What's With All This Spam? 212
coondoggie writes to mention a Network World article about soaring spam levels, confirmed now by researchers, IT managers, and security vendors. So, indeed, it's not just you: October was a spammy month. From the article: "Levine's assumption is this spike in spam levels is a result of a new generation of viruses and zombies that can infect PCs more quickly and are harder to get rid of. In its October report, messaging security vendor MessageLabs says the spike is largely due to two Trojan programs, Warezov and SpamThru. Others say a new breed of spam messages called image spam -- messages with text embedded in an image file that evade spam filters, which can't recognize the words inside the image -- is responsible." A note: I have no interest in penny stocks.
I use GMail (Score:4, Informative)
Oh, my spam folder? Over a hundred a day, but as I recall, Gmail has miscategorized maybe 2 or 3 messages as spam during the entire time I have used it. Unless I am expecting something, I rarly check the spam folder at all.
Comment removed (Score:5, Informative)
Ameritrade (Score:5, Informative)
Domain owners: Set up SPF NOW!!! (Score:5, Informative)
Domain owners: Set up SPF NOW!!!
I set up SPF on my domains and the number of bounces from spoofed SPAM dropped dramatically.
Do not wait any longer, do your duty to the internet community: Set up SPF NOW!!!
Don't be so smug (Score:5, Informative)
Re:Reverse OCR (Score:3, Informative)
I use a plugin called FuzzyOcr [apache.org], and it handles animation and noise very well. Unfortunately the OCR itself isn't great, so it reads a lot of gibberish. FuzzyOCR compensates for this by being very liberal with its string matching (hence the name). The nice thing is, it correctly identifies the vast majority of the image-based spam I receive. Unfortunately, it's very easy for it to identify false positives. So far I haven't had this problem, but you might, especially if people often send you screen shots.
How to filter out image spam (Score:3, Informative)
Re: Filter by IPs (Score:3, Informative)
Sure they can. They've got access to botnets of random compromised PCs sitting in homes and offices around the world. If they find one being blocked too much, all they have to do is send the commands to another one. It's legit mailers, who have anywhere from one to a few dozen outgoing servers (depending on the size of the organization) who can't change their IPs.
The list you're putting together is probably mostly a mix of spam-friendly ISPs and residential/small business DSL/cable IP blocks. The reason you're not seeing many false positives is that most legit home users send through their ISP's mail server rather than directly to you, so you don't see that their IP is on your list.
Parent [slashdot.org]
Re:Domain owners: Set up SPF NOW!!! (Score:4, Informative)
Re:Why don't the BB companies enforce TOS? (Score:3, Informative)
Spam botnets now have so many client machines that Joe Spammer only needs to send out 10 or 20 messages per system per day, and he sends them out slowly.
As soon as a solution seems "obvious" to "everyone", the spammers have moved on. I work for a university, looking after IT Security. We still get people ask us why we don't do bayesian filtering on our ~700,000 emails per day (hint: when 85% of your email is spam, it doesn't help much) or OCR (1: CPU load++, 2: spammers now use animated gifs with noise, split in the middle of rows and re-layouted with HTML).
Rule/filter to remove gif spam (Score:2, Informative)
If the "content-type" header contains "multipart/related", classify as spam (and not in address book, previous recipients, etc).
Don't know exactly what this implies, but seems to be working for me, otherwise I would be getting tons of gif spam that passed my server's spam assassin and my e-mail client's bayes filter.
image based spam (Score:3, Informative)
Re:Essay / Short Story Spam (Score:4, Informative)
Re:Commission (Score:3, Informative)
Re:Essay / Short Story Spam (Score:3, Informative)