via Mailchimp.

  • fluoridation 6 days ago

    Same. I haven't gotten any spam in my inbox in years. The spammiest mails I get are mailing lists that some business subscribed me to.

  • noirbot 5 days ago

    I have the middle of this - I have a couple Gmail adddresses/accounts. One of them is reliably getting spammed, often to the order of messages every hour some days, and has been for months. The others are all clean/getting their spam caught in the filter.

  • PascLeRasc 5 days ago

    Same thing here, I can't think of a single spam email I've received since before the pandemic.

    As a side topic, I've heard a lot of people say that the Gmail UI has changed and that it's unusable now. This is what mine looks like and I really like it, is it not how everyone else's looks too? https://imgur.com/a/3ahD0Ta

  • dpkirchner 5 days ago

    Same -- I have three accounts on gmail that I check regularly and I haven't seen spam make it past the filters for months. One of the accounts uses an email address that is, I think, 20 years old and that I have used publicly throughout (and thus gets a fair amount of spam).

  • gambiting 6 days ago

    Same here - I've had 6 different gmail accounts for years and years, and the frequency with which spam gets through is maybe 1-2 emails a year, if even that.

  • HideousKojima 5 days ago

    I'm not getting as much as the OP, but I'm getting 1-3 obvious spam emails in my inbox a week, whereas it was once a month if ever before.

  • ChrisRR 6 days ago

    Same here. I've had one or two that slip through the cracks once every few months, but otherwise all spam gets sent to the spam box

  • mavhc 5 days ago

    99% fine here too

aceazzameen 5 days ago

I'm having the opposite problem. I have a custom domain email address through a webhost, which gets forwarded to Gmail. I've been using Gmail as my client since day 1 (around whenever Gmail first came out). Some time in early summer I stopped getting emails from my wife, who uses a plain Gmail address. I was missing messages in threads if she was the sender. This has never happened before. So I checked the logs on the webhost, and it turns out Gmail was rejecting mail sent from her with an error that her address is spam. And I don't mean it went into the spam folder. It straight up rejected the messages and wouldn't go to the Gmail servers at all. I found this crazy, because it was rejecting a Gmail address that has been used for years. And in message threads that included others with Gmail addresses. And if she emailed me to my actual Gmail address, it was fine and not spam. But her address (and only hers) gets marked as spam if sent to my domain.

So my solution was to start using Thunderbird. Her messages were never being rejected by my domain and all the threads are there intact.

Edit: This was the SMTP error that Google was telling my domain: "Our system has detected that this message is likely unsolicited mail. To reduce the amount of spam sent to Gmail, this message has been blocked."

  • bashonly 5 days ago

    i used to have a custom domain email forwarded to gmail that would receive github notification emails and the same thing happened to me with those a couple months ago

pcorsaro 6 days ago

For me, it just goes in cycles. For a couple of weeks, I'll get these spam emails from "Dick's Sporting Goods" telling me I won a chance at a Yeti cooler or something like that. These emails will make it through gmail's filter for a while, then they catch them, then they figure out how to get through again. That particular set of emails seems to be the only spam that ever makes it through the filter, but the cycle has been happening for quite a while now.

  • vidanay 6 days ago

    I'm currently in the "Dick's Sporting Goods" cycle....a few months ago I was in the "Norton Renewal" cycle. In between was 5-6 weeks of silence.

  • smt88 6 days ago

    I also get the Dick's Sporting Goods emails and am baffled and amazed that such a stupid, obvious scam is beating the world's best spam filters that have billions of data points in their training set.

    • JoeOfTexas 6 days ago

      It's funny cause the from email is like: aklsdjflkasdjf@dkaljklsdjfls.com

lkrubner 5 days ago

The opposite is also happening: I'm increasingly classified as a "promotion" when I write to my friends. I wrote to my close friend Natalie and I was like "Did you see my email?" and she said "No" and went to search for it, and eventually found it in promotions. I'm now treated as marketing or as spam, for some of my friends. This has been going on for some weeks now.

  • projectramo 5 days ago

    By any chance, were you informing Natalie about a discount at Dick's sporting goods?

  • HideousKojima 5 days ago

    I've had a few emails in the last year that were clearly shipping confirmations with tracking numbers etc. that got classified as promotions

cfeduke 5 days ago

I started experiencing this myself a couple months ago, and of course searching for any sort of solution with modern search engines is a path to insanity.

Because almost all of the spam that is getting through - to me, at least - follows a very simple template - something that spam blockers should be incredibly good at handling - I was able to concoct a reasonable solution.

Google has this Apps Script thing* where you can deposit JavaScript and then schedule that JavaScript to run every minute. They expose a Gmail API and once you've given your script access to your Gmail inbox, you can process the unread messages and look for telltale signs of spam (for me, inspecting the subject for a regex match of `/confirmation#/i` has been adequate[0]) and finally move the message to spam. Since it runs every minute instead of on an event of new mail, new messages may appear unread for a short period of time.

* though there are options to deploy your project it is not necessary to do so in order to run the script on a schedule

0. https://gist.github.com/cfeduke/1dfb7f650b9abbfce549eddffc96...

elondaits 6 days ago

The crazy thing is that on the last year I found emails from Google, and Apple, in the spam folder. Apple's were invoices... of which I get a couple a month (iTunes purchases, subscriptions). Google's I think were announcements for services, etc. tied to a Workspaces work account.

I can't think of no actions I did (in terms of identifying email as spam) that could suggest I might consider emails from Google or Apple, or any emails with that content, as spam. I mark things regularly, but almost always actual spam / phishing, or commercial mass emails from companies I have no relation with (banks, etc.)

  • tnolet 6 days ago

    Yep. Same on Outlook (née Hotmail). Announcements from Microsoft in spam.

  • ridgered4 5 days ago

    > Google's I think were announcements for services, etc. tied to a Workspaces work account.

    That kind of sounds like spam to me!

jonas-w 6 days ago

They announced that their spam filter got to good and that they will allow political spam to go around their spam filter.

https://www.androidpolice.com/gmail-political-spam-experimen...

  • smt88 6 days ago

    It's not because the filter was "too good," it's because political campaigns use hyper-aggressive email tactics that they learned from digital marketers.

    Trump's campaign(s) apparently took this to a new level (a friend of mine says he'd get up to 10 Republican emails every day, many of which had alarming subject lines) and now Republicans are claiming to be treated unfairly.

    • mschuster91 5 days ago

      > Trump's campaign(s) apparently took this to a new level (a friend of mine says he'd get up to 10 Republican emails every day, many of which had alarming subject lines) and now Republicans are claiming to be treated unfairly.

      Classic Republican move: they do something bad, and when people complain about that, complain that they're being censored/cancelled/whatever.

      At that point, we're already in unfair competition area: when Republicans do everything they can to manipulate their voter base to donate money and Democrats refuse to engage in such tactics with their voter base (or at least keep the level down), how can anyone call that a "fair election"? Yes, it may be legal in terms of the law, but absolutely immoral.

    • mcintyre1994 5 days ago

      I'm not in the US and I don't think I've ever been emailed by a political party in the UK where I live. So I don't know how it normally is. But one of my throwaway emails somehow ended up on a Trump campaign list in 2020 and it was pretty insane. I'd get multiple emails per day saying I'd been hand picked by Trump to do something, which was usually either to send him some money or fill in a survey. Once I was hand picked by someone to e-sign Trump's birthday card, and probably also to send him some money. I can definitely see how any remotely good spam filter would be catching a lot of that stuff. And also there was no opt-in before they started emailing me and their unsubscribe button never worked.

      • smt88 5 days ago

        They get through spam filters by default in my experience. Gmail is pretty lenient on established companies that obey the CAN-SPAM Act.

        The issue is that many Republican voters were marking them as spam, which then taught Gmail to put them in spam for (at least) that user.

adriancarrieres 6 days ago

Same, i was clear from spam for so many years, now I sometimes have ten spam/phishing per week, for a few months now

Daviey 6 days ago

I've recently had the opposite problem. I had an external host receive email for a domain and then forward to gmail. The message envelope is changed, and SRS records are updated to be from the forwarding domain and DKIM is valid.

However, over the last 2-weeks or so, Gmail has been hard rejecting the majority of the mail at SMTP time, which has caused a big pain!

I really wish I could say "trust all mail from this mail server, but please also do Spam checking".

  • johnklos 6 days ago

    Gmail has never properly allowed forwarding. All my users who want to check using Gmail have had to configure Gmail to fetch email from my servers via IMAP because Google otherwise treats my server as if it's a source of spam when it's forwarding.

stewx 6 days ago

I've been getting 2-3 spam emails/day and for many years received 0/day.

vmoore 5 days ago

Migrated to Fastmail a few weeks ago. It's going swimmingly. The private addresses feature is brilliant. I can tell what service sold my address or leaked it, or otherwise gave it out somewhere against my consent. If Gmail allowed for private aliases it would thwart spam, but they won't implement it because they're anti-privacy.

  • mirkodrummer 5 days ago

    Jumped on the fastmail train almost a year ago and can't complain, it's the only inbox I actually enjoy having. But I haven't been able to fully abandon gmail yet, according to my password manager I still have ~70 accounts registered with gmail over 190 total, it's been a pain so far...

  • anderspitman 5 days ago

    Just throwing my 2c in. This sounds cool in theory, but after a couple years of doing the same thing, I've identified exactly one case of an org giving my email address to a third party, and it was a local car dealership giving it to siriusXM because a car I bought had hardware for the service.

    That said, I absolutely love Fastmail and having my own domain for emails.

  • pexabit 5 days ago

    You can always do "username+<servicename>@gmail.com" for this purpose. Doesn't help with privacy but tells you which service is leaking addresses.

    • dylan604 5 days ago

      >You can always do "username+<servicename>@gmail.com"

      Um, that's a solid maybe. Some services drop everything after the +. Some complain about it being not valid.

      Use of the word always will pretty much always get you into a strange place

    • dmillar 5 days ago

      fwiw, companies that are selling/giving away your email address are wise to this 'hack.'

manuelabeledo 6 days ago

I'm having the opposite problem. The spam filter keeps marking things as spam, when they clearly are not, and I have no way of telling it that they aren't.

Now, I mostly don't mind it, but getting credit reports swept off my inbox is starting to get annoying.

  • rconti 6 days ago

    Sure you can. Mark it as "not spam".

    Of course, do that once, and you'll immediately start getting more spam, but that's another problem.

  • thenickdude 5 days ago

    You can create filter rules that explicitly mark email from specific senders or with specific keywords as "never send to spam".

soco 6 days ago

I constantly receive the same kind of gmail spam: there's a package for me. Half a year already, 3-4 a day, from random addresses like rp.6sgzBKV9UH@mail.4t2d3uxkxo.com / over corpegg.com whatever that is.

  • 55555 6 days ago

    Do the emails contain links? 90% of spam filtering is checking if there's a link in the email. Spamming is easy if you don't need to include links, and the package spam often requests you call a phone number, which makes inboxing it trivial.

    • soco 5 days ago

      Yeah they have t.co links and look like any standard spam, yet I keep receiving them. Go go google filtering.

dmitrybrant 5 days ago

I have similar issue, but with a different flavor:

About 10 times per day I receive a blank email from an obviously throwaway spam account (e.g. vishal382190130 at gmail dot com)

For the life of me I cannot understand the purpose or goal of these emails, from the spammers' point of view. I've heard the theory that spammers will send "test" emails to check if a destination account is active... But every day? All the time? Is it possible somehow to assure the spammers that my account is active, and to start sending me actual spam, instead of empty messages?

  • Roverlord 5 days ago

    View source, in the ones I get like that there usually is content but for some reason it isn't being displayed.

xen2xen1 6 days ago

Actually noticed the same. Saw a spam email and was confused. Had that gmail address a decade or two, and don't remember the last time I saw one.

navjack27 6 days ago

Yup same here. I just figure it'll get cleared up "at some point"

LinkLink 6 days ago

Might be less to do with whats happening with spam filtering and more to do with the evolution and constant arms race spammers are a part of.

nanidin 5 days ago

I don’t use gmail but I have also seen a big uptick in spam getting into my actual inbox over the last few weeks. I use a filter that hasn’t been updated in years, combined with spamhaus blacklists. To me this means something like spammers have found a way to evade spamhaus blacklists since they were the most effect block to spam in my email chain.

kubik369 6 days ago

For me, it was happening for most of August. Each day, around 10-20 emails. They were mostly the same 10 emails, verbatim. It has stopped around 2 weeks ago. I have no idea how the emails could have gotten through. It was the most obvious SPAM you could come up with; it didn't even have any weird characters or anything of the sort.

idk1 5 days ago

Looking at all the comments here, it looks like they could just check for if the title contains Dick's Sporting Goods and then it'll be spam. Oddly... that's what mine are too. Is this going to turn into some weird bug / edge case where only Dick's Sporting Goods emails can get through the spam filter?

eunice 6 days ago

I found gmail's spam filtering amazing from 2004 until this year, where it's massively gone downhill and I've been getting tons of obvious garbage hitting the inbox and things I want from known senders landing in junk. Moved my business email to fastmail, perhaps personal will soon follow.

good_intentions 5 days ago

Late to the party here but if you scroll through the source of these messages, there are a few domains they use to host the "image" inside the message. Additionally some of the spammers try and use the "coord" HTML element to put links on their images.

If you create a filter to immediately delete the messages with "coord" in the source and these image domains you should be decently covered: iili.io, caringbridge.org, mailingghost.store

If anyone is interested in working towards root cause on this please let me know.

butz 5 days ago

Ironically, as email services are making creating new accounts even harder, by adding mobile phone verification and Google outright blocking "untrusted" clients - spam count keeps growing from gmail and outlook (hotmail) domains. And looks like gmail spam filter ain't very good either, as no matter how many spam letters you mark as spam, one definitely will get through in the future. Another problem, that one cannot ban gmail or outlook domains for incoming spam, as most business contacts are usually using those.

thegeekpirate 6 days ago

Had an account since beta. Don't recall receiving a single spam email until a few months ago at the very least, and have been receiving one roughly every couple of weeks. Very odd indeed.

d3vmax 5 days ago

In the last month what services/website did you sign up for online/offline? They maybe the source of the leak/spam. Alternatively, your ID got into the spammers list via a service you must have signed up for prior, which must have got hacked recently. Another scenario is your acquaintance/friend ID must be compromised and they spam everyone on their contact list.

The spammers must be keeping it under 500 emails per day / gmail outgoing account to not go over google's thresholds.

  • noirbot 5 days ago

    The issue is less "how did this happen" and more that I've been reporting these obvious spam emails as spam for literally months and I still get copies of the exact same email in my inbox the next day.

    I'm used to getting spam from all kinds of places, but Google's always been pretty good at having it not hit my inbox until recently.

rbinv 6 days ago

Same, had my first (very obvious) spam mails reach my inbox in months.

brushfoot 6 days ago

This has been happening to me too but for months now.

Fot me, the spam that makes it through all comes from Gmail addresses. Maybe the filter is more lenient with Gmail accounts.

d23 5 days ago

I've been having the opposite problem. Things are going to my spam that are obviously not spam. The worst part is gmail automatically deletes after 30 days, with no way to configure that time period. I had to email some people recently to check whether they had reached out to me because I realized it probably went to spam (it did). Who knows how much other stuff I've missed.

kiseru 5 days ago

Hah! I thought all the new spam was because we had recently moved because it was all dressed up as fake home warranty and insurance emails but a bunch of it has an old name from a breach over a decade ago. (Someone used my email with their name to open an account so a ton of my spam is addressed to some dude named Danny.) I was like, "Oh look, Danny is back." lol

narag 5 days ago

Old news for me. A few months ago, four or five messages a day during a month and then it stopped.

It was always the same template written in several languages, English, French, Spanish, with clear signs they were trying to fool the filters with fake unsubscibe links, long generated ids and business keywords.

Most of them were classified as spam, but one in ten passed through the filter.

johnklos 6 days ago

Tangent: I've always wondered if forwarding spam (I don't use Gmail at all) to abuse@google.com works at all. Does marking spam from Gmail as spam count as reporting it? Or is Google one of those companies that either completely ignores spam complaints and/or makes spam reporting only work if you fill out a pain in the ass web abuse form?

SirensOfTitan 6 days ago

It’s been like this for a year. I don’t use Google services outside of work, but my mom has early Alzheimer’s disease, and emails about outstanding debts or free gift cards can confuse her sometimes.

I don’t understand what Google engineers do every day. Google apps are the worst products I interact with: from Gmail spam to daily freezes of the YouTube app on my Apple TV.

catfishx 6 days ago

Thats rare, I have my GMail address publicly available on the internet and haven't gotten a single spam email in my life

  • Double_a_92 6 days ago

    It started in the last year. Before pretty much every single spam mail was filtered, now 1-2 per week still make it through.

  • witoldw 6 days ago

    John Dvorak, is that you?

r1ch 6 days ago

Check the raw email body and see if it consists of multiple encoded MIME parts. I'm seeing some spammers sending the message body as one part of innocuous content but then a different part is displayed when you open the email. I'm guessing this confuses the spam filter enough to let it through.

CannisterFlux 6 days ago

Same thing for me, last couple of weeks I've seen a few emails appear, before that I've not seen inbox spam for ages. I also started getting Drive share notification spam around the same time, until I turned notifications off, but new random spam shares keep appearing if I check the app.

  • radarsat1 6 days ago

    I started getting these Drive share notifications as well, always written in Greek for some reason. (Well, I didn't try translating, so could be just nonsense, but it was strings of Greek characters.)

    Very strange, seems like an obvious security hole to just allow anyone to pop up notifications on my phone like that.

xchip 6 days ago

Same here, I get spam everday. Too bad they are not able to catch it :( Where is their AI???

dwighttk 5 days ago

Once every 3 or 4 months I go for a week or two getting 2 or 3 obvious spam messages a day on gmail… it is weird because they are all nearly identical so it seems like it would be trivial to round them up once I mark the second one as spam.

break_the_bank 6 days ago

Was just discussing this with a collage today. I’m getting random emails that are basically PDFs claiming to be crypto invoices from PayPal form random gmail addressees sent to me and CC’d to paypal@noreply.billing

iamyi 5 days ago

I have been having this problem for at least a few months, when obvious spams by human eyes can get into my inbox daily. For example, I have to use gmail filters to remove the car dealership spams.

typeofhuman 6 days ago

Happening to me on Outlook.

Full image emails that are all too obviously spam.

giuliomagnifico 6 days ago

Same here, but lots of mails are not spam. I was loosing some important emails.

I don’t know but to me looks something wrong from Google side. Maybe they’ve tightened some filters.

fwsgonzo 5 days ago

It started happening fairly recently to me, and it's not a gmail account, but another popular option. I don't know what caused it.

ldoughty 6 days ago

I'm guessing they are tweaking spam filters and you're in the test pool.

I've had very little spam on any of my Gmail addresses for the last 3+ years

disknoir 5 days ago

The same thing happened to me with Hotmail. It was previously great at spotting spam, but recently has stopped sending it to junk.

FinanceAnon 5 days ago

Yes, several phishing emails got through to my gmail in the last couple of weeks, which never happened before

htrp 5 days ago

We all being a/b tested....

julienreszka 5 days ago

I noticed too. For years I had exactly zero spam but recently a few got through

fergie 6 days ago

What is your primary spoken language? What language are your emails coming through in?

sgt 6 days ago

Same here, got 3 spam emails yesterday. It's been months since I saw that.

SleepilyLimping 5 days ago

Glad it's not just me. Noticed this issue myself.

Have been enjoying ProtonMail.

abeppu 5 days ago

Is this going to lead to a paid, improved spam filter subscription?

ThrowawayTestr 5 days ago

I've also noticed the occasional spam in my gmail recently.

stazz1 5 days ago

My educated guess is that Political campaigns dumped a ton of money into Google and Google is whitelisting their trash

fareesh 6 days ago

Midterms are coming up in the USA, expect the people in the tech companies to steer the technology in a direction that helps the party of virtue

  • pertymcpert 6 days ago

    As much as they want to I don't think they're going to help the Republicans this time.