What’s up with Yahoo Mail’s spam filter?

  • Article

What’s wrong with Yahoo Mail’s spam filter recently?  The company has gone through CEO after CEO after CEO… maybe that has demoralized the antispam guys so much that they’ve left the company?

I ask because I recently checked my Yahoo Mail account, something I don’t do very often.  I then looked into my Amazon subfolder, something I do even more rarely (once or twice per year).  What do I see?  A ton of spam from Amazon:

image

These are not real Amazon emails, of course, they are spoofed messages that are delivered to my inbox.  You can see on Nov 15, 2011, I changed my Amazon email settings and now those mails go to another email account.

But starting May 1, I’ve gotten a fake email from Amazon into my account every single day.  I looked into my spam folder and I don’t see any Amazon mails in there although my junk mail only goes back a week.  Still, the fact that Yahoo is not catching these Amazon spoofs and that they suddenly started showing up in May is odd.

I don’t have Amazon safe-sendered, I have changed no settings.  I guess Yahoo Mail just has problems with spoofs “from” Amazon.

I took a peek at the headers and the message is from someone at capecod.com which does not publish an SPF record.  Thus, this standard spoof is something that skips the SPF check but still fools the user because the From: address the user sees is something that they trust. 

This is something that SenderID could address, or DMARC, or our very own From Address Authentication.