Ask HN: Gmail spam filtering suddenly marking everything as spam?

Posted by goopthink 5 days ago

Counter210Comment122OpenOriginal

Almost all transactional emails are being marked as suspicious even when their SPF/DKIM records are fine and they’ve been whitelisted before. Did Google break something in gmail/spam filtering?

Comments

Comment by dang 4 days ago

See also https://www.google.com/appsstatus/dashboard/incidents/NNnDkY...

(from other threads that we merged hither)

Comment by Zigurd 4 days ago

Briefly, this morning, I had the opposite effect happen to my Gmail inbox in which things that would normally land in the social and updates folders ended up in my primary folder. I don't know which I'd be more freaked out by: a broken Gmail spam filter or 18 inches of snow.

Comment by bryant 4 days ago

Concur, I've had Promotions land in my Primary inbox for at least a few hours.

Comment by 3RTB297 4 days ago

I had the opposite effect in that I'm only getting spam to my inbox.

Or maybe someone really is reaching out to urgently tell me all about "legal boner tea."

Comment by specproc 4 days ago

Yeah, I had a flood of spam in my inbox last night. Novel spam as well, not the stuff that normally shows in my spam box.

Comment by wyclif 4 days ago

Same thing happened to me; can confirm. It was about 20 notifications and updates, then it abruptly stopped. I simply deleted everything above the last work-related email in the "Primary" tab.

I figured it was some sort of glitch.

Comment by northtwilight 4 days ago

Yes, me as well. Thought I had mistakenly changed something but I hadn't. Have also noticed that ad blockers stopped working last week; now as well as the wrong routing in Gmail, that casting to Chromecast from Chrome stopped working today.

Good job Google!

Comment by lazide 4 days ago

Also, I went into spam and check and moved a few convos out - and when I did, the message said, literally, ‘(null) conversations moved’…

Vibe coding catching up on us all?

Comment by kull 4 days ago

This. Same, got a lot of spam getting to my inbox this morning.

Comment by EGreg 4 days ago

That. Why in 2062 are so many people still reduced to merely describing what happens, and have no power to fix it themselves? These big corporations can roll out anything and we’ll all roll over and take it. Neuralink 7.0 completely changed everyone’s personality and people bitched for a while but ultimately no one can do anything about it. They promised to bring back choice of features but it’s been a decade and so far just more enshittification

Comment by lloydjones 4 days ago

Me too!

And a load of fake DMARC setup confirmation emails for a domain I own.

Comment by dmtroyer 4 days ago

also happened to me.

Comment by randerson 4 days ago

It's a great reminder of how good this feature is that we take for granted. I think this outage has actually improved my appreciation for Gmail (a service I normally only complain about).

Comment by sbrother 4 days ago

Seriously. I didn't even realize this was a wide issue, but I couldn't find a school enrolment email I was looking for this morning, and found it in the spam folder. The fact that I basically never have to do this is actually amazing.

Comment by Marsymars 4 days ago

I wonder about difference in experience that different people have with gmail’s spam filter. In my case, the majority of emails that go to my gmail spam folder are legitimate. I don’t actually receive much spam, a single-digit number of emails per month (in the past 30 days, 2 emails), so any time I see anything in my spam folder I have to check so that I can rescue the email if legitimate.

Comment by Grimblewald 4 days ago

This is my experience also. Closely guarded email, haven't received _any_ spam to it to date, but a large volume of false positives. This, among other reasons, actually led to my setting up my own email server again. Gmail is a great product if you don't know what you're doing or have avaliable to you. It's like a McDonalds burger. Not inpressive, not good, bot bad either, and certainly won't offend anyone while being accessible --- but calling it good is a bit out of touch with what good looks like.

Comment by Marsymars 4 days ago

I kinda expect there are a lot of false positives that people just never notice because they've got also thousands of unread (non-spam) emails in their inbox and never check their spam to see if there's anything legitimate there.

Comment by p-e-w 4 days ago

They probably have a trillion emails with human labels, either from users directly applying them, or inferrable from actions like deleting.

With that much data, even a simple Bayesian classifier should work pretty much perfectly.

Comment by mbanerjeepalmer 4 days ago

I strongly disagree.

They even mark their own Arts & Culture email as spam: https://x.com/MBanerjeePalmer/status/1962538753328664693

Comment by samrus 4 days ago

Yeah i have fantasies of having my own email server and stuff but the spam detection is probably the 3rd thing that would have me crawling back

Comment by chr15m 4 days ago

I have run my own mail server for years and I rarely see spam. I'm running a classic Bayesian filter as outlined in the legendary PG post "A Plan For Spam" and it works very well. I don't really get all the fuss about this issue. When I do see a piece of unclassified spam I simply classify it and continue. For me this is a far better tradeoff than having all my most private mail on some bigcorp server where any nerd can rifle through it.

Comment by smt88 4 days ago

> For me this is a far better tradeoff than having all my most private mail on some bigcorp server where any nerd can rifle through it.

You've functionally given yourself very little extra privacy because the vast majority of emails you send or receive will still cross through BigCorp servers (whether Google, Microsoft, Intuit, or other).

You can do the work to run your own mail server, but so few other people do that one end of the conversation is still almost always feeding a corporation's data lake.

Comment by igor47 4 days ago

I agree with you but I still run my own mail server. If people like me stopped doing that, we would cede the entire email landscape to BigCorp. A sad fate to happen to one of the true decentralized protocols. It's like if we all just went back to AOL

Comment by chr15m 3 days ago

It's more expensive and difficult to hack or get a warrant to access multiple bigcorp servers with a variety of privacy stances and jurisdictions, than it is to get access to a single one. Security is about making attacks expensive.

No single BigCorp employee can go through all my mail.

If you're not convinced, no problem, please continue to enjoy your BigCorp email service.

Comment by wizzwizz4 4 days ago

And yet, if you're communicating with someone else who does the same (or uses a niche hosted provider), that entire conversation is outside their "data lake".

Comment by smt88 4 days ago

Yes, but such people are so rare that they're functionally non-existent. I certainly don't know even one.

Comment by fsflover 4 days ago

Apart from self-hosting, you can choose a non-big-corp email service, which happens more often. Quite a few of my emails never get to big corps.

Comment by 1718627440 4 days ago

And they will become ever rarer when more of those who could do that follow your argumentation.

Comment by tbossanova 4 days ago

And this is why I take more and more of what I do offline

Comment by Tannic 4 days ago

[dead]

Comment by igor47 4 days ago

As someone who's run my own email for 25 years or so (I'm really getting old...) my biggest problem is not that I receive spam (spamassassin mostly takes care of it) but that my sent emails get marked as spam by big email providers. Yahoo is the worst offender and seems to do so at some base despite my best efforts (spf, dkim, arc, and jumping through their registration hoops)

Comment by subscribed 4 days ago

I'm running my own mail server for longer than I'd like to admit, but not for my critical/key email addresses. Looking at the spam filtering I get in Gmail and knowing my endless fights with spamassassin and DSBLs I know I could never achieve that.

The only upside of having an actual mail server is the ability to say "this is incorrect, no one ever tried to send an email to this address/from this IP" or custom 55x messages.

Comment by Semaphor 4 days ago

FWIW, the feature works just as well for me with my FM inbox (I still have my old gmail address and check both spam and the inbox once in a while).

Comment by B1FIDO 5 days ago

Yes, my Gmail inbox is full of regular senders being flagged as "possibly unsafe" and I need to click a button "Looks Safe" to accept them. They are not being spamboxed, but they are definitely flagged. Even official communications from the USPS!

The reason given is that "Gmail hasn't scanned this message", so I suppose the scanners are unavailable/disabled for the time being.

They should also be tagged as "Important" but they are not. I believe this is a heuristic-based designation, and it has not been working too great lately. My most important mail is coming through as "unimportant".

Comment by B1FIDO 4 days ago

They are not being marked as "Suspicious" but they are showing an infobox that explains they could not be scanned at all.

You could click "Seems Safe" on these messages, but they are not scanned by Google, and they are simply adding a disclaimer that they currently can't vouch for the safety of a message that they couldn't scan. It seems to me that this is a prudent and helpful course of action.

Comment by mychele 5 days ago

The promotions/updates/forums/etc classification is also down.

Comment by zukzuk 4 days ago

This has been “down” for me for a few months now, ever since Google tied this functionality to the same toggle that opts you in for using your email data for AI training. So now you can’t filter this stuff without also agreeing to a whole swath of unrelated and opt-ins.

Ive since gone on an unsubscribe campaign, and things seem bearable now.

Comment by SequoiaHope 4 days ago

Same. Can’t ignore the messages when they’re all in one place, which makes hitting unsubscribe easier.

Comment by dylan604 4 days ago

> which makes hitting unsubscribe easier.

wow, you really do that? Doesn't that just prove that the email address is read by a human and then promoted for even further SPAM to be delivered?

Comment by decimalenough 4 days ago

The Promotions tab is for marketing from companies that generally respect unsubscribing, not out and out spam.

Comment by doubled112 4 days ago

It works with most real companies. If you signed up for it, you can generally unsubscribe from it. It’s easy to do by mistake, and some default to yes with no option during sign up.

I don’t care about whatever new shows Netflix has. Unsubscribe.

I don’t care about my DNS registrar having a sale. Unsubscribe.

Comment by jabroni_salad 4 days ago

Google postmaster notices when you hit the one-click unsubscribe button and severely punishes senders that continue to send. It's worth using as long as you understand that some senders will never allow you to sign up again.

Comment by jeffbee 4 days ago

> Google tied this functionality to the same toggle that opts you in for using your email data for AI training

This never happened. It was a lie spread on Twitter. And now you are spreading it.

Comment by zukzuk 4 days ago

Not a lie, a potential misinterpretation if anything. Google has never factually countered the allegation, and now it’s before the courts in California. I’m going to wait and see how Thele v. Google plays out before turning this back on, and looking for alternatives in the meantime.

Comment by pushedx 4 days ago

Noticed it immediately. I get a lot more spam messages per day than I thought that I did.

Comment by Gazoche 4 days ago

Same here. Until recently I would get maybe 1-2 spams a month, and I just got 30 in the span of a few days.

They’re the very obvious, very obnoxious kind of spam, and Gmail still correctly sends them to the junk bin, so I wonder if they were shadowbanned before and Google simply decided to make the process more explicit (which I don’t hate on principle).

Either that or my address was scrapped from somewhere by a spam bot and the timing is coincidental.

Comment by jeffbee 4 days ago

Everybody gets way more spam than they realize because Google doesn't deliver it to the spam label. 99% of it is rejected at SMTP time.

Comment by black_puppydog 4 days ago

I disabled google's spam filter years ago for this sort of issue. The final straw was that it flagged a response from my boss, to an email I had sent earlier that day, resulting in a missed meeting. Installed thunderbird to access the company mail, never looked back. Private gmail is unused, only ever created it for android sign-up back in the day.

As with search, I don't get why people still use google.

Comment by jgrahamc 5 days ago

Ah, this is why I've been receiving a bunch of very obvious spam/scam mails in my inbox.

Comment by telliott1984 5 days ago

I got a classic and obvious 419 scam email today. Kind of felt like I'd gone back to a simpler time.

Comment by YoukaiCountry 4 days ago

Yeah my inbox looked like 2005 again—nothing but raw, unfiltered chaos.

Comment by robertcope 4 days ago

My wife was complaining this morning that her "promotions" were not getting sorted correctly. She will be happy to know it is an actual issue.

Comment by deckar01 4 days ago

Google just let through an email spoofed from my own domain (via a mailgun server). It was a phishing attack about the domain being shut down. The connection between the domain name and my personal email address have never been published. Either google or Squarespace leaked the info.

Comment by jeffbee 5 days ago

The weights in their filters are crowd-sourced, so the best thing you can do is mark them as not suspicious (if you are certain, of course).

FWIW, I am not seeing this. My Spam label contains just spam.

Finally, it would be good to know what you are observing. Are you seeing this as recipient or sender?

Comment by goopthink 5 days ago

As a recipient.

- Emails are being aggressively marked as “suspicious” out of the blue (USPS, HR emails, system emails, promotional emails)

- Those emails are being regularly delayed by 7-10 minutes.

- Priority inbox rules seem reset

- “Never mark as spam” rules are seemingly not respected

Additional reports on reddit: https://www.reddit.com/r/GMail/comments/1qln9zp/gmail_not_fi...

Comment by jeffbee 5 days ago

There's your confirmation, then. It must be either a localized failure to some subgroup of users, or triggered by some combination of settings, if some people are seeing it and others are not.

Added: https://www.google.com/appsstatus/dashboard/incidents/NNnDkY...

Comment by jval43 4 days ago

>Never mark as spam

has never worked consistently. For literally 10+ years now, I've always had a few emails per day go into spam even though that rule is in place.

Comment by callumprentice 4 days ago

Thank goodness. My Gmail address is my first name so I typically get many hundreds of spam’s a day which are almost all caught. Dozens in my inbox today so I figured something was up. Glad it’s not that the spam pedlars have suddenly gotten clever.

Comment by tomcam 4 days ago

> My Gmail address is my first name

It's good to be you! My wife and I both have 3-letter first names so we never had that option, despite getting in on the Gmail beta 20+ years ago.

Comment by dvh 4 days ago

I have the opposite problem. I'm receiving 30 spams every day with links to Google's own domain: https://news.ycombinator.com/item?id=46665414

Comment by VLM 5 days ago

Two related issues not mentioned yet:

Its really slow. Too slow to use 2FA or in some cases, verify email addresses or recover passwords.

Most people can't handle a notification on their watch every minute, or several spam every five minutes, so "large numbers of people" are shutting off notifications on their phones. And human nature being what it is, they're not going to be turned back on again. So the era of getting a notification when you get an email is coming to a close. "Important Immediate Attention Stuff" moved to text messages a long time ago anyway, at least for me. The list of technologies you can no longer reach me on, always increases over time...

Comment by calin2k 5 days ago

they (gmail/google) must have added AI to the email server.

Comment by anonym29 4 days ago

I'm having the exact opposite issue. 30+ emails today that clearly belong in spam (fake package delivery, "failed payment for your cloud subscription", etc) have landed in my inbox.

Comment by varshith17 4 days ago

Not just you, widespread reports on /r/gmail and Twitter since ~12 hours ago. Likely a bad model push on Google's end. Workaround: check spam folder for legit mail, mark as "not spam" + star important senders to retrain your filter faster. Usually resolves in 24-48h when they rollback.

Comment by varshith17 4 days ago

Google's spam filter is having a moment. Even emails with perfect auth records are getting flagged - clearly a broken model deployment. Mark legitimate emails as "not spam" aggressively. They'll either rollback or your local filter will adapt. This happens every 6-12 months with Gmail.

Comment by jokethrowaway 4 days ago

It's been happening for about a month for me. I had to start monitoring spam because legit emails end up there. Funnily enough I started having the opposite problem too - plenty of obvious spam and phishing attempt ending up in my mailbox.

I had to make a bunch of filters on my side.

One more reason to migrate to Proton

Comment by zahlman 4 days ago

I see nothing amiss on my oldest Gmail account. But then, I get probably <1 spam email a day on average, and even less legitimate mail, and even less that isn't an automatic notification of something or other that's already filtered and categorized by sender.

Comment by j45 4 days ago

I have seen a spam button show up I haven't seen in a long time.

It might be a new round of AI training featuring the labour of customers as free employees doing training. Every time we click, we consent to sharing private email data.

Comment by Aboutplants 5 days ago

I feel like things have been going on a little bit longer than this indicates.

Comment by grvdrm 4 days ago

I seem to be experiencing the opposite! Lots of spam flowing through.

Comment by notenlish 4 days ago

Today gmail labelled an email coming from google search console as potentially dangerous, however it was because it couldn't properly do spam filtering on the email.

Comment by Tade0 4 days ago

I've had Stack Overflow's last newsletter of 2025 land in spam, which was strange because surely they didn't lose relevance that much yet, did they?

Comment by czbond 5 days ago

I have been receiving a large number of spam emails in my "Important and Unread" areas which is anomalous. I was wondering exactly why and this helps. thanks!

Comment by 4 days ago

Comment by 4 days ago

Comment by whateveracct 5 days ago

Is this why I keep getting ads in my Primary inbox?

Comment by donutshop 5 days ago

Absolutely

Comment by maximinus_thrax 4 days ago

So thankful for this development. This was the final nudge I needed to finally ditch Gmail, after 20something years.

Comment by tonymet 5 days ago

Good on Google for having clear and timely outage notifications even for a minor to moderate subservice like spam detection.

Comment by tonymet 4 days ago

Wow you can’t even give praise on HN without getting downvoted

Comment by 4 days ago

Comment by 4 days ago

Comment by TechRemarker 4 days ago

Ahh. Wok up to a follow up email an address already marked as spam so couldn't figure out what was going on.

Comment by nubinetwork 4 days ago

The only thing in my gmail spam box is some ad for a pirate tv streaming service that's probably a scam...

Comment by exabrial 4 days ago

Actually having the opposite problem, I'm getting 50+ emails that SHOULD be marked as spam.

Comment by Aboutplants 5 days ago

Interesting, I’ve had a lot of emails lately flagged as “Promotions” even when they were not.

Comment by sss111 5 days ago

Any ideas on how to deal with stopping spam emails in general, scripts/tools etc?

Comment by B1FIDO 5 days ago

Step zero. Never disclose your email address to anyone.

This is very easy and straightforward. I operate 6 Gmail accounts, and three are "alts" where I've basically never given the address out to anyone at all, and they receive zero spam, zero UCE, zero marketing emails.

Of course, on my "main" I've disclosed the address to many entities and I use it for sign-in and shipping and many things. And yes, I do receive spam and scam emails there, but wcyd?

Comment by Marsymars 4 days ago

I did a “reset” a few years ago where I moved to a fresh gmail address, forwarded my old one, and updated all my accounts to use Apple’s Hide My Email service, unique per sender.

After a few years of updating addresses that I’d missed whenever something showed up that was forwarded from my old gmail account, I shut down my old account.

No more spam, whenever I start receiving spam to a Hide My Email address, I deactivate it.

Comment by EvanAnderson 4 days ago

I recently had a "role" Google account terminated because I was (paraphrasing) "violating Google policies" by having multiple accounts. I didn't know they were sticklers about that.

(I don't much care because the account was just used for interacting with somebody else's Google-hosted junk but, if I had been using it for something serious, I have probably been frustrated.)

Comment by B1FIDO 4 days ago

There is no way, no possible way that Google prohibits the use of multiple accounts. They do not. They cannot. I just asked Gemini and I checked the actual TOS. It does not, in any way, prohibit these uses.

In fact, this is plainly evident by the way they give you tools to operate them in a systematic way. You can add multiple accounts to a single Android "user". You can add them to a single Google Chromebook account under one signed-in account. You can add multiple accounts separately to the same Chromebook.

You can add multiple accounts with the same names, the same birthdates, and the same Driver License. I've validated at least two YouTube channels by showing exactly the same ID.

Google did not terminate your account for the reason you state. You are not telling us all the background information.

Google may indeed terminate multiple accounts for the same person because of TOS violations. They will definitely link and associate your accounts, so making an "alt account" for misbehavior is not safe. If my "alt account" is compromised or violates TOS, then I can expect they will discipline all 6 equally, because they're all linked.

But operating multiple accounts is very explicitly supported by Google, and by Microsoft as well, I will say. I don't know about Apple. Facebook definitely prohibited this in the past, although you can maintain multiple "profiles" and "pages" that have unique settings and personalities.

Comment by EvanAnderson 4 days ago

Apparently my account "violated TOS" (though I don't see how). The other account was used to interact with a Google Workspace in 2016, and hasn't been used since. I don't particularly care to waste mental energy trying to figure out the methodology behind Google's decision here.

This happening seemed kinda sketchy to me (because I've heard of people having several Google accounts) but, like I said, I didn't really care too much.

Anyway, here's how it went down:

In 2016 I was working w/ a Customer who was using some Google product (I believe Workspace) and I have to have a Google account to interact w/ it. Because I didn't care for them to see my "personal" Google account I make this one-off account.

This account is a Google account w/o Gmail (i.e. the username is not "@gmail.com"). That may be a factor.

Over the years I'd receive notifications that Google was going to delete the account for inactivity. I'd logon again to keep it active.

On 2026-01-12 I got a notification that my old "role" Google account was going to be deleted for being inactive for two years. I decided I wanted to keep it so I attempted to logon. The password in my vault didn't work. I found that perplexing, so I did a "Forgot password" workflow. As part of that I was offered an SMS option. I used the telephone number I use for my main Google account. For sure they "know" I'm the same operator of both accounts.

I don't believe somebody guessed the password on this account and was using it because (a) I was notified it was inactive, and (b) the password was a random 16 character alphanumeric string used only for this account. Something was clearly sketchy about the password being "wrong", though.

I completed the "Forgot password" workflow on the "role" account and got access. I decided to enable TOTP and my "real" Gmail account as the recovery contact. Everything seemed fine.

On 2026-01-13 I received a message as-follows:

> From: Google <no-reply@accounts.google.com>

> To: MyUsername@NotGmail.example.com

> Subject: Your Google Account has been disabled

> It looks like this account was created or used with multiple other accounts to violate Google's policies. The account might have been created by a computer program or bot.

> If you think your account was disabled by mistake, submit an appeal as soon as possible.

> Disabled accounts are eventually deleted. You’ll need to submit an appeal soon to keep your emails, contacts, photos, and other data saved in your Google Account.

> If you live in the European Union (EU) or are an EU citizen, there may be additional resolution options available to you.

Comment by FractalParadigm 5 days ago

I feel like an easier solution to having six different email addresses is to use Gmail aliases - I've caught a few less-than-honest companies either selling my email address, or been breached without disclosing such, simply by using an alias along the lines of '+service_name'. If any alias starts to receive spam you can setup rules to automatically delete everything that comes in with that. You also get the added benefit of significantly easier and more accurate search.

Comment by B1FIDO 5 days ago

I don't think y'all understand why I have separate Google accounts.

I use them for different purposes. They are "role accounts" for projects I am doing, such as geneaology and astronomy.

In order to use YouTube sanely, and store different stuff in Drive, I separate them into unique accounts. I use those accounts for specific things, and my YouTube subscriptions, playlists, etc. are tailored for each role, for example.

This is not about email at all. Obviously, I can access all those email accounts through the one app on my smartphone or the one PWA on my Chromebook. They are easily manageable but separate.

I also run 3 Outlook/Microsoft accounts, and for the same reason. (One of them is my academic account from community college, and the other two are personal.)

I don't need to give out email addresses for the "role accounts" except where I "Sign In With Google" to various services. So I don't really send/receive email from them at all, except where I'm sharing links or documents with myself (the best way to do this cross-account is still by using email, oftentimes.)

Comment by PaulDavisThe1st 4 days ago

I receive at least a dozen spam emails every day, sometimes as many as 60.

Rarely does more than one per day show up in my main inbox.

Why should I care who has my email address?

Comment by B1FIDO 4 days ago

Well, spam is no big deal, and any scam that comes via email should not affect anyone who is educated and prepared for them.

Of course, with a well-known email address, you could run a higher risk of credential stuffing, and an account takeover by someone who hijacks your email account, and then pivots from there to taking other accounts.

But this seems to be a risk we all take: email addresses are meant to be shared, to be public, and to be well-known to anyone to correspond with us.

I will say that disclosing my email address to certain parties has had noticeable effects. For example, I used "MYADDRESS+Echovita@gmail.com" once, and only once. My godfather had passed away, and I ordered some flowers for his funeral. And I put that order through with that email address.

Well, Echovita themselves had a data breach shortly afterwards, and I was inundated with scam emails. Just all sorts of attackers and they were basically all using the same M.O. But they were readily identifiable because I had used that "+Echovita" to identify it uniquely. And they really haven't stopped coming in. It's been 5 years since that breach.

So yes, especially with untrusted parties, it may help to tag your email address. I don't worry about receiving spam anywhere. But like I said, since I've never ever disclosed the addresses of 2-3 of my "alt accounts" they simply never receive any mail at all, spam or no spam.

Comment by DANmode 4 days ago

Spammers, if minorly sophisticated, can strip those identifiers,

so wildcard mail acceptance on servicename@customdomain.com takes the crown if you’re setting this up fresh!

Comment by Marsymars 4 days ago

I did a wildcard acceptance for years, but it doesn’t scale as well something like Apple’s Hide My Email (or other comparable service) - with a catchall you have to then start keeping a blacklist of bad emails, and I started getting spam to generic addresses like info@customdomain.com or admin@customdomain.com - with @icloud.com addresses you can just delete an address and forget about it once it’s burned.

Comment by CubsFan1060 5 days ago

I might be missing something, but if you’ve never given them out to anyone at all, then what’s the point?

Comment by skygazer 4 days ago

I have an absurd and overwrought system involving Gmail, and client-side rspamd and SpamSieve on my Mac. Gmail is (was?) overly aggressive flagging things as spam, so I have the client-side Bayesian filter check Gmail’s spam folder and rescue good email, so long as rspamd also says it’s not phishing. And then add sender to a Gmail whitelisting rule. All rescued email is flagged such that if I later manually move any of it back to junk, it stays there as spam and updates the corpus.

I now never get good email in the spam folder, and never get undetected spam in the inbox, and very occasionally get a spam erroneously rescued, but still visually flagged as iffy-but-maybe-ham.

If Gmail has been lax at filtering spam lately, I haven’t noticed, but perhaps the Bayesian filter has been picking up the slack.

Comment by lanstin 4 days ago

I should consider this - I run my own domains, and for years I just forwarded it to gmail, but I had so many cases when mails were put into spam, even replies to emails I had sent in the middle of a long conversation between myself and 1 other person, that I went to just self-hosted IMAP. Then for years I couldn't reliably send to google or yahoo or MS; I added SPF a while ago which help, but recently buckled down and put in SRS and DMARC and DKIM (and rspamd while I was at it); now I get the mail I want, and can mostly send mail without it being rejected (still have to ask people to check spam, but anyways many people I have to tell them I'm emailing them anyways if its important). However I have a lot of non-spam "promotion" emails that I don't want to see. If I could train gmail to not block legit stuff reliably, that would be worth trying again (I would say except for the privacy implications, but since so much email involves gmail on one side or the other, they probably get most of it anyways).

Comment by TacticalCoder 5 days ago

I use Gmail since the beta (I got invite from a googler) and I don't remember when they began adding spam control but in my experience the GMail spam check works usually exceptionally well: I very rarely need to add a custom filter.

My email, over two decades+ (2004?), hasn't been in a many public leaks (only one on https://haveibeenpwned.com/ ) but obviously has made its way to various spammy actors but thankfully nearly everything is caught by GMail's spam filter.

If anything I'd say GMail's spam filter works too well: I get more legit emails in my spam folder than spam in my regular inbox. As in: one in a rare while vs about zero spam in my regular inbox.

Comment by kevin_thibedeau 4 days ago

Multiple accounts as others have said. The most powerful is to switch to a provider that permits custom domains and allows you to construct topic specific wildcard addresses on the fly. These can't be flagged as invalid or stripped like Google '+' suffixes and when compromised, you can filter them into oblivion and move on to something else. You also get the bonus of having the entire namespace to yourself and can select short addresses.

Comment by tianqi 4 days ago

Which service provider would you recommend?

Comment by Marsymars 4 days ago

You don’t need an email service provider for that, plenty of DNS providers also offer email forwarding. I can recommend easyDNS, but various others are probably also good.

Comment by 4 days ago

Comment by corn13read2 4 days ago

Just switch themail.host and never look back...

Comment by ianberdin 4 days ago

Maybe Gmail knows something?

Comment by mediumsmart 4 days ago

Probably graiduation day

Comment by buildbot 5 days ago

Yep, getting this too.

Comment by saidnooneever 4 days ago

vibecoding im sure

Comment by greesil 4 days ago

Now, what about the Messages app? Starting last December I started receiving 10 spam SMS messages a day. Previously it was maybe one per week.

Comment by DANmode 4 days ago

Control your phone number better.

Only answer numbers you recognize, everyone else gets voicemail.

Cell phone spam is a 10 year+ old memory for me.

Comment by cabirum 4 days ago

[flagged]

Comment by blell 4 days ago

We get it, you hate AI. Here, your gold star.

Comment by Waterluvian 4 days ago

Is there some history behind the spam detector being those things or is this a vibe comment?

Comment by SoftTalker 4 days ago

I don't understand why spam detection is so complicated. I can tell with high accuracy if an email is spam just by the subject line. I'd think even basic ML could do this very reliably you don't need a bleeding-edge LLM to do this.

Phishing is tricker because it can be very deceptive especially if you're being targeted specifically. But also usually pretty obvious.

Comment by PaulDavisThe1st 4 days ago

ORLY?

* Are you available? * Paul, can we have a zoom meeting with you on Monday? * Assistance for donation * Greetings!!! * some ideas for you * Refund request * Somethings not working * Manuel Montoya for roof work contractor * proposals for print * Invite Connection

Half of the above are actual spam, half are not. Tell me which is which ...

Comment by maxbond 4 days ago

I agree with you but for the love of the game, these are the ones I'm guessing are spam:

* Paul, can we have a zoom meeting with you on Monday?

* Assistance for donation

* Greetings!!!

* Invite Connection

* Refund request

Comment by PaulDavisThe1st 4 days ago

3/5 :)

Comment by maxbond 4 days ago

Better than Google did today!

Comment by SoftTalker 4 days ago

If there's any question look at the sender. I delete half my email unread based on subject and sender alone.

Comment by DANmode 4 days ago

You can tell from your subject lines.

You cannot 100% tell from others’ subject lines,

if you don’t know them personally.

Comment by SoftTalker 4 days ago

Yes but I also don't have the ability to know what millions of accounts are receiving, unlike Google.

Comment by DANmode 4 days ago

Neither do they - until hours after you’ve potentially received a spam message in your inbox.

It’s past patterns + live human weighting.

Comment by chistev 4 days ago

They can tweak the subject to something not obviously spammy.

Comment by plagiarist 4 days ago

Obviousness in spam is a feature, they don't have to waste effort on people who know better.

Comment by Nextgrid 4 days ago

This only applies to spam which requires significant follow-up effort from the spammer to respond to potential victims; effectively just 419 "advance-fee" fraud scams.

For spam which only does not require manual effort on the other side, there is no reason to filter out potential victims and all the more reason to make it look as legit as possible to maximize conversion rates.

Comment by takanot 4 days ago

> For spam which only does not require manual effort on the other side, there is no reason to filter out potential victims and all the more reason to make it look as legit as possible to maximize conversion rates.

Unless there's a trade-off. Saying "respond now or your account will be erased!" doesn't sound very legit. But the number of additional victims the phisher gets by doing probably outweighs the number of more sophisticated victims he loses.