What Gmail, Yahoo!, AOL, and Hotmail Have in Common with the NSA

The National Security Administration and mailbox providers share a common charter to protect their installed customer base from outside, unwanted threats. What’s more interesting, is that their means of doing so are not hugely dissimilar.

The NSA relies on a science called signals intelligence. Basically, this is a method of gathering and analyzing aggregate signals, including communication and behaviors by and between people to determine some pattern that suggests a potential threat. This intelligence is often matched to profiles of individuals or groups of individuals to determine an actual threat probability.

Similarly, many larger mailbox providers such as Gmail, Yahoo!, AOL, and Hotmail look at and analyze aggregate signals to assign some probability that incoming mail could be a threat: spam, phishing, or spoofing. In these cases, the mailbox provider may look at obvious signals like users flagging mail as spam (This is Spam = TIS signals) or the alternative, moving messages from their spam folder into their inbox (This is Not Spam = TINS signals).

Beyond the obvious, they may factor several other signals into their determination of what is or isn’t a threat, including mail being deleted without having been read, mail being forwarded to a friend, or the aggregate read rates by sender. All of these behavioral signals are assessed in the context of sender profile signals like IP address sending permanence, list hygiene indicators (unknown user rates, spam trap hits), and content risks (bad or suspicious links, poorly rendering HTML, etc.) to determine whether the mail should safely pass through to their subscriber base, or whether the threat should be interrupted at the gateway (filtered to the spam/junk folder or blocked entirely).


Luckily for players in the bulk email world, the allowable thresholds for these signals are not top secret. By having continual access to mailbox performance for over two thousand senders, Return Path has been able to observe the correlation between the rates at which these signals present for any given sender, and the rate at which mail gets delivered to the inbox for the same.

In aggregate, this intelligence powers Return Path’s Inbox Optimizers, which allow email marketers to zero in on where their own mail may be pushing the limit on tolerable thresholds, even as the thresholds dynamically adapt to the email community’s appetite for bulk mail, and as the mailbox providers evolve their filtering methodologies. For more details on how mailbox providers use both engagement and reputation signals to guide their filtering, see this recent article.

And you thought this was going to be about how Gmail, Yahoo!, AOL, and Hotmail spied on personal email communication! As interesting as that may be, they’ve got big enough fish to fry just trying to keep their users safe from unwanted mail, and happy receiving what does arrive in their inboxes.

minute read

Popular stories



BriteVerify email verification ensures that an email address actually exists in real-time


The #1 global data quality tool used by thousands of Salesforce admins


Insights and deliverability guidance from the only all-in-one email marketing solution

GridBuddy Cloud

Transform how you interact with your data through the versatility of grids.

Return Path

World-class deliverability applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality


Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time