> Saying that they're spam just because you've never received email from them would cause most people to be unable to find these confirmation messages.
It's not saying that they are spam. It's just saying that you never received a message from them. That account confirmation email you are expecting will be obviously marked, but that phishing email claiming to be from your bank will be marked too. You look at the mark and decide what to do.
Email clients probably don't do it because it is not as useful as it sounds. Impersonating email senders is not hard, so phishers will just do it.
> If the email address isn't priorly known, it shows the email address instead of the display name.
The only email client that I have ever seen doing that is the roundcube instance I configured on my VPS. I use several clients, nearly all of them either hide the sender address or decrease its relevance enough so that nobody sees them.
I'm in complete agreement with your comment about spam filtering. The only thing is that somehow, it feels like it worked better at the earlier 00's. Nowadays the training for your account will be dissolved in a huge set of unreleated data, so that anything specific for the spam you are receiving will never be reflected on the filter. That is both for marking things as spam and as not spam.
I get where both of you are coming from, but there is one UX part of this I've found that is hard to solve.
Inexperienced users want to be told what to do. You can't just throw information or warnings at them without giving them a way to act on it.
Combine that with the fact that if the users even read the warnings they are going to only read a sentence at most, or just the first option.
So when you show a warning like"you have never received email from this address before" users are going to ask what they should do. Is this dangerous? Did it come from my bank? I've had this bank for years! Does this mean the email is a hacker!?
If you say "it can be dangerous, but it also can be just a new email" that will be read as "yes this is dangerous" and now they will learn the hard way that it is safe, and your warnings will have less weight in the future (they were wrong about this being "a hacker" once, they might be wrong this time too!)
It's a really hard problem to solve, and the "easy way out" is to not show the information at all (no confusion if you just don't show it!) But that kind of just kicks the can to the user leaving them to determine if an email is "good" or "bad".
If impersonating senders was so easy, phishers would be doing it. Yes anyone can lie in the From header, but any sane mail system would reject it as unverified
It's not saying that they are spam. It's just saying that you never received a message from them. That account confirmation email you are expecting will be obviously marked, but that phishing email claiming to be from your bank will be marked too. You look at the mark and decide what to do.
Email clients probably don't do it because it is not as useful as it sounds. Impersonating email senders is not hard, so phishers will just do it.
> If the email address isn't priorly known, it shows the email address instead of the display name.
The only email client that I have ever seen doing that is the roundcube instance I configured on my VPS. I use several clients, nearly all of them either hide the sender address or decrease its relevance enough so that nobody sees them.
I'm in complete agreement with your comment about spam filtering. The only thing is that somehow, it feels like it worked better at the earlier 00's. Nowadays the training for your account will be dissolved in a huge set of unreleated data, so that anything specific for the spam you are receiving will never be reflected on the filter. That is both for marking things as spam and as not spam.