The Plague Of False Positives

from the revolting-against-spam-filters dept

This has been discussed before, but the “quick hook” of many spam filters is causing many legitimate emails to get lost. The article includes the story of someone who had a senior exec at a potential customer email him for some information about his products. The guy tried to write back, but every time, his emails were blocked as spam. Luckily, in this case, he was alerted. Plenty of times, those email disappear into a blackhole. Just recently, I experience something similar. Responding to a specific company request, I was told that my email address had been specifically “blacklisted”. I had to email the person from an outside email address just to get around it. The article claims that some ISPs are giving up on filtering spam themselves – saying that they get such angry calls over “false positives”. While I can understand why a number of legitimate opt-in bulk email gets caught in spam filters, individualized emails shouldn’t be. However, the article says up to 15% of “routine email” messages never get delivered after being flagged as spam. The main problem is that spam is really in the eye of the beholder, not the eye of the ISP or network administrator. While the article suggests the answer is more desktop spam filters, I disagree. A desktop spam filter makes less and less sense in a mobile world where you want to access your email on many different devices. What we need are spam filters on the server side (don’t even want to bother downloading spam), which gives the end-user control over the defining process (and the ability to review flagged emails). While there are tools like SpamAssassin for this purpose, most aren’t very easy for an everyday user to set up and manage themselves. At the same time, I think that challenge-response systems actually make this problem worse by basically defining all emails as spam. That is it has an almost 100% false positive rate at startup. Anyone who decides not to jump through your hoops never gets their email to you, and thus is classified as a false positive.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The Plague Of False Positives”

Subscribe: RSS Leave a comment
ben (user link) says:

a few other things to try

there are a couple of simple things you can try to do, both involve the person sending you email to be a person however.

the first is going to, they have been very useful in the past for me.

the second is, if you use Outlook (or anything else that lets you make filters), filter out any email that doesn’t have a word or phrase of your choosing in the subject (or even the date would work), then have an autoreply to any incoming email (so it’s _FROM_ you) with a message to please include your word in the subject. (unfortunately, this requires downloading, but at least you don’t have to deal with it).

another method is a public, free, temporary email address, like or the like, if you don’t already have spam coming to your email account, or don’t want more…

Chris says:

What I'm doing

I’m using Procmail to forward all mail tagged by SpamAssasain to a seperate spam catcher account. Then I skim the headers of the spam once a day for false positives. There is one there occasionally – maybe 1 or 2 per week. SA lets about 20 spams through a day, I think my web host has it set fairly liberal. It’s not a perfect solution, but it has helped.

aNonMooseCowherd says:


The ISP I use for email uses Brightmail. Suspected spam gets put on their webmail system where you can see summaries (subject, from, date) and view or save individual messages. Every so often I review this to see if any legitimate mail has been flagged as spam. Over the last year or so I’ve probably checked several thousand headers, and have never seen a *single* legit email that was flagged as spam. This works because Brightmail doesn’t try to guess from the content whether the message is spam; it tries to match it with known spam. Of course this means that not all spam is filtered, but my own filter rules (e.g. look for Korean encoding) get rid of most of the rest of it.

Mike (profile) says:

Re: I disagree

Because Christopher couldn’t take the time to post his disagreement here, I’ll summarize:

He thinks I’m wrong about challenge-response because most people will set up their C-R systems so that the sender never notices (since your addressbook will automatically get whitelisted).

That doesn’t explain the C-R challenges I get all the time – all of which I ignored.

Sure, it would be great if it worked, but so far, it doesn’t. Defining everything as spam isn’t the solution. It just makes the problem worse.

Christopher Ambler (user link) says:

Re: Re: I disagree

I’m sorry, I thought pointing to my blog would set up a trackback link, but it didn’t. Thank you for summarizing.

I still have to disagree. It works fine for me. If someone has a c/r system and doesn’t bother to clear addresses that they send to, that’s their issue. If you get a challenge because the sender didn’t bother to either whitelist you, or, better, use a system that does it automatically, you’re well within your rights to ignore it.

It’s all about tools, and how people use them. At the end of the day, c/r works for me, and I don’t get any complaints. Of all of the technilogical solutions, c/r seems to be the only one that is actually getting the job done.

Christopher Ambler (user link) says:

Re: Re: Re:2 I disagree

No, it might not be that. I get plenty of email, have never had anyone tell me that they didn’t want to deal with the c/r, or missed an expected email.

To confirm this, I save all of my unconfirmed email and go through it once a week or so. I’ve never found anything in there that I thought should have been confirmed.

As I said, c/r seems the best solution right now. There are some things that could be done to it to make it even better, and address some of the concerns expressed. I expect we’ll see those improvements in short order.

Three Men In A Boat says:

No Subject Given

Um, if what you’re saying is that there’s no spam filtering solution that will work for all users, well, duh. Two points:

1. The article has this quote:
“What people resent the most is having the IT department or ISP determine what is — and what is not — spam,” said Herrick. “No one else has the right to open your regular mail. It should be no different with e-mail.”
The above is a generalization… many, many users LOVE having the ISP determine what is spam… especially parents of kids using the net.

2. The article states, “… all users ultimately wind up wasting a lot of time searching through their bulk mail folders for false positives …”, a generalization which is simply wrong.

Cory Seaman (profile) says:

No Subject Given

We’ve been evaluating the final release of Office 2003 for the past couple of weeks, and Outlook now has an AMAZING built-in junk mail filter (based on the research done for MSN) which really SHOULD be an answer for all…um, beholders. It nails 97%+ of my spam so far, which is better than even SpamNet and Spammunition did, and it turns up very few (none for me so far) false positives, even on the “Aggressive” setting. I’m totally impressed.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...