The Inquirer-Home

Spam gets through Google's filters

GMail not learning a thing from my reports?
Sun Jan 29 2006, 13:43
GOOGLE'S GMAIL really changed the way I look at email. I used to have several POP3 mailboxes (a few of which I still keep, but rarely use), and download everything to my PC.

Today, I only download the attachments I wish to view, but other than that, all my e-mail stays at Google's GMail servers.

Now that I think about it, I'd sleep better at night if I could pay a small yearly fee to Google and in turn they assured me they've got my data backed up so in case of disaster on GMail's servers, I won't lose all my data.

Until about two months ago, Google's anti-spam filters also seemed to work really well. Then I started receiving SPAM with a distinctive characteristic: "Hey {insert random name here}" in the subject line. I have thousands of such mails in my SPAM folder, and more arriving daily to my inbox, not stopped by my spam reporting on the GMail interface:

alt='gmail-spam-filter-not-learning-a-thing'
"Hey {sweety}, you've got spam". Just by entering "subject:Hey", I'm able to single out all annoying unsolicited messages on my inbox. Why can't GMail spam filters do the same?

What's interesting is that the sender address is generated randomly, and the destination is random as well - all random names @os2guru.com, a domain name I have hosted, and which is set up with a "wildcard forwarder" ( anything@os2guru.com is forwarded to me), which ends up in my GMail account. Maybe that's one of the reasons why Google's spam filters have a hard time singling out a string to identify it, even while I mark it all as spam almost religiously. At one point I thought that someone was out to annoy me. Then I started reading the headers of the unsolicited, random e-mail. The origin IP address is random as well! (the USA, France, even Poland!):

Some examples of the originating hosts:

  • ALagny-151-1-66-20.w81-249.abo.wanadoo.fr [81.249.152.20]
  • S01060013464a9c35.ed.shawcable.net (S01060013464a9c35.ed.shawcable.net [68.151.137.27])
  • ARouen-251-1-72-250.w83-202.abo.wanadoo.fr (ARouen-251-1-72-250.w83-202.abo.wanadoo.fr [83.202.187.250])
  • 177-234.adsl.szeptel.net.pl [80.240.177.234]

The random source IP addresses lead me to believe this is worm of some kind or ADSL subscriber PC's turned into zombies to later forward spam, or some random smtp open-relay testing going on. What puzzles me more is that GMail's automatic spam filters are not learning: at this point I'm selecting and hitting the "report spam" button on about 12 to 20 such mails a day, all with "Hey {random name}" in the subject line and NO CONTENT (no body), yet Google's spam filter doesn't seem able to add such criteria. It's simple: mail starts with "Hey" in the subject line, and contains no message body.

If someone from Google reads this, I'd like to know if there are any official channels to report this kind of feedback, so the GMail anti-spam filters can be manually tweaked a bit to single out this kind of crud, hopefully allowing me to return to my happy GMail experience. µ

See Also
Rumours of spam's death greatly exaggerated
Spam blocking constitutional

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Heartbleed bug discovered in OpenSSL

Have you reacted to Heartbleed?