How do email providers filter out "spam" from your inbox?
Is there a widely used algorithm?
#technology #computer #software #tech
There are various techniques that providers use to filter spam like below:
- Filtering based on some words used in spam emails like 'lottery winner' etc.
- Emails coming from blacklisted IPs and known spammers
- Rule based filters like email coming from specific senders or having certain words in mail subject and body
Traditional email providers used to use following tricks to determine if an email is spam or not:
- Spam Keywords (https://emailmarketing.comm100.com/email-marketing-ebook/spam-words.aspx)
- Coming from a blacklist groups (For eg any email address ending with @xyz.com)
- No subject
- Sending bulk emails in short time
- Sending email with only images with links and no content
- Perform virus scans of attachments
- Spam signatures
- Checking links in emails to determine whether they direct to phishing websites or webpages known to host malware
New spam filtering is much more smarter and uses all the above techniques with AI embedded into it.
AI helps in figuring out if the email is spam or not based on lot of rules which is difficult to code.
Gmail will have its own spam filtering model that will determine if its a spam or not. This model will be personalized and more specific to you. Model will read your email and determine spelling mistake, use of spam words in email body, any phishing links, harmful attachments, etc.
Shravan recommends the following next steps:
Hi Juliana, in addition to the other answers and techniques given, DKIM (Domain Keys Identified Mail) is a newer technique used to detect and reject spam. For more detail on this, see here (https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail), but a small excerpt describes the basics:
DKIM allows the receiver to check that an email claimed to have come from a specific domain was indeed authorized by the owner of that domain.<sup></sup> It achieves this by affixing a digital signature, linked to a domain name, to each outgoing email message. The recipient system can verify this by looking up the sender's public key published in the DNS.