On Mon, 2022-02-14 at 08:23 -0600, c. marlow wrote: > I am wanting to know, would gmail start considering all mail from my > domain as spam if it occasionally puts a piece of mail in the spam > folder? Or is DirectAdmin keeping the headers like they are and just > redirecting the email to me? additional... Look at the messages going through your system, your mail client should have some sort of "view source" or "view all headers" option. You should be able to to see what headers are there. But generally, mail systems just add their own headers on top of the stack, only expect a spammer to start removing or forging ones. Directly above your message content (what you type) are the first lot of headers, where you've set FROM, TO, SUBJECT, and something has added the DATE (either your mail client, or the first server it goes through if your mail client didn't). Each server that your mail passes through adds a "received" header to the top of the email, so they start stacking upwards (the last server to handle the mail will have their headers on the top). You can think of this as traditional mail going through the postal service. You write the addresses on the envelope (and everyone takes it on faith that you wrote the correct "from" address). As it goes through the postal service they postmark it with their own stamp. Imagine if every postal office the letter passed through put their postmark stamp on top of the last one. They don't, but that's the sequence email goes through. As far as spam detection goes, any thing that puts high credence on the TO and FROM addresses is going to have a high failure rate (because nearly all your mail will be addressed to you, and spammers usually fake the from addresses, though mail with TO the same as FROM usually is spam), it really needs to examine the mail servers that it passes through more than anything else. The first one it went through ought to get the heaviest scrutiny, as it would be the originator of any mail and should be stopping spam right at its own border. But spammers may send through fake servers first, so subsequent servers it passed through do need to be assessed, too. Long before your own server forwarded the message to you, it's passed though other servers. Considering a large service like google assesses millions of emails, with thousands going through some servers that they'll database, the odd one or two through your own *ought* to be a teardrop in the ocean, comparatively speaking. But don't be complacent about that. As I'd already said, put addresses into your contacts that you want considered friendly. Google should consider such mail less likely to be spam that any other address. Though I'd be inclined not to do that with your own personal address, spammers often use your own address as the FROM address to try and get past your spam filters. Guessing how any service does it spam detection is guesswork, though some people do put effort into testing, and services keep changing their detection methods to keep pace. If I were spam detecting, there'd be a number of things I'd look at. Assume I'm a large email service. I'd get millions of emails, I look at their content, lots of identical messages are very probably spam, so I increase their spam score. If users report spam to me, I'll further increase the spam score for other identical messages. But if I receive them sent to fake honeypot addresses, I immediately set their spam score to 100% and presume all identical messages (content-wise) will be spam and I can delete them without care, or at least mark them as confirmed spam. I also look at where they came from (the services it passed through, not the TO & FROM addresses), and those services become highly suspect. Then we start marking mail from them as possibly spam. If I see masses of possible spam from them, more than non-spam, we start scoring their mail even worse. But if all I ever see from those services is spam, they get bumped up to extremely suspect. Then we start managing mail from them, rejecting it, blacklisting the service (so they have to fix themselves to get unblacklisted). That's the basic idea. For what it's worth, it's highly likely that when services give you user agreements that make you agree to them being able to look at message content, it's probably to allow their spam detection to assess your mail. Much more so than for other nefarious purposes. And if I were running a public email service, I could also be looking at user's accounts. If you reply to a mail, add its details to your contact list, or move the mail to another folder, I could presume it wasn't spam, as you've interacted and kept it. But if you delete it, or ignore it (i.e. leave it idle in your inbox), I might assess it as being spammy, even if you didn't flag it as junk. -- uname -rsvp Linux 3.10.0-1160.53.1.el7.x86_64 #1 SMP Fri Jan 14 13:59:45 UTC 2022 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
