Briefly, this morning, I had the opposite effect happen to my Gmail inbox in which things that would normally land in the social and updates folders ended up in my primary folder. I don't know which I'd be more freaked out by: a broken Gmail spam filter or 18 inches of snow.
It's a great reminder of how good this feature is that we take for granted. I think this outage has actually improved my appreciation for Gmail (a service I normally only complain about).
Seriously. I didn't even realize this was a wide issue, but I couldn't find a school enrolment email I was looking for this morning, and found it in the spam folder. The fact that I basically never have to do this is actually amazing.
I see nothing amiss on my oldest Gmail account. But then, I get probably <1 spam email a day on average, and even less legitimate mail, and even less that isn't an automatic notification of something or other that's already filtered and categorized by sender.
This has been “down” for me for a few months now, ever since Google tied this functionality to the same toggle that opts you in for using your email data for AI training. So now you can’t filter this stuff without also agreeing to a whole swath of unrelated and opt-ins.
Ive since gone on an unsubscribe campaign, and things seem bearable now.
Yes, my Gmail inbox is full of regular senders being flagged as "possibly unsafe" and I need to click a button "Looks Safe" to accept them. They are not being spamboxed, but they are definitely flagged. Even official communications from the USPS!
The reason given is that "Gmail hasn't scanned this message", so I suppose the scanners are unavailable/disabled for the time being.
They should also be tagged as "Important" but they are not. I believe this is a heuristic-based designation, and it has not been working too great lately. My most important mail is coming through as "unimportant".
They are not being marked as "Suspicious" but they are showing an infobox that explains they could not be scanned at all.
You could click "Seems Safe" on these messages, but they are not scanned by Google, and they are simply adding a disclaimer that they currently can't vouch for the safety of a message that they couldn't scan. It seems to me that this is a prudent and helpful course of action.
Same here. Until recently I would get maybe 1-2 spams a month, and I just got 30 in the span of a few days.
They’re the very obvious, very obnoxious kind of spam, and Gmail still correctly sends them to the junk bin, so I wonder if they were shadowbanned before and Google simply decided to make the process more explicit (which I don’t hate on principle).
Either that or my address was scrapped from somewhere by a spam bot and the timing is coincidental.
I have been receiving a large number of spam emails in my "Important and Unread" areas which is anomalous. I was wondering exactly why and this helps. thanks!
I have an absurd and overwrought system involving Gmail, and client-side rspamd and SpamSieve on my Mac. Gmail is (was?) overly aggressive flagging things as spam, so I have the client-side Bayesian filter check Gmail’s spam folder and rescue good email, so long as rspamd also says it’s not phishing. And then add sender to a Gmail whitelisting rule. All rescued email is flagged such that if I later manually move any of it back to junk, it stays there as spam and updates the corpus.
I now never get good email in the spam folder, and never get undetected spam in the inbox, and very occasionally get a spam erroneously rescued, but still visually flagged as iffy-but-maybe-ham.
If Gmail has been lax at filtering spam lately, I haven’t noticed, but perhaps the Bayesian filter has been picking up the slack.
Multiple accounts as others have said. The most powerful is to switch to a provider that permits custom domains and allows you to construct topic specific wildcard addresses on the fly. These can't be flagged as invalid or stripped like Google '+' suffixes and when compromised, you can filter them into oblivion and move on to something else. You also get the bonus of having the entire namespace to yourself and can select short addresses.
Step zero. Never disclose your email address to anyone.
This is very easy and straightforward. I operate 6 Gmail accounts, and three are "alts" where I've basically never given the address out to anyone at all, and they receive zero spam, zero UCE, zero marketing emails.
Of course, on my "main" I've disclosed the address to many entities and I use it for sign-in and shipping and many things. And yes, I do receive spam and scam emails there, but wcyd?
I recently had a "role" Google account terminated because I was (paraphrasing) "violating Google policies" by having multiple accounts. I didn't know they were sticklers about that.
(I don't much care because the account was just used for interacting with somebody else's Google-hosted junk but, if I had been using it for something serious, I have probably been frustrated.)
There is no way, no possible way that Google prohibits the use of multiple accounts. They do not. They cannot. I just asked Gemini and I checked the actual TOS. It does not, in any way, prohibit these uses.
In fact, this is plainly evident by the way they give you tools to operate them in a systematic way. You can add multiple accounts to a single Android "user". You can add them to a single Google Chromebook account under one signed-in account. You can add multiple accounts separately to the same Chromebook.
You can add multiple accounts with the same names, the same birthdates, and the same Driver License. I've validated at least two YouTube channels by showing exactly the same ID.
Google did not terminate your account for the reason you state. You are not telling us all the background information.
Google may indeed terminate multiple accounts for the same person because of TOS violations. They will definitely link and associate your accounts, so making an "alt account" for misbehavior is not safe. If my "alt account" is compromised or violates TOS, then I can expect they will discipline all 6 equally, because they're all linked.
But operating multiple accounts is very explicitly supported by Google, and by Microsoft as well, I will say. I don't know about Apple. Facebook definitely prohibited this in the past, although you can maintain multiple "profiles" and "pages" that have unique settings and personalities.
I feel like an easier solution to having six different email addresses is to use Gmail aliases - I've caught a few less-than-honest companies either selling my email address, or been breached without disclosing such, simply by using an alias along the lines of '+service_name'. If any alias starts to receive spam you can setup rules to automatically delete everything that comes in with that. You also get the added benefit of significantly easier and more accurate search.
I don't think y'all understand why I have separate Google accounts.
I use them for different purposes. They are "role accounts" for projects I am doing, such as geneaology and astronomy.
In order to use YouTube sanely, and store different stuff in Drive, I separate them into unique accounts. I use those accounts for specific things, and my YouTube subscriptions, playlists, etc. are tailored for each role, for example.
This is not about email at all. Obviously, I can access all those email accounts through the one app on my smartphone or the one PWA on my Chromebook. They are easily manageable but separate.
I also run 3 Outlook/Microsoft accounts, and for the same reason. (One of them is my academic account from community college, and the other two are personal.)
I don't need to give out email addresses for the "role accounts" except where I "Sign In With Google" to various services. So I don't really send/receive email from them at all, except where I'm sharing links or documents with myself (the best way to do this cross-account is still by using email, oftentimes.)
Well, spam is no big deal, and any scam that comes via email should not affect anyone who is educated and prepared for them.
Of course, with a well-known email address, you could run a higher risk of credential stuffing, and an account takeover by someone who hijacks your email account, and then pivots from there to taking other accounts.
But this seems to be a risk we all take: email addresses are meant to be shared, to be public, and to be well-known to anyone to correspond with us.
I will say that disclosing my email address to certain parties has had noticeable effects. For example, I used "MYADDRESS+Echovita@gmail.com" once, and only once. My godfather had passed away, and I ordered some flowers for his funeral. And I put that order through with that email address.
Well, Echovita themselves had a data breach shortly afterwards, and I was inundated with scam emails. Just all sorts of attackers and they were basically all using the same M.O. But they were readily identifiable because I had used that "+Echovita" to identify it uniquely. And they really haven't stopped coming in. It's been 5 years since that breach.
So yes, especially with untrusted parties, it may help to tag your email address. I don't worry about receiving spam anywhere. But like I said, since I've never ever disclosed the addresses of 2-3 of my "alt accounts" they simply never receive any mail at all, spam or no spam.
I use Gmail since the beta (I got invite from a googler) and I don't remember when they began adding spam control but in my experience the GMail spam check works usually exceptionally well: I very rarely need to add a custom filter.
My email, over two decades+ (2004?), hasn't been in a many public leaks (only one on https://haveibeenpwned.com/ ) but obviously has made its way to various spammy actors but thankfully nearly everything is caught by GMail's spam filter.
If anything I'd say GMail's spam filter works too well: I get more legit emails in my spam folder than spam in my regular inbox. As in: one in a rare while vs about zero spam in my regular inbox.
There's your confirmation, then. It must be either a localized failure to some subgroup of users, or triggered by some combination of settings, if some people are seeing it and others are not.
It's been happening for about a month for me. I had to start monitoring spam because legit emails end up there. Funnily enough I started having the opposite problem too - plenty of obvious spam and phishing attempt ending up in my mailbox.
I have seen a spam button show up I haven't seen in a long time.
It might be a new round of AI training featuring the labour of customers as free employees doing training. Every time we click, we consent to sharing private email data.
Its really slow. Too slow to use 2FA or in some cases, verify email addresses or recover passwords.
Most people can't handle a notification on their watch every minute, or several spam every five minutes, so "large numbers of people" are shutting off notifications on their phones. And human nature being what it is, they're not going to be turned back on again. So the era of getting a notification when you get an email is coming to a close. "Important Immediate Attention Stuff" moved to text messages a long time ago anyway, at least for me. The list of technologies you can no longer reach me on, always increases over time...
I don't understand why spam detection is so complicated. I can tell with high accuracy if an email is spam just by the subject line. I'd think even basic ML could do this very reliably you don't need a bleeding-edge LLM to do this.
Phishing is tricker because it can be very deceptive especially if you're being targeted specifically. But also usually pretty obvious.
* Are you available?
* Paul, can we have a zoom meeting with you on Monday?
* Assistance for donation
* Greetings!!!
* some ideas for you
* Refund request
* Somethings not working
* Manuel Montoya for roof work contractor
* proposals for print
* Invite Connection
Half of the above are actual spam, half are not. Tell me which is which ...
This only applies to spam which requires significant follow-up effort from the spammer to respond to potential victims; effectively just 419 "advance-fee" fraud scams.
For spam which only does not require manual effort on the other side, there is no reason to filter out potential victims and all the more reason to make it look as legit as possible to maximize conversion rates.
See also https://www.google.com/appsstatus/dashboard/incidents/NNnDkY...
(from other threads that we merged hither)
Briefly, this morning, I had the opposite effect happen to my Gmail inbox in which things that would normally land in the social and updates folders ended up in my primary folder. I don't know which I'd be more freaked out by: a broken Gmail spam filter or 18 inches of snow.
Concur, I've had Promotions land in my Primary inbox for at least a few hours.
It's a great reminder of how good this feature is that we take for granted. I think this outage has actually improved my appreciation for Gmail (a service I normally only complain about).
Seriously. I didn't even realize this was a wide issue, but I couldn't find a school enrolment email I was looking for this morning, and found it in the spam folder. The fact that I basically never have to do this is actually amazing.
I seem to be experiencing the opposite! Lots of spam flowing through.
I see nothing amiss on my oldest Gmail account. But then, I get probably <1 spam email a day on average, and even less legitimate mail, and even less that isn't an automatic notification of something or other that's already filtered and categorized by sender.
The promotions/updates/forums/etc classification is also down.
This has been “down” for me for a few months now, ever since Google tied this functionality to the same toggle that opts you in for using your email data for AI training. So now you can’t filter this stuff without also agreeing to a whole swath of unrelated and opt-ins.
Ive since gone on an unsubscribe campaign, and things seem bearable now.
Same. Can’t ignore the messages when they’re all in one place, which makes hitting unsubscribe easier.
> which makes hitting unsubscribe easier.
wow, you really do that? Doesn't that just prove that the email address is read by a human and then promoted for even further SPAM to be delivered?
The Promotions tab is for marketing from companies that generally respect unsubscribing, not out and out spam.
> Google tied this functionality to the same toggle that opts you in for using your email data for AI training
This never happened. It was a lie spread on Twitter. And now you are spreading it.
Yes, my Gmail inbox is full of regular senders being flagged as "possibly unsafe" and I need to click a button "Looks Safe" to accept them. They are not being spamboxed, but they are definitely flagged. Even official communications from the USPS!
The reason given is that "Gmail hasn't scanned this message", so I suppose the scanners are unavailable/disabled for the time being.
They should also be tagged as "Important" but they are not. I believe this is a heuristic-based designation, and it has not been working too great lately. My most important mail is coming through as "unimportant".
They are not being marked as "Suspicious" but they are showing an infobox that explains they could not be scanned at all.
You could click "Seems Safe" on these messages, but they are not scanned by Google, and they are simply adding a disclaimer that they currently can't vouch for the safety of a message that they couldn't scan. It seems to me that this is a prudent and helpful course of action.
Noticed it immediately. I get a lot more spam messages per day than I thought that I did.
Same here. Until recently I would get maybe 1-2 spams a month, and I just got 30 in the span of a few days.
They’re the very obvious, very obnoxious kind of spam, and Gmail still correctly sends them to the junk bin, so I wonder if they were shadowbanned before and Google simply decided to make the process more explicit (which I don’t hate on principle).
Either that or my address was scrapped from somewhere by a spam bot and the timing is coincidental.
Everybody gets way more spam than they realize because Google doesn't deliver it to the spam label. 99% of it is rejected at SMTP time.
My wife was complaining this morning that her "promotions" were not getting sorted correctly. She will be happy to know it is an actual issue.
Ah, this is why I've been receiving a bunch of very obvious spam/scam mails in my inbox.
I got a classic and obvious 419 scam email today. Kind of felt like I'd gone back to a simpler time.
Yeah my inbox looked like 2005 again—nothing but raw, unfiltered chaos.
I've had Stack Overflow's last newsletter of 2025 land in spam, which was strange because surely they didn't lose relevance that much yet, did they?
The only thing in my gmail spam box is some ad for a pirate tv streaming service that's probably a scam...
Ahh. Wok up to a follow up email an address already marked as spam so couldn't figure out what was going on.
Actually having the opposite problem, I'm getting 50+ emails that SHOULD be marked as spam.
I feel like things have been going on a little bit longer than this indicates.
they (gmail/google) must have added AI to the email server.
I have been receiving a large number of spam emails in my "Important and Unread" areas which is anomalous. I was wondering exactly why and this helps. thanks!
Is this why I keep getting ads in my Primary inbox?
Absolutely
Maybe Gmail knows something?
Any ideas on how to deal with stopping spam emails in general, scripts/tools etc?
I have an absurd and overwrought system involving Gmail, and client-side rspamd and SpamSieve on my Mac. Gmail is (was?) overly aggressive flagging things as spam, so I have the client-side Bayesian filter check Gmail’s spam folder and rescue good email, so long as rspamd also says it’s not phishing. And then add sender to a Gmail whitelisting rule. All rescued email is flagged such that if I later manually move any of it back to junk, it stays there as spam and updates the corpus.
I now never get good email in the spam folder, and never get undetected spam in the inbox, and very occasionally get a spam erroneously rescued, but still visually flagged as iffy-but-maybe-ham.
If Gmail has been lax at filtering spam lately, I haven’t noticed, but perhaps the Bayesian filter has been picking up the slack.
Multiple accounts as others have said. The most powerful is to switch to a provider that permits custom domains and allows you to construct topic specific wildcard addresses on the fly. These can't be flagged as invalid or stripped like Google '+' suffixes and when compromised, you can filter them into oblivion and move on to something else. You also get the bonus of having the entire namespace to yourself and can select short addresses.
Step zero. Never disclose your email address to anyone.
This is very easy and straightforward. I operate 6 Gmail accounts, and three are "alts" where I've basically never given the address out to anyone at all, and they receive zero spam, zero UCE, zero marketing emails.
Of course, on my "main" I've disclosed the address to many entities and I use it for sign-in and shipping and many things. And yes, I do receive spam and scam emails there, but wcyd?
I recently had a "role" Google account terminated because I was (paraphrasing) "violating Google policies" by having multiple accounts. I didn't know they were sticklers about that.
(I don't much care because the account was just used for interacting with somebody else's Google-hosted junk but, if I had been using it for something serious, I have probably been frustrated.)
There is no way, no possible way that Google prohibits the use of multiple accounts. They do not. They cannot. I just asked Gemini and I checked the actual TOS. It does not, in any way, prohibit these uses.
In fact, this is plainly evident by the way they give you tools to operate them in a systematic way. You can add multiple accounts to a single Android "user". You can add them to a single Google Chromebook account under one signed-in account. You can add multiple accounts separately to the same Chromebook.
You can add multiple accounts with the same names, the same birthdates, and the same Driver License. I've validated at least two YouTube channels by showing exactly the same ID.
Google did not terminate your account for the reason you state. You are not telling us all the background information.
Google may indeed terminate multiple accounts for the same person because of TOS violations. They will definitely link and associate your accounts, so making an "alt account" for misbehavior is not safe. If my "alt account" is compromised or violates TOS, then I can expect they will discipline all 6 equally, because they're all linked.
But operating multiple accounts is very explicitly supported by Google, and by Microsoft as well, I will say. I don't know about Apple. Facebook definitely prohibited this in the past, although you can maintain multiple "profiles" and "pages" that have unique settings and personalities.
I feel like an easier solution to having six different email addresses is to use Gmail aliases - I've caught a few less-than-honest companies either selling my email address, or been breached without disclosing such, simply by using an alias along the lines of '+service_name'. If any alias starts to receive spam you can setup rules to automatically delete everything that comes in with that. You also get the added benefit of significantly easier and more accurate search.
I don't think y'all understand why I have separate Google accounts.
I use them for different purposes. They are "role accounts" for projects I am doing, such as geneaology and astronomy.
In order to use YouTube sanely, and store different stuff in Drive, I separate them into unique accounts. I use those accounts for specific things, and my YouTube subscriptions, playlists, etc. are tailored for each role, for example.
This is not about email at all. Obviously, I can access all those email accounts through the one app on my smartphone or the one PWA on my Chromebook. They are easily manageable but separate.
I also run 3 Outlook/Microsoft accounts, and for the same reason. (One of them is my academic account from community college, and the other two are personal.)
I don't need to give out email addresses for the "role accounts" except where I "Sign In With Google" to various services. So I don't really send/receive email from them at all, except where I'm sharing links or documents with myself (the best way to do this cross-account is still by using email, oftentimes.)
I receive at least a dozen spam emails every day, sometimes as many as 60.
Rarely does more than one per day show up in my main inbox.
Why should I care who has my email address?
Well, spam is no big deal, and any scam that comes via email should not affect anyone who is educated and prepared for them.
Of course, with a well-known email address, you could run a higher risk of credential stuffing, and an account takeover by someone who hijacks your email account, and then pivots from there to taking other accounts.
But this seems to be a risk we all take: email addresses are meant to be shared, to be public, and to be well-known to anyone to correspond with us.
I will say that disclosing my email address to certain parties has had noticeable effects. For example, I used "MYADDRESS+Echovita@gmail.com" once, and only once. My godfather had passed away, and I ordered some flowers for his funeral. And I put that order through with that email address.
Well, Echovita themselves had a data breach shortly afterwards, and I was inundated with scam emails. Just all sorts of attackers and they were basically all using the same M.O. But they were readily identifiable because I had used that "+Echovita" to identify it uniquely. And they really haven't stopped coming in. It's been 5 years since that breach.
So yes, especially with untrusted parties, it may help to tag your email address. I don't worry about receiving spam anywhere. But like I said, since I've never ever disclosed the addresses of 2-3 of my "alt accounts" they simply never receive any mail at all, spam or no spam.
Spammers, if minorly sophisticated, can strip those identifiers,
so wildcard mail acceptance on servicename@customdomain.com takes the crown if you’re setting this up fresh!
I might be missing something, but if you’ve never given them out to anyone at all, then what’s the point?
I use Gmail since the beta (I got invite from a googler) and I don't remember when they began adding spam control but in my experience the GMail spam check works usually exceptionally well: I very rarely need to add a custom filter.
My email, over two decades+ (2004?), hasn't been in a many public leaks (only one on https://haveibeenpwned.com/ ) but obviously has made its way to various spammy actors but thankfully nearly everything is caught by GMail's spam filter.
If anything I'd say GMail's spam filter works too well: I get more legit emails in my spam folder than spam in my regular inbox. As in: one in a rare while vs about zero spam in my regular inbox.
Interesting, I’ve had a lot of emails lately flagged as “Promotions” even when they were not.
The weights in their filters are crowd-sourced, so the best thing you can do is mark them as not suspicious (if you are certain, of course).
FWIW, I am not seeing this. My Spam label contains just spam.
Finally, it would be good to know what you are observing. Are you seeing this as recipient or sender?
As a recipient.
- Emails are being aggressively marked as “suspicious” out of the blue (USPS, HR emails, system emails, promotional emails)
- Those emails are being regularly delayed by 7-10 minutes.
- Priority inbox rules seem reset
- “Never mark as spam” rules are seemingly not respected
Additional reports on reddit: https://www.reddit.com/r/GMail/comments/1qln9zp/gmail_not_fi...
There's your confirmation, then. It must be either a localized failure to some subgroup of users, or triggered by some combination of settings, if some people are seeing it and others are not.
Added: https://www.google.com/appsstatus/dashboard/incidents/NNnDkY...
It's been happening for about a month for me. I had to start monitoring spam because legit emails end up there. Funnily enough I started having the opposite problem too - plenty of obvious spam and phishing attempt ending up in my mailbox.
I had to make a bunch of filters on my side.
One more reason to migrate to Proton
Yep, getting this too.
I have seen a spam button show up I haven't seen in a long time.
It might be a new round of AI training featuring the labour of customers as free employees doing training. Every time we click, we consent to sharing private email data.
Two related issues not mentioned yet:
Its really slow. Too slow to use 2FA or in some cases, verify email addresses or recover passwords.
Most people can't handle a notification on their watch every minute, or several spam every five minutes, so "large numbers of people" are shutting off notifications on their phones. And human nature being what it is, they're not going to be turned back on again. So the era of getting a notification when you get an email is coming to a close. "Important Immediate Attention Stuff" moved to text messages a long time ago anyway, at least for me. The list of technologies you can no longer reach me on, always increases over time...
Now, what about the Messages app? Starting last December I started receiving 10 spam SMS messages a day. Previously it was maybe one per week.
Control your phone number better.
Only answer numbers you recognize, everyone else gets voicemail.
Cell phone spam is a 10 year+ old memory for me.
Good on Google for having clear and timely outage notifications even for a minor to moderate subservice like spam detection.
I don't understand why spam detection is so complicated. I can tell with high accuracy if an email is spam just by the subject line. I'd think even basic ML could do this very reliably you don't need a bleeding-edge LLM to do this.
Phishing is tricker because it can be very deceptive especially if you're being targeted specifically. But also usually pretty obvious.
ORLY?
* Are you available? * Paul, can we have a zoom meeting with you on Monday? * Assistance for donation * Greetings!!! * some ideas for you * Refund request * Somethings not working * Manuel Montoya for roof work contractor * proposals for print * Invite Connection
Half of the above are actual spam, half are not. Tell me which is which ...
You can tell from your subject lines.
You cannot 100% tell from others’ subject lines,
if you don’t know them personally.
They can tweak the subject to something not obviously spammy.
Obviousness in spam is a feature, they don't have to waste effort on people who know better.
This only applies to spam which requires significant follow-up effort from the spammer to respond to potential victims; effectively just 419 "advance-fee" fraud scams.
For spam which only does not require manual effort on the other side, there is no reason to filter out potential victims and all the more reason to make it look as legit as possible to maximize conversion rates.