Given the subject, it is probably a mistake to reply, but it's a new year...
You seem to be acting under some misapprehensions, some of which are reasonable. Yes, Google is well aware of JoeJobs, that's why we were involved in and early proponents of the various authentication schemes (SPF/DKIM/DMARC/ARC). Yes, Google only generates domain reputations based on authenticated domains. The other thing is that our error messages and suggestions pages are non-specific. I've mentioned this before on this list, but the gist of the matter is that any spam determination is the result of one or more spam rules which combine up to 20 or so spam signals, and some of those signals are generated from machine learning models of past spam based on even more individual mail transaction/message features. These rules are constantly being monitored, updated and added to in response to updated spammer tactics. None of this is unique to Google, any major spam target either does this themselves or outsources it to a third party antispam provider. There is no one signal to mention in the error message. There is no one or limited list of suggestions on how to fix it, and the more specific the suggestion the more out of date it might be. Even if it were possible to be more specific, we also wouldn't want to be specific enough to help the spammers. The error message is chosen from a limited list of options by the spam rule writer and generally picked based on what they feel is the primary signal or best way to represent it. They are not updated very often, and sometimes entire new classes of rules may roll out without new/better error messages... fighting the spam and limiting the false positives tends to take precedence over the limited utility of the rejection message. Our user studies have shown that the more complicated the message, the harder it is to understand for the typical user anyways, hence our own attempts to have very general bounce messages we generate to users based on the rejections other providers give us. I haven't been on the Gmail team in quite a while now, and so I have no particular insight into the specific rules involved here. You can look at postmaster.google.com for information about the reputation of your domains... but that only helps if there is "enough" information available (ie, high enough authenticated volume from a particular domain). I know one historical way that "low reputation" has been used incorrectly is for low volume or low nonspam volume or "unknown" domains. Reputation heavily favors recency. All of these things also update in real time, so truly no spam evaluation is ever the same. There have been extensive discussions on here about how some of these things affect low volume senders and why based on our experience with compromised hosts sending spam. Low volume also makes it hard to find good senders in bad neighborhoods. This is the real issue with the modern large scale email ecosystem, while it doesn't require you to be one of the major providers, there is a relatively high bar for volume to create the signal necessary for modern antispam systems to have good discrimination. The end result is that spam rejections can seem very arbitrary and capricious. In the large, false positives are low... but the rate will always appear high for any rejections on low volume domains. hmm, it occurs to me given work we've done on my current team that Mantel–Haenszel analysis would be useful to see how the false positive rate appears to different buckets, it has become more common across Google, but I have no idea if the spam team is using that or not. Anyways, this is a long winded way of saying sorry for your experience. Brandon On Thu, Jan 8, 2026 at 3:43 AM Peter N. M. Hansteen via mailop < [email protected]> wrote: > On Thu, Jan 08, 2026 at 07:31:22AM +0100, Peter N. M. Hansteen via mailop > wrote: > > If anyone here knows a sane person at Google, please point them at > > > > https://nxdomain.no/~peter/google-abuse/20260108_google_bounce.txt > > > > vs > > > > https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html > > > > and ask them for conclusions or even better, to contact me. > > It looks like either one or more people here alerted someone in > charge of these things, or perhaps there are even Googlers lurking here, > since a resend to the same addresses succeeded just now (well, delivered, > but directed to the spam folder, so there is room for improvement still). > > It also dawned on me that I had ranted in public about a similar episode > some years back, > https://nxdomain.no/~peter/does_your_email_provider_know_what_a_joejob_is.html > , > a piece which is also linked in the retrospective article. > > To whoever set the fixing action in motion: Thank you! > > And I hope that the parties involved will preserve the knowledge acquired. > > All the best, > Peter > > -- > Peter N. M. Hansteen, member of the first RFC 1149 implementation team > https://nxdomain.no/~peter/blogposts > https://nostarch.com/book-of-pf-4th-edition > "Remember to set the evil bit on all malicious network traffic" > delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. > _______________________________________________ > mailop mailing list > [email protected] > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
