50% of spam come from a valid gmail account, as in, using gmail smtp server, come from gmail origin(.google.com reverse dns) have valid DKIM. The only way to filter out spam is look at the content and run some simple ML on it.
50% of spam come from non .com TLDs such as .cam .work from random servers around the world: China, Bulgari, Hungari, France, Germany...
But it's very easy to block other TLDs because their IP are on DNSBL already. But what can I do with gmail? Gmail IP get on DNSBL all the time.
Example: 209.85.222.196 is listed right now on spam.dnsbl.sorbs.net and ips.backscatterer.org
But at the same time, this is just the nature of an email service. If we have a large user base then no matter what we do, a small percentage of users are abuser which are successfully to send out spam using our services before we can detect and ban them.
On AWS SES, they requires user to keep a reputation of less than 0.1% emails flagged as spam. Go over than that and you will be put on a review queue. Reach 5% and get banned permanently.
But before that occurs, spam are send out already.
50% of spam come from a valid gmail account, as in, using gmail smtp server, come from gmail origin(.google.com reverse dns) have valid DKIM. The only way to filter out spam is look at the content and run some simple ML on it.
50% of spam come from non .com TLDs such as .cam .work from random servers around the world: China, Bulgari, Hungari, France, Germany...
But it's very easy to block other TLDs because their IP are on DNSBL already. But what can I do with gmail? Gmail IP get on DNSBL all the time.
Example: 209.85.222.196 is listed right now on spam.dnsbl.sorbs.net and ips.backscatterer.org
But at the same time, this is just the nature of an email service. If we have a large user base then no matter what we do, a small percentage of users are abuser which are successfully to send out spam using our services before we can detect and ban them.
On AWS SES, they requires user to keep a reputation of less than 0.1% emails flagged as spam. Go over than that and you will be put on a review queue. Reach 5% and get banned permanently.
But before that occurs, spam are send out already.