Gmail explains why it put *that* email in your spam folder

Filed Under: Featured, Google, Spam

GmailEver wondered why an email message was quarantined in your spam folder? Well, Google's Gmail is now sharing that information.

In a blog post, Google announced that it would be sharing information about why it marked specific emails as spam.

So, lets take a look at some examples.

Remember last month's malware campaign which posed as a scan from an HP printer?

Well, Gmail is intercepting those types of messages:

Example of spam on Gmail

Here's another example of a spam email intercepted by Gmail. This time they say they are blocking it because they have seen so many other spam messages originating from the same place:

Example of spam on Gmail

I think it's good that Google Gmail is doing this. If you don't care why something was shoved in your spam folder you can happily ignore it. But if you're curious there's certainly no harm in Google sharing a few more details of why it made the decision it did.

And maybe it will also help educate people a little more about the spam problem.

, ,

You might like

15 Responses to Gmail explains why it put *that* email in your spam folder

  1. ColonelFazackerley · 763 days ago

    Will the extra info help the spammers to get around the filters?

  2. KHill · 763 days ago

    Interesting!

  3. Marié Lategan · 763 days ago

    Wonderful, we need these eyewatchers!

  4. Paul · 763 days ago

    I'm quite happy for Google to mark things as spam for me - If I see something in the spam folder, I check it out and, if it's not spam, mark it as such.

    If Google share information about how they categorise spam, surely that information will help spammers avoid some of the filters that are currently in place.

  5. kaden · 763 days ago

    I usually enjoy reading your articles but this one was completely pointless - could you really not find anything else to write about?

    • illegal_alien · 763 days ago

      Just because something is pointless to you doesn't mean it's pointless to others.

  6. Glenn · 763 days ago

    I understand the second example above - that address x has been determined to be a major source of spam. But the first example - "It's similar to messages that have been detected by our spam filters: - similar in what way? Most spam is crafted to look like legitimate email. Unless they are looking for specific text or subject lines, this seems to be susceptible to a lot of false positives. But you can't tell from the explanation Gmail gives.

    • aciddu · 761 days ago

      Quoting support.google.com:
      "Gmail uses automated spam detection systems to analyze patterns and predict what types of messages are fraudulent or potentially harmful. Here are just a few of the things our system considers when marking a message as spam:
      Content that's usually associated with spam such as mature content and "get rich quick" schemes
      Messages that falsely appear to be a "bounced message" response (a system-generated email that you might automatically get after sending a message that can't be delivered such as a message sent to an invalid email address)
      Messages sent from accounts or IP addresses that have sent other spam messages
      Behavior of other Gmail users, such as many people reporting spam from a particular sender
      Similarity to other spam or phishing messages based on a combination of things like subject matter, elements like spelling and formatting, and suspicious attachments[...]"

  7. Dave · 763 days ago

    This is also really good for the server hosting industry. Since some IP addresses are blacklisted from spammers we've AUP'd, a lot of them are wondering why their emails are blocked by google, hotmail, etc.

    This definitely helps in diagnosing the issue!

  8. Paul Eldred · 763 days ago

    Could you also highlight why BTInternet/Yahoo send legitimate emails into SPAM folders too ...with no explanation? If a user uses an email client like Outlook they are unlikely to know that perfectly good emails could end up being deleted by BT/Yahoo.

  9. Chris Fournier · 763 days ago

    Yahoo is a completely different story. You have to jump through a ton of hoops to get through to them.
    I have never had any problems getting through to gmail with mass mailings.
    Hotmail/MSN isnt that bad at all, not nearly as much as yahoo. They will actually give you some support to get on their good side.

    For all of them, the key is basically to have DKIM and SPF configured properly, and be on a static IP that hasnt been hosting people that send out spam.

    I wish all of them worked as well as Gmail.

  10. Steve · 763 days ago

    Ditto Paul Eldred - except my frustration is with Mediacommbb.net. I (don't know all the correct technical terms, but I) have my Mediacombb email forwarded to MS Outlook on my computer and - in the past - seldom looked at my Mediacombb.net webpage. Was I ever surprised when I did look to find many legitimate messages - some that I should have responded to - in the webmail spam folder. Since finding that situation, I've checked the webpage daily, and I often find email from senders that had come through fine one day only to be intercepted as spam the next day. Why can't the ISP at least send me a daily summary message telling me what has been intercepted?

  11. chriss_inak · 763 days ago

    i wouldn't trust google with my worst enemy. or anything else. I think they are taking over the cyber world and not in a good way. I no longer google anything.

  12. Cindy · 763 days ago

    When I send myself an e-mail, it sometimes gets rejected as spam, and other times it doesn't. I send e-mails to remind myself of something if it is easier than writing it down. I couldn't figure out why it rejected the same reminder one day, and not another.

    • Acid Genome · 763 days ago

      When the sender matches the recipient it often scores very high on a spam filter. It may be that putting yourself as the recipient pushes the score very close to the threshold and the varying (low) score assigned to the content is just enough to bump it over the limit.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley is an award-winning security blogger, and veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.