I sat down three weekends in a row to clean out my personal Gmail.
The first two weekends I did what most people do. I opened the “free inbox cleaner” tab everyone keeps tweeting about, read the OAuth consent screen — Read, compose, send, and permanently delete all your email from Gmail — closed the tab, and went back to scrolling. The cost felt wrong for a job I’d only run once.
The third weekend I wrote my own script. Survey-only, read-only, runs under my own Google account, no tokens ever leave my laptop. The actual cleanup, once I had a plan, took less than half an hour: I cleared 80,675 messages older than a year, archived another 14,000-odd, and built three filters that have kept the backlog at zero ever since.
This is what I learned about doing it without handing a stranger the keys to my mailbox.
The OAuth scope problem nobody wants to say out loud
A free email cleanup app is not, in fact, free.
When you click “Sign in with Google” and the consent screen asks for https://mail.google.com/ — that’s the all-of-Gmail scope. It’s not “look at counts.” It’s not “look at senders.” It’s read every message, write every message, delete every message, send mail as you to anyone. There is no narrower scope that lets a third-party app do bulk cleanup the way most of these tools do it.
A few honest consequences of granting that scope:
- The app’s server can read message bodies, attachments, contacts, calendar invites, and 2FA codes at any time it holds a valid token. Most don’t advertise doing that. The capability exists either way.
- OAuth refresh tokens last for months by default. Removing the app from your Google account dashboard revokes new tokens, not stored ones. If the vendor’s database was already scraped, the bird has flown.
- You are now an upstream dependency of every breach that vendor will ever have. The 2014–2024 history of mailbox-OAuth apps is not encouraging on that point — look up any of the big-name “smart inbox” companies and you’ll find at least one incident.
This isn’t a hit piece on any specific tool. I won’t name any. The economics of “free, ad-funded inbox cleaner with full mailbox OAuth” are the same regardless of who’s running it. The product is the inbox.
For a recurring assistant you trust — a calendar app, a CRM you live in — that scope is sometimes a fair trade. For a one-time cleanup, it isn’t. The right tool for a one-time job is one that doesn’t outlive the job.
Survey-then-Delete: the methodology
Here’s the method that actually worked. I call it Survey-then-Delete because reversing those two words is what causes most cleanups to fail halfway.
- Survey, counts only. Don’t look at bodies. Don’t look at subjects. Don’t even pull message IDs. Just ask Gmail “how many messages match this query?” for a handful of useful queries — top senders, age cohorts, attachment sizes.
- Identify the top 12 senders by volume. In every five-figure mailbox I’ve audited, fewer than 15 senders account for 40–70% of the noise. This is universal.
- Filter the recurring inbound first. For each of those senders, build a Gmail filter that skips the inbox, marks as read, and “Also apply filter to existing matching conversations.” That single checkbox is where most manual cleanups stall.
- Bulk delete by sender and age cohort, not by clicking individual messages. Use Gmail’s
from:andolder_than:operators. The 30-day Trash window is your safety net — anything you delete is recoverable for 30 days. - Run two maintenance filters so you never have to do this again.
Notice what’s not on the list: no mailbox migration, no archive-everything panic, no “select all 80,000 and pray.” You don’t even need to know which individual messages you’re deleting. You’re operating on counts and senders, like a sysadmin culling logs, not on individual emails.
That’s the whole product worldview. Cleanup is a one-time cohort operation, and a third-party app with permanent mailbox access is overkill for it.
What the survey actually looks like
The survey step is the part the script does. It calls the Gmail API under your own OAuth — read-only scope, gmail.metadata plus gmail.readonly for counts — and writes a single survey.json to your laptop. No message bodies, no subjects, no message IDs. Just counts.
Here’s a redacted version of what one row looks like, the way the script renders it so you can read it before deciding anything:
sender count oldest recommended action
─────────────────────────────────────────────────────────────────────────────────────
news@<redacted-saas>.com 11,842 2017-03-12 filter+delete (>1y)
deals@<redacted-airline>.com 7,901 2014-08-19 filter+delete (>1y)
updates@<redacted-network>.com 5,617 2016-01-08 filter+delete (>1y)
no-reply@<redacted-bank>.com 3,402 2018-04-22 filter only (keep — statements)
receipts@<redacted-cart>.com 2,883 2019-06-30 filter only (keep — receipts)
hello@<redacted-newsletter> 2,114 2020-11-04 filter+delete (>2y)
… 6 more rows …
─────────────────────────────────────────────────────────────────────────────────────
top 12 senders 51,883 covers 64.3% of unread >1y
That’s the whole output. Four columns, twelve rows, one summary line. With that table you can decide, in 90 seconds, which senders you want to filter and delete (most of them), which you want to filter only (anything with statements, receipts, security alerts), and which you want to leave alone (the 30%-ish tail of senders you might still care about).
The actual deletion is a second pass — different command, explicit confirmation, dry-run by default. You read the count, you say yes, Gmail moves the cohort to Trash, the 30-day undo window protects you.
Safety properties, in plain English
This is the bit I want to be very precise about, because “we never see your mail” is something every cleaner says, and most of them are stretching.
- Read-only OAuth at survey time. The survey command requests
gmail.metadata+gmail.readonly. Those scopes cannot delete, send, or modify mail. Google enforces this at the API edge; it’s not a promise, it’s a permission. - Deletion runs under a separate, on-demand
gmail.modifyscope that you grant only when you actually want to delete, and revoke from your Google account afterwards in one click. The script doesn’t ask formail.google.com/(the all-powerful scope) — ever. - The OAuth client is yours. You create the Google Cloud project in your own account, paste the client ID and secret into a config file on your laptop. The tokens are written to a file in your home directory with
0600permissions. They never touch our infrastructure. I literally cannot read your mail; the credentials only exist on your machine. - The Enterprise tier sidesteps the same problem differently: your IT admin publishes the script as an Internal app inside your Google Cloud organization, which means it’s exempt from Google’s app verification process and the 100-user cap, but also that there’s no “third-party app” to revoke — the script runs as you, on your own org’s Cloud project.
If you’re the kind of person who reads OAuth scope strings before clicking through them — same — that’s the design.
The three ways to do this
Pick the one that matches how much DIY you want to wrangle.
$19 — Inbox Cleanup Pack (DIY). Get it on Gumroad → Pay-what-you-want, $9 floor. The same shell script I used (read-only survey + opt-in deletion), the Gmail filter templates, the exact cohort-by-cohort cleanup order, and the printable Markdown playbook. You run everything on your own laptop under your own Google Cloud OAuth client. No third-party permissions added to your account.
$79 — Inbox Cleanup QuickCheck (we write the plan). Buy on Stripe → You run the same survey script. You send me the survey.json file (counts only — no message bodies, no subjects, no IDs). I send back a written, prioritized cleanup plan tailored to your top senders, your age cohorts, and your tolerance for “delete vs archive.” Delivered within 24 hours, plus one async clarification pass within 14 days — up to 30 minutes’ worth of follow-up questions over email at support@richgibbs.dev.
$499 — Inbox Cleanup Enterprise (up to 10 Workspace mailboxes). Buy on Stripe → For pre-migration or pre-acquisition cleanups across a small team — typically a 2-to-10-person Google Workspace org. Your IT admin publishes our script as an Internal app under your own Cloud project (no third-party verification, no app-store entry, no shared tokens). You run the survey across up to 10 mailboxes, send the merged survey.json, and we write a per-mailbox plan plus the cross-mailbox patterns (shared newsletters worth bulk-filtering across the org, etc.). 5 business day SLA, one async clarification pass within 14 days — up to 30 minutes’ worth of follow-up questions, via email to support@richgibbs.dev. More details on the Inbox Cleanup service page.
All three deliverables are async-only. Email is the only follow-up channel.
Related reading
If you came in through the deliverability rabbit-hole — receipts going to spam, password resets vanishing — the inbox problem is downstream of the outbox problem, and both are fixable in one sitting:
- SPF, DKIM, DMARC for indie founders: the 20-minute checklist — the matching DNS-side hygiene pass for your sending domain.
- Cloudflare Email Routing for indie founders: the 10-minute support@ setup — if you don’t even have a
support@yourdomain.comyet, start here before you do anything else.
The short version
- The “free inbox cleaner” model is a scope-creep trap for a job that runs once.
- Survey-then-Delete: count first, identify the top 12 senders, filter the inbound, then bulk-delete by sender and age cohort.
- Read-only OAuth at survey time; on-demand
gmail.modifyonly when you’re actually deleting; tokens live on your laptop, not ours. - $19 if you want to run it yourself. $79 if you want me to write the cleanup plan. $499 if you need to do it across a small Workspace team without exposing tokens to a third party.
The 30-day Trash window is your safety net. So is reading the OAuth scope string before you click “Allow.”
— Rich
Tuck Sentinel — independent. Not affiliated with, endorsed by, or certified by Google, Yahoo, Microsoft, AWS, Cloudflare, Stripe, Tally, or any email or cloud provider.