While the marketing world was still reeling from the Salesforce “Great Reset,” the 1.8 billion users of Gmail woke up on Saturday, January 24, to a different kind of disaster. For nearly five hours, the most sophisticated spam-fighting engine on the planet didn’t just fail, it actively inverted the digital order.
The trouble began at 5:00 AM PST. Suddenly, the “Tabbed Inbox” – the invisible wall that has kept the Primary inbox clean since 2013 – ceased to exist. Users reported a deluge of promotional noise, social updates, and legitimate junk sailing past defenses and landing directly in the Primary tab. But the “annoyance” of a cluttered inbox was only the surface.
The Missing Scan
The real panic started when legitimate emails, the ones that did make it through began appearing with a massive, terrifying red banner. The warning was blunt: “Be careful with this message. Gmail hasn’t scanned this message for spam, unverified senders, or harmful software.”
This wasn’t a standard “this looks like phishing” alert. It was a admission of total system failure. Google’s scanning engine (RETVec and the associated AI classifiers) had essentially “failed open.” Because the system couldn’t verify the safety of incoming mail, it simply tagged everything with a scarlet letter and dumped it on the user to figure out.
The Salesforce Crossfire
This is where the Google and Salesforce incidents collided with devastating precision. As we’ve seen, the new Salesforce AES-GCM encryption more than doubled the length of tracking URLs. To a paranoid, malfunctioning security filter, a 500-character encrypted string looks exactly like a malware delivery vector.
For many SFMC senders, the weekend was a “Reputation Death Loop.” Legitimate business emails—already long and complex, were hit with Google’s red warning banners. Users, conditioned to trust Gmail’s safety alerts, hit the “Report Spam” button in record numbers. This feedback loop told Google’s recovering AI that these brands were dangerous, tanking deliverability reputations that had taken years to build.
Editor’s Note: While Google and Salesforce are treating these as distinct incidents, I am not entirely convinced they are unrelated. Modern email filtering is a high-speed game of pattern recognition. On Friday, Salesforce “nuked” billions of unsubscribe links. By Saturday, Gmail’s AI was being pounded by a tsunami of emails that—from its perspective—looked broken, suspicious, and suddenly un-opt-outable.
When you “fry” the feedback loop (the unsubscribe link), you break the AI’s primary signal for legitimacy. It’s highly probable that the sheer volume of “broken” traffic from Salesforce senders acted as a Distributed Denial of Service (DDoS) on Gmail’s heuristic brain, forcing it into the hyper-sensitive, “Red Banner” fail-state we saw on Saturday. In short: Salesforce broke the links, and Gmail’s AI lost its mind trying to figure out why.
The Cleanup and the Fallout
Google acknowledged the issue on the Workspace Status Dashboard at 9:30 AM PST and claimed a resolution by 9:55 AM. Five hours of “inbox armageddon” was all it took to undo a decade of user trust.
While the filters are back online, the residual effects linger. Google warned that “misclassified spam warnings may persist for existing messages,” meaning that any email sent during that window is effectively a landmine waiting in your customer’s archive.
The lesson from this weekend is clear: our entire communication infrastructure relies on opaque, AI-driven filters that we don’t control. When those filters fail, they don’t just stop working, they turn on us.
More details from the source: https://www.google.com/appsstatus/dashboard/incidents/NNnDkY9CJ36annsfytjQ
