One Third of Email Now Spam 431
Himanshu writes "The volume of spam received by business has doubled over the last two years and it's going to get worse.
Analysts IDC reckons that spam represented 32 per cent of all email sent on an average day in North America in 2003, doubling from 2001. That figure is less than the 50 per cent or more junk mail statistic commonly cited by email-filtering firms like MessageLabs and Brightmail but it still represents a serious problem,"
Oh no! (Score:5, Funny)
Re:Oh no! (Score:5, Funny)
> of my e-mails are spam... Nobody loves me.
Post your email address to slashdot, and we will all send you friendly emails.
Re:Oh no! (Score:2)
Post it to a newsgroup, and you'll get a LOT.
Maybe it's 1/3 by number of pieces, but in terms of actual volume, it's gotta be more than 90% (executables take up a LOT more space than legit emails, in my experience).
I use KMails' "create filter" function to send them to the trash automatically - it's really easy to create rules that work.
Mind you, I kind of wonder how stupid spammers are when they keep sending me "Critical
Re:Oh no! (Score:5, Funny)
I know when I spam I always check with each person I'm going to spam that the spam I am going to spam them with is full of spam pertains to products they would like to be spammed about.
Re:Oh no! (Score:4, Interesting)
Mind you, that would require too much work for their pea brains.
I do have another solution, though. Since I control the mail server user accounts where I work, I can just create a new email account every week and invalidate the old one. Or create an email account just for usenet postings :-)
Re:Oh no! (Score:3, Insightful)
What would be better about their results?
It currently costs them nearly nothing to send millions of emails to blind lists of emails and random names at random domain names.
How would spending time and effort trying to do anything sensible with that list get "better results" for a spammer?
As much as we hate it, they are behaving in the mos
Re:Oh no! (Score:3, Insightful)
Fewer complaints, and far less likely that they would end up in court for spamming.
Seriously, if spammers had any foresight, they would at least try to target interested people. They would honor unsubscribes. They would put legitimate info in their header.
None of that would make it acceptable to me, of course, but if most spammers did that, congress wouldn't be passing laws about spam, and far fewer people would complain about it.
As they are doing it (the
Re:Oh no! (Score:4, Interesting)
They are anonymous. All the information is forged. They never hear the complaints.
> far less likely that they would end up in court for spamming.
Court where? in China? in Russia? Who do they send the supoena to? See above.
> they would at least try to target interested people. They would honor unsubscribes. They would put legitimate info in their header.
Why? What would they gain by going to these difficult lengths? It doesn't cost them anything more to target EVERYONE. The interested people get the spam.
> None of that would make it acceptable to me,
Me neither. I hate them. I hate my overflowing mailbox. But I am pointing out the realities of the situation.
> if most spammers did that, congress wouldn't be passing laws about spam, and far fewer people would complain about it.
They don't care. The laws and the complaints don't affect them.
> they are forcing people to get decent spam filters
Now THIS is true. Our filters are getting better, which cuts down their audience. But of course they are in this for the quick buck and their business has no happy medium with "considerate marketing". But of course their profits trickle down to hackers for hire who keep sneaking through the spam filters.
> they get a lot of complaints.
No they don't. Lots of people are complaining. It's not the same thing.
Re:Oh no! (Score:4, Insightful)
SPAM isn't "any unwanted email"
it's UCE.
Unwanted email is probably already outnumbering wanted email. But viruses are ALREADY illegal, so fudging them in with the spam, reduces the credibility of those who complain about spam, in lawmaker's eyes, who associate people who don't like spam with whiney people with no sense of discernment.
The article is about spam, which is probably reducing its "inbox percentage of total emails received"(for people who don't have gateway-level virus filters) and increasing it's "inbox percentage"(for people who block those at the gateway level, and never see the viruses).
Lumping our enemies together is great, as long as you like them outnumbering us, a faceless myriad of enemies. If you want to fight them, we gotta categorize them, unanonymize them, and take em out, one at a time.
--
I still remember the internet before spam
It was idyllic
Re:Oh no! (Score:4, Insightful)
Re:Oh no! (Score:2)
Man I could only wish for 1 legit email out of 10. I am more in the 1 out of 100 range.
And one third of Slashdot posts are First Post (Score:5, Funny)
Comment removed (Score:5, Informative)
Re:Oh no! (Score:5, Informative)
I get tons. 1 in 3 ha! (Score:5, Interesting)
Comment removed (Score:4, Informative)
Re:I get tons. 1 in 3 ha! (Score:5, Interesting)
After I deleted them all, I checked every couple of minutes to see them pouring in at nearly two copies per second. Fortunately my ISP was able to block them after I notified them, but who knows how many legitimate mails were bounced while my account was full.
It's bad enough to get spam, but to have a spammer stuck in an infinite loop on your account is really nasty.
Re:I get tons. 1 in 3 ha! (Score:5, Insightful)
Note that the analysis says that 1/3 of all email sent is spam. This can easily be coincide with many users receiving lots more spam than this.
For instance, there might be many users which receive a larger slice of the other, legitimate 2/3, thus making up for those who receive less of it.
How to you do... (Score:3, Funny)
I tried to get as much spam as possible in order to test spamassassin. I posted my email address on usenet and on all porn sites i've found. I have also tried installing spyware and toolbars. Internet explorer now crash on all sites but no spam so far.
Now, i resort to post my address on slashdot
sm@bigserver.hopto.org
Re:How to you do... (Score:4, Funny)
1) post your email address on a web page that is not robot protected from web crawlers
2) post your email address on Usenet
3) respond to a few of the "email us to be taken off this mailing list" spams
I'd bet using these three alone you can hit several hundred a day. Good luck.
OKay then (Score:5, Funny)
Only 32%? ? ? (Score:5, Informative)
From the logs of our anti-spam appliance [barracudanetworks.com], over the last six weeks or so:
That's right, about 96% of our email is spam, viruses, or otherwise ungood.I'd be delighted if the spam dropped off so it were only 32% of our mail. Think of all the things I could do with that extra bandwidth...
In fairness, the study says they were looking at businesses, and this is at a small ISP, mostly residential customers. But it's a good number to chew on nonetheless.
Re:Only 32%? ? ? (Score:2)
Same here. At least now I know that I'm doing some good in this world, because if I'm getting 99% spam, that means I'm siphoning it off from a bunch of other people who are subsequently getting a lot less.
Re:Only 32%? ? ? (Score:2)
Re:Only 32%? ? ? (Score:5, Interesting)
I've got spamassassin installed, and it does a good job. One thing from the article that reinforces something that I've been thinking about implementing is reducing the time spent dealing with spam. Since I have a good spam filter, I was thinking of deleting the obvious spam, and then delaying the more questionable spam to be spooled until one time a day and then put in the users' mailboxes at one time. That way the user would only have to go through the scan the inbox and delete spam once a day instead of incrementally throughout the day. This will also reduce the "You've go new mail" at all if the only new mail is spam or possibly spam. The only false positives that I've seen have been solicited mass mails like newsletters, and sometimes a mail in the spamassassin mailinglist will get flagged as spam for obvious reasons. Having these false positives mailed with the other questionable spam with a delay would not be a problem.
Well, in that case, (Score:5, Funny)
Almost there... (Score:5, Funny)
... another 2/3 to go then our job is done.
Sanford Wallace
Bah. (Score:5, Insightful)
Re:Bah. (Score:3, Insightful)
Same here -- I've had my domain name for about 4-5 years now, and while it wasn't bad for a long time because I was careful to always muddle up my address, at some point this year my address got on some big spammer's lists and that was it. My catchall default account for non-existent addresses and the "default" address gets around 300 pieces of junk mail a day, and that's constantly increasing, and SpamAssassin catches another 300-500 a day over and above that. It's awful. When I first installed SpamAssassi
Re:Bah. (Score:5, Informative)
Filtering is removing about 97% of the spam, but even after filtering, I'm getting more spam than real mail.
Most of the spam seems to be selling prescription drugs. It's clear the Bush Administration doesn't want to do anything about this; there's plenty of authority for stopping illegal sales of prescription drugs on-line. Prescription drugs are traceable, after all.
I would believe (Score:3, Interesting)
Re:I would believe (Score:3, Insightful)
So what? (Score:2, Insightful)
Wow! It's down to 1/3? (Score:5, Funny)
600,426,974,379,824,381,952 ways to spell Viagra (Score:5, Funny)
http://cockeyed.com/lessons/viagra/viagra.html
Re:600,426,974,379,824,381,952 ways to spell Viagr (Score:5, Funny)
From: my@email.com
To: spammer@email.com
Subject: Order req'uest for >X<@n4x and V1agro! fxfj aspll cps
Dea'r Si:rs,
I w.ould l1ke t0 pl@ce 4n 0rder for tw0 p.ortions of Xa:n:aX' and v_i_a_g_r_a. P13aS.e sh1p im:medi`ate1y, 1 h@ve an><1ety and ne:ed a -bo-ner-
Y0urs s.incerel'y
S@vvy 1nvest0r
akdf k- dfks. dfk v9iew casoji ropdfk hork
aso, ckdo ofgkf opwerk- mmos odkaok s
w eofk, eoro gksod bz o-
1/3 seems very low (Score:5, Funny)
Those darn jokes (Score:3, Insightful)
Re:1/3 seems very low (Score:3, Funny)
You may laugh at this, but if you forward some of that spam to at least 10 friends, Bill Gates will send you a check for $284 dollars. I know, a friend of mine (who is a doctor!) recently received a check for $890,642! And he also knows this prince in Nigeria who is going to help him get some more...
*sigh*
I feel bad for kill-filtering my mom, but.. what can you do?
For Our CEO it's more like 98 out of 100... (Score:3, Interesting)
Anyone know a good challenge/response program that works with Exchange? (And before you suggest a free alternative, he refuses to migrate, so I have to work with what he wants.)
Re:For Our CEO it's more like 98 out of 100... (Score:5, Funny)
Re:For Our CEO it's more like 98 out of 100... (Score:5, Informative)
Stick a mail proxy between the internet and Exchange, that way he still gets to keep using Exchange, and you have a simple proxying machine that can do arbitary scanning and filtering.
You can scan all incoming mail with spamassissin and clamav before it reaches exchange, bounce or drop bad mail and forward "passed" mail into the Exchange server
You could also hookup a challenge response script there too.
I do the same thing for a company mail server running Lotus Notes.
Re:For Our CEO it's more like 98 out of 100... (Score:4, Informative)
Mailwasher [mailwasher.net] - Not a challenge/response like you asked for, but allows you to send bounces back to spam, and delete them off of the server before you donwload them. Can tie into SpamHaus and such.
ChoiceMail [digiportal.com] - Challenge response, both single user and enterprise are available. Single user sits on local machine, enterprise ties into Exchange. Can quickly add anyone in your Outlook contact list to the whitelist, and anyone you send an e-mail to can be set to be whitelisted. The challenge message can be customized. Biggest problem with the bounce (at least in my testing) is that the challenge gets rated as spam by my filters. I'm sure if the challenge was tuned up it wouldn't be that big of a problem. And they have a free trial so you can test it for 14 days
Nephilium
So bad my spam filters are too strong (Score:5, Funny)
Because of the extreme amount of spam that I get, my Bayesian spam filters are pretty strict. I lose valid email all the time!!!
Why just this morning, I came in and was going through my spam folder, and found that my good friend Gooshot Moneyface has been trying to get in touch with me! I was wondering why I hadn't heard from her for so long.
Even more (Score:3, Informative)
Virus sent spam (Score:5, Interesting)
expect more of it (Score:5, Interesting)
As more spam gets sent, the rate of response to spam will decrease. Which means spammers have to send EVEN MORE spam emails to get the same return on investment that they did a few weeks before.
I'm surprised it took this long for the ratio of spam to real to reach the level it has.
One third! ONE THIRD!! Gawwd you're lucky (Score:2)
They must think the sun shines right out of your arse, sonny!
I'd love to only get 1/3 of MY mail as spam
Ooh ooh ooh, my idea of heaven is to only get 1/3 of MY mail as spam
What I wouldn't give to have only 1/3 spam.
Nail them up I say!
(With apologies to MP
Simon.
Better? (Score:5, Interesting)
I doubt it.
-Colin [colingregorypalmer.net]
I don't get some of them (Score:4, Funny)
But the ones I really don't understand are the "stop spam with this email!" It's like the phone company selling you caller-ID systems that block unlisted or telemarketers numbers - then sell the telemarketers systems to get through those.
That would never happen, right?
Re:I don't get some of them (Score:4, Funny)
Please stop measuring your son's penis.
Regards,
Child Protective Services
Re:I don't get some of them (Score:2)
Perhaps all the other 2-year-olds are the ones ordering the penis enlargement pills. You'd better get your kid some too, so he can, um, keep up.
;)
Re:I don't get some of them (Score:4, Funny)
Re:I don't get some of them (Score:3, Funny)
compared with snail mail? (Score:4, Interesting)
Re:compared with snail mail? (Score:5, Funny)
Pretty well. I get nearly 100% spam in my snail mail box. Marked with things like 'Past Due', 'Gomer's Collection Agency', 'We Know Where You Live'. I just chuck it all in the trash.
I wish for 1/3 (Score:2)
Oh I wish I only 1/3 of my email spam..
My big money-making idea (Score:3, Interesting)
Run an Internet backbone that lets all traffic through except for mail. Nope, sorry, we can't transfer mail packets over. You'll have to use some other company.
Okay, so it won't make me tons of money, but think of how stress-free the support staff will be. Or maybe not.
Comment removed (Score:3, Informative)
Re:Not True (Score:2)
From si20.com: [si20.com]
Newsflash: Spammer's fake the return address! ... So by using authentication you're just pushi
Re: (Score:2, Informative)
Thanks to previous raves about Mozilla (Score:5, Informative)
I heard about it here on /. and installed it the same day. At first it marked ALL my mail as spam because I'm on a few list servers, but the adaptive learning function of it is getting much better. After I "unlearned" my list mails as spam, it'd still let about 60% of spam through. Now it gets about 40 out of the 42 spams I get a day. I don't mind deleting two (or hitting "j" for junk), and recent searches through the junk folder show no false positives.
Check it out...
RE: Make millions with a better spam filter? (Score:2, Interesting)
Yes, yes, I know about baysian filters etc, but no current solution is near 99.9% perfect.
I presume the problem is that a solution requires cooperation among a lot of people (ISPs, advertisers, users) who are not naturally likely to work together, and for whom as individuals there is not a significant gain from blocki
News? (Score:4, Insightful)
See
Happy Spamiversary! [slashdot.org]
Celebrating Spam's Ten-Year Anniversary [slashdot.org]
U.S. is World Leader in Spam [slashdot.org]
This is by no means a good list of all the spam stories that have hit slashdot, just a list of the ones that seem to have no point, are glaringly obvoius, or are redundant.
Thank goodness for filters, BUT... (Score:5, Insightful)
So what if I don't have to see the mail? That doesn't mean my mailserver isn't using cycles to talk to some originating server, transfer, store and eventually delete that spam. The only saving grace is I don't have to pay for bandwidth on a usage basis (cable modem is still, happily, "flat rate").
But what happens if that volume gets to be high enough that it starts to affect my ability to use the bandwidth for other things?
What we have available are basically work-arounds; we need a concrete solution that addresses the basic problem.
So what is the problem? People soliciting without you opting in? Deceitful mail designed to make you open it thinking it is from a friend? The sheer volume?
The real problem is we haven't found an effective way to trace this crap back to the people supposedly "making money" with these schemes.
Solve *that* issue... put a name, address, and bank account to that spam, and we'll clean this stuff up in a hurry!
I get no spam (Score:2)
96% at home (Score:2)
New Spam Filter (Score:5, Funny)
Huh? 32% vs 50%? (Score:2)
How to eliminate spam (Score:4, Interesting)
Internet providers need to configure their mailservers to accept e-mail from authenticated servers and hosts only.
Finally, digitally-signed messages should become the norm, not the exception, where it's easy for Joe Newbie to check the signature against known databases.
where do they get their numbers... (Score:2, Informative)
Changing "block" lists to "allow" lists (Score:3, Interesting)
I don't claim to know everything, but this seems a bit far-fetched to me. Not to mention crippling a technology that has the potential to be an effective collaboration tool. I'd be interested to hear what you folks think, though.
Re:Changing "block" lists to "allow" lists (Score:3, Insightful)
Volume...received by BUSINESS (Score:2, Interesting)
I wouldn't know... (Score:3, Informative)
My mail provider is Yahoo. Boo all you want but I do have to say that Yahoo does a superb job in spam filtering. It is a very rare spam that gets past their filtering. I have quit looking at my bulk mail folder when on the webmail interface anymore because I have seen virtually no false positives there either.
On my home systems I NEVER see the spam at all. I have postfix, procmail, and spamassassin setup to handle it and handle it they do. First off, procmail directs ANY email that has the Yahoo X-filtered-bulk header in it to /dev/null. Anything that gets past this is handled by one of several handy procmail recipes and gets /dev/nulled. Anything that gets past that is handled by spamassassin and gets /dev/nulled. I might see 1 or 2 spams a month, TOPS, that manage to run the entire gauntlet...but then doing "sa-learn" on it brings those particular guys to the /dev/null world.
My wife gets dozens of spams a day at her job, where the network nazis require her to use outlook and wont allow her to install any personal filtering software ala spamassassin. They tell her "Sorry, we feel your pain but we are doing our 'best' to handle spam..." I encourage her to get a laptop to take to work upon which I would install linux for her AND set it up so that she rarely ever gets any spams ever again. When she gets tired of penis enlargement or breast enlargement messages to delete she may take me up on the offer.
On spam filtering, does Snotmail not do something similar to Yahoo with its bulkmail/spam filtering?
My tool (Score:5, Interesting)
It does eight (yes, eight) tests on the subjects of every message. I havent even added body checking yet, and it catches most spam. I even tried replacing these 8 tests with the SpamAssassin engine [spamassassin.org] and found that it was less good at detecting spam mails. The tests are so simple:
The blacklist is checked after first collapsing spaced-out words like "V I A G R A" and removing the above-mentioned obvious obfuscation. It's regex-based and contains the typical stuff like "meds" "medication" etc, but also a test for a subject that ends in 3 or more spaces followed by a string of random consonants.
When it detects SPAM, it simply changes the subject line to indicate that the message is spam.
In addition to spam-checking, it also removes all HTML mark-up (removes the tags leaving plaintext behind), deciphers MIMEd messages and recompiles them into multipart/mixed format (so images etc. are attachments) and renames many-extensioned attachments, so girl.jpg.pif becomes girl.pif.
It's still in dev, but it'll be available on baxpace.com in the next week or so for Win32 (as an exe) and UNIX platforms. It's written in Perl.
Re:My tool (Score:5, Funny)
Re:My tool (Score:4, Interesting)
See, filters used to just pick up obvious "indicative" words, so spammers started to use caps. Filters got those, so spammers started to obfuscate with spaces. Filters got those, so spammers started with real text munging (v1@gr@, etc). Filters got those, so spammers started inserting huge volumes of real words in their spam.
Notice the pattern?
The reason Baysian filters (which are anything but nonsense, trust me) work is because they adapt to the spammers' techniques. As time goes on, spammers figure out how we're filtering. They adapt. Your filtering system will be obsolete within a year, guaranteed. A Baysian filter won't, because it adapts along with the spam. In as much as any algorithm can be considered "learning", a Baysian spam filter learns pretty damn well. 90-95% accuracy with enough training data, and who doesn't have enough spam to train a filter with?
More power to ya though, because each and every person working towards a solution helps. Just don't discount the more esoteric methods outright, because combining what you're doing with an adaptive filter is pretty much the optimal technological solution (for now).
I would have guessed much higher (Score:5, Interesting)
If every Linux and Windows machine ran Postfix with CRM114 by default (and with manpages and documentation), this would help. Maybe a new anti-spam Linux distribution is needed. MacOSX ships with Postfix, but not CRM114.
Do you have any idea how many open-relays still exist? Why does SMTP software allow '*' open-relays in the first place? Do you know how many proxy servers are out there on the Internet? How many SOCKS4&5 proxies that just allow any SMTP to be bounced? How many are seemingly closed but available with the CONNECT method? Let's close some of our holes, and prevent software from opening them in the first place.
Also - know your enemy. Why haven't people dissected the software these creeps are using. The majority of spam comes from a program called DarkMailer or DM. Let's reverse engineer this application and figure out how it works, so our defenses can be built around the enemy's weapons and not just generalizations about spam.
Finally, let's set some ethics and procedures about how to deal with spammers. Too many is the case that people just want to beat their heads in with baseball bats or delete all their files on all their computers. This activity is not productive. It's my firm belief that if you take away their tools and educate them, less spam will be out there. You make it a war -- and that's what you'll get. Passion drives creativity and efficiency.
Re:I would have guessed much higher (Score:3, Insightful)
What %? (Score:4, Informative)
Forgetting work -- let's just look at my home domain. Hosting my wife and myself I'll look at my email alone. In the last week we've sent/received 42 legit emails. That's about 6 a day between the two of us. In the same week the average _daily_ traffic looks like this:
I'll start by saying that actual junk mail that may make it to the Inbox in front of me is maybe 1 a week. I find even that annoying. Yesterday, an average day -- there were 109 messages harvested by spam sucking address'. Our daily average [last typical week] at home was 6 emails (sometimes less, sometimes more
By my numbers that is almost 95% of my email traffic which is simply not wanted, nor allowed.
There were also a total of 291 subnets blocked (for various other noticeable offenses
Of course, once blocked there's a URL sent back (-0- lookups in the same time frame) which tells you what to do (email a unblocking address or pickup the phone and call me
They're numbers, well -- just don't jive with my real life experiences.
Anti-spam spam (Score:4, Interesting)
While we've surely all seen enough spam, this is about the most thorough bit of spam I've seen in a long time. And its short - way more crap per line than usual.
Not only is it spam, it claims to be consistent with the CAN-SPAM act. How wonderful is that?
It has the usual set of junk words intended to try to disguise itself from the normal anti-spam software. And it has the usual image to load that contains my email address so it will know I visited there. And it encourages me to send it to all my friends. And it has the usual "visit here to get off our list".
Even better, if you go to their web page you'll find a pointer to a page where they say "It has come to our attention that ..." spammers are advertising their product, and you can complain by filling in a form. And, of course, giving them your email address! For those who are amused by such things, look at the source - its obfuscated to the point of absurdity and does not seem to like running under mozilla.
See my journal for more info, including the source of the mail, the urls involved and a decoding of their web page.
The only way it could be merely 1/3... (Score:5, Insightful)
Corporations deal piles of mail on the inside, that never gets out to the genpop: HR crap, memos, meeting notices, etc. etc.
Customer relationships also generate piles of e-mail, but that should be visible to your average slashdotter who buys stuff.
I wonder if they're counting automated, machine-read e-mails such as SEC filings and other things that humans never read?
After spamassassin, really only a third(n/t) (Score:4, Funny)
85% of outside mail coming into work is SPAM (Score:3, Interesting)
I Was 5 Minutes from Shutting Down my Mail Server (Score:4, Informative)
I doubt it'll keep spammers at bay forever, so I really should start looking into some more spammer hostile things I can do to my mail server. Worst case, I can always shut the damned thing down. I was ready to do that anyway. If the service is useless to me (Because filtering spam takes so long that I don't have time for anything else) why should I bother running it?
The Will Pay System (Score:4, Interesting)
To get rid of spam, we need to change the economics of email.
However, most systems proposed are too simple in that they serve to make a lot of the legitimate purposes of email too expensive, Maillists being a primary one, as well as mail from new potential customers.
Essentially, we can arrange email into a grid of Expected or Unexpected vs Desired or Undesired. We need a way to freely receive all Desired mail whether it is Expected or not, while making it expensive for mail that is both Unexpected and Undesired.
To address this, I believe a system where the promise of payment is encoded into the delivery may solve the problem. Note that the promise of payment doesn't mean that payment will be necessarily be required. However, having the promise encoded into the email does require that it be possible to place a charge on that email by the recipient. This would require verification at intermediate servers that the mail came from a known system that allows payment to be made before relaying it on.
Legit users send out so few emails that they could easily send out mails with promise of payment encoded, companies would not require the payment be made (as what a great way to lose a potential customer) so the status quo is preserved, and friends who they send mail to similarly would not bother requiring payment. Of course, if payment is required (you get into a fight with your friend) it should be a small enough amount (sub-dollar range) that it is not an extreme hardship even then.. provided you're only getting charged for one or two.
Mail-lists could be sent without the promise of payment, but since they are typically subscribed to directly, it becomes very easy to implement a white-listing solution for all the lists you're on.
Spam could not be sent using promise of payment -- if it was, the costs would quickly dwarf the profits since it is only the very low cost of email that makes spamming possible. Anybody receiving the spam would simply click the "Require Payment" button or some such, and the spammers credit card would be automatically charged the amount. Assuming only 25% of the recipients are actually able and willing to require payment, since the typical spam run sends out hundreds of thousands of email, the charges mount significantly quickly. Yet if spam was forced to not promise payment, since all legitimate email is using promise of payment, it becomes very easy to whitelist the spam out of existance.
Essentially, the promise of payment system allows unexpected but desired mail to proceed as normal, while unexpected undesired mail incurs a fee. Expected mail can use the standard email system with whitelists, or still use the promise system with no difficulties.
IDC is on crack... it's 85% not 33% (Score:4, Interesting)
That study is flat-out inaccurate. When they use those lame content-based filtering systems, their mail system slows down so much, they cannot handle all the inbound connections so they never really know how much SMTP traffic they actually get. Spammers hit their lame servers, get deferred, and don't come back. I guess this might be one reason why you might want to use MS Exchange: it's so slow it can't actually process all the spam sent to it, and then you get incomplete figures on mail traffic and spam.
IDC estimates that each worker would spend an average of 10 minutes a day dealing with spam.
That seems a bit low to me. Maybe with content-based filtering in effect. But they should also ask IT managers how much time is wasted per-employee looking for legitimate messages that have been held up by the inbound mail filtering/flagging systems that erroneously trap legitimate mail. I bet that figure is much higher.
RBLs work. Content-based filtering doesn't. This whole study is basically a shill for promoting more ineffective "strip-searching" of e-mail content as a "solution" [sic] to the spam problem.
"Too dumb to Live Awards" (Score:5, Funny)
We should ALL do something to make the world a better place to live, ya know...
ERROR (Score:4, Insightful)
Have fun with spammers! (Score:4, Interesting)
Seriously though, nothing will happen as long as China (and a few other countries) don't care. A spammer recently picked up my cable address (which I don't use), and hits me 2-3 times a day. I've traced it back to china, contacted the appropriate admins, and received a "abuse mailbox full" bounce.
Maybe it's time we embraced spam (Score:4, Interesting)
We are way above average... (Score:3, Informative)
About the same in meatspace (Score:3, Insightful)
An interesting point about physical junk mail, by the way, is that it costs money to produce and it costs money to send. And yet, continue to get the same crap day after day. There are a lot of people out there who think that the key to stopping spam is going to be charging the sender for sending mail. But real world experience shows us that it just ain't so... physical mail costs a lot more to produce and send than anyone has proposed charging for e-mail, and we still get plenty of junk mail.
I think the real key is going to be something akin to the national do-not-call list. In fact, it could be an extension of it. You could register an address (street or e-mail) and say that you choose not to receive unsolicited commercial mail. That, combined with better regulations requring accurate sender information, could really help.
99.38% (Score:3, Informative)
970 total messages
6 of which real emails
964 spam.
My SpamAssassin proxy needs a tweak or an upgrade, it only correctly tagged 750 of the spams.
I'm a good-natured sort, but this pisses me off. If I ever meet a spammer I'll fucking kill his ass dead with a 2x4.
Re:it ain't fair (Score:2, Insightful)
Re:it ain't fair (Score:5, Insightful)
Nonsense. Even setting aside the obvious frauds contraband offers, unauthorized use of trademarks, etc. found in 99+% of spam, it is a violation of property rights. The First Amendment does not protect spamming any more than it protects grafitti vandalism.
At most, the law might reasonably tolerate spam if it evidences no attempt to evade filtering -- no forged headers, no "v1agra" munges, no misleading subject lines, no nothing. The use of such techniques creates a "bright line" between spamming and legitimate bulk e-mail, because it constitutes prima facie evidence of intent to intrude without permission (and, indeed, against an express prohibition).
Bottom Line: The computer-cracking laws ought to be clarified so that the evasion or spoofing of a spam filter is treated just like the evasion or spoofing of a password prompt.
Re:Offended (Score:3, Funny)
Re:what about server solutions? (Score:5, Informative)
Don't waste your time implementing a content-based filter. The best solution is to incorporate a real-time spam relay blacklist [ordb.org]. I recommend bl.spamcop.net [spamcop.net]. It's very effective and accurate with an extremely low legit mail blocking rate.
RBLs are great because they refuse spammer connections before the mail even gets delivered, so you don't waste bandwidth and system resources downloading spam crap and trying to interpret the contents. RBLs respect the sanctity of the e-mail message as a private communication medium and penalize those ISPs which allow spammers to operate.
If you're using Sendmail, you can also hard-code some of the IP regions where tons of spam is originating (signal-to-noise ratio for most people on the Chinese IP blocks is 0% so why allow them to hit your server in the first place? A few lines in your
Personally, if you want to get aggressive, block the following Class As: 61,80,81,82,83,142,164,193,194,195,196,200,201,20
Set up a web-based e-mail form and put a link to it in your Sendmail access configuration so that if any legit mail gets bounced, they can redirect to a web page to contact you in the [unlikely] event they were inappropriately blocked.
Re:Speaking as one who comes from two IPs in 202/8 (Score:3, Informative)
I wouldn't normally recommend blocking class As, with the exception of 61.* and 218.* and 219.* - they have no legitimate purpose for 99.99% of North America with the exception of the small-penis demographic.
However, in some large IP block cases, i