Re: WAS : Kinda OT: Email clients.... ( Now Forwarders)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2022-02-14 at 08:23 -0600, c. marlow wrote:
> I am wanting to know, would gmail start considering all mail from my
> domain as spam if it occasionally puts a piece of mail in the spam
> folder? Or is DirectAdmin keeping the headers like they are and just
> redirecting the email to me?

additional...

Look at the messages going through your system, your mail client should
have some sort of "view source" or "view all headers" option.  You
should be able to to see what headers are there.  But generally, mail
systems just add their own headers on top of the stack, only expect a
spammer to start removing or forging ones.

Directly above your message content (what you type) are the first lot
of headers, where you've set FROM, TO, SUBJECT, and something has added
the DATE (either your mail client, or the first server it goes through
if your mail client didn't).  Each server that your mail passes through
adds a "received" header to the top of the email, so they start
stacking upwards (the last server to handle the mail will have their
headers on the top).

You can think of this as traditional mail going through the postal
service.  You write the addresses on the envelope (and everyone takes
it on faith that you wrote the correct "from" address).  As it goes
through the postal service they postmark it with their own stamp. 
Imagine if every postal office the letter passed through put their
postmark stamp on top of the last one.  They don't, but that's the
sequence email goes through.

As far as spam detection goes, any thing that puts high credence on the
TO and FROM addresses is going to have a high failure rate (because
nearly all your mail will be addressed to you, and spammers usually
fake the from addresses, though mail with TO the same as FROM usually
is spam), it really needs to examine the mail servers that it passes
through more than anything else.  The first one it went through ought
to get the heaviest scrutiny, as it would be the originator of any mail
and should be stopping spam right at its own border.  But spammers may
send through fake servers first, so subsequent servers it passed
through do need to be assessed, too.

Long before your own server forwarded the message to you, it's passed
though other servers.  Considering a large service like google assesses
millions of emails, with thousands going through some servers that
they'll database, the odd one or two through your own *ought* to be a
teardrop in the ocean, comparatively speaking.  But don't be complacent
about that.

As I'd already said, put addresses into your contacts that you want
considered friendly.  Google should consider such mail less likely to
be spam that any other address.  Though I'd be inclined not to do that
with your own personal address, spammers often use your own address as
the FROM address to try and get past your spam filters.

Guessing how any service does it spam detection is guesswork, though
some people do put effort into testing, and services keep changing
their detection methods to keep pace.  If I were spam detecting,
there'd be a number of things I'd look at.

Assume I'm a large email service.  I'd get millions of emails, I look
at their content, lots of identical messages are very probably spam, so
I increase their spam score.  If users report spam to me, I'll further
increase the spam score for other identical messages.  But if I receive
them sent to fake honeypot addresses, I immediately set their spam
score to 100% and presume all identical messages (content-wise) will be
spam and I can delete them without care, or at least mark them as
confirmed spam.  I also look at where they came from (the services it
passed through, not the TO & FROM addresses), and those services become
highly suspect.  Then we start marking mail from them as possibly spam.
If I see masses of possible spam from them, more than non-spam, we
start scoring their mail even worse.  But if all I ever see from those
services is spam, they get bumped up to extremely suspect.  Then we
start managing mail from them, rejecting it, blacklisting the service
(so they have to fix themselves to get unblacklisted).  That's the
basic idea.

For what it's worth, it's highly likely that when services give you
user agreements that make you agree to them being able to look at
message content, it's probably to allow their spam detection to assess
your mail.  Much more so than for other nefarious purposes.

And if I were running a public email service, I could also be looking
at user's accounts.  If you reply to a mail, add its details to your
contact list, or move the mail to another folder, I could presume it
wasn't spam, as you've interacted and kept it.  But if you delete it,
or ignore it (i.e. leave it idle in your inbox), I might assess it as
being spammy, even if you didn't flag it as junk.

-- 
 
uname -rsvp
Linux 3.10.0-1160.53.1.el7.x86_64 #1 SMP Fri Jan 14 13:59:45 UTC 2022 x86_64
 
Boilerplate:  All unexpected mail to my mailbox is automatically deleted.
I will only get to see the messages that are posted to the mailing list.
 
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux