Spam Volume Jumps 35% In November 371
gregleimbeck writes "Spam volume soared another 35% in November, an e-mail security vendor said Thursday, and the month saw spam tactics that reduced the efficiency of traditional anti-spam filters.
'There's been a huge increase in spam volume,' says David Mayer, a product manager at IronPort Systems, 'from 31 billion spams a day on average in October 2005 to 63 billion in October 2006. But in November, we saw two surges that averaged 85 billion messages a day, one from Nov. 13 to 22, the other from Nov. 26 to 28.'"
I'd say more than 35% (Score:5, Insightful)
Are we finally going to reach a point where only trusted addresses can email us? Seems the arms race is being severely lost. I've got a pretty good spamassassin config and I can't keep up anymore, I find myself having to manually delete literally hundreds of messages a day now.
Why do we fight this at the end? (Score:5, Insightful)
I don't see why we are always fighting this problem at the reception end, rather than the source. Spam filters can work quite well, but why are they mostly applied right at the very endpoint of the chain?
I'd be very happy for some basic filtering to take place on my outgoing mail at the ISP level. If it meant the odd automatic email with a captcha saying "are you sure you intended to send this mail?" before a spammy-looking email went out, thats fine with me, and wouldn't that approach cut down on all those twits whose PC's are part of a botnet without them realising it?
Bah, why is firefox suddenly getting me to spell check in American?
Re:I'd say more than 35% (Score:4, Insightful)
Even that can be spoofed. And people will complain that they can't engage the customers and that's hurting the economy.
There was a guy who proposed something called RSS-mail a few years back. It was the same guy who came up with SPF I think.
Anyways the idea was that I would send you a notification that there was an email waiting for you to pick up on my server. Similar to how RSS passes data. If I was interested in reading that message I could call upon your server to deliver the email to me and then I could read it.
The key is that now the sender has to own the email. He can't just shoot off 20 million random messages. He now has to store all of them on his server for some period of time so that you can pick them up. Cheap for you, expensive for him. It also means that he has to be honest about his RSS feed otherwise you'll never be able to pick up the email and read it. This also makes it easier to track them down.
Personally, I think spammers won't go away easily. They make a lot of money off pathetic fucktards who think they can get a bigger dick with a pill. The real damage is done by the people who purchase via spam making spam a viable marketing tool.
Re:It's that damn picture spam (Score:4, Insightful)
White List. (Score:3, Insightful)
Who reads it? (Score:5, Insightful)
The great irony of the spam arms race is that the better we get at filtering the spam, the more garbage the spammers send out just to get the same return. You can't stop filtering it, because the mail you want would be buried in a torrent of spam. But filtering more just raises the bar for the next round of spam.
Eventually it may get to the point where (a) email is unusable or (b) spammers have to send such a massive volume of cr@p that it no longer becomes a cheap business, and it ceases to be worth spamming. Until then, things will keep escalating.
Filled corporate Internet pipe (Score:4, Insightful)
I know people talk about legal solutions not working, but I think if law enforcement made use of existing laws and went after these people it might make a difference. I'd love to see the FTC go after the pump and dump spammers and confiscate everything they own before locking them up, or the food and drug administration go after all the enhancement pill spammers. Also, perhaps a law to fine idiots who buy from these spammers.
Just change the federal law to let some of the state laws take effect, i.e. defeat the Can-spam act.
I think if law enforcement made a good effort to go after these spammers and lock them up then it might make a difference.
-Aaron
Geographic filter is great (Score:3, Insightful)
Re:I use a different approach. (Score:3, Insightful)
Re:Or server admins could just do their jobs. (Score:1, Insightful)
Spoken like someone who hasn't tried to maintain spam filters for a large number of users.
Re:Or server admins could just do their jobs. (Score:1, Insightful)
Re:email2 (Score:3, Insightful)
No need. As I've been saying for several years, only servers really need to have a cert. If every server had a cert and no messages from machines without a cert were accepted, spammers would have to have a cert or would have to send through normal channels through people's ISPs.If they get a cert, you know who and where they are and you can arrest them.
If they don't get a cert and their spam bots go through people's ISPs, you can set up an automated "this is spam" reply mechanism that would stop the spam bots at the source much faster than existing measures, thus making the amount of effort needed to maintain zombie botnets orders of magnitude greater because they'd be going offline after sending a much smaller number of messages and would be affected by email message rate throttling at the ISPs.
Either way, spam becomes much, much harder....
Re:Thanks, A-holes. (Score:3, Insightful)
~Philly
Re:what for?? (Score:3, Insightful)
The idea is that they'll create a run on the penny stock. Create some demand on a stock that's worth $0.01 a share, even a little, and it might go up to $0.02/share. Not a significant jump, except when you consider that they could have $50,000 invested in the company already. That run would turn into $50,000 profit overnight. And that's assuming a relatively small one in a million people being dumb enough to fall for it. People in general are a hell of a lot stupider than that.
And here's the rub... it's not illegal to create a run on your stock like that. It's not fraud, it's not stock manipulating, it's not deceptive marketing. The company whose stock is being traded usually has absolutely nothing to do with the scheme. And thanks to overly relaxed laws in countries like China and the USA when it comes to bulk e-mailing, it's not illegal to send the spam. They word it in such a way that it looks, to an idiot, like they've received an e-mail they aren't supposed to have received, talking about some sure-fire hot stock, and enough people will fall for it that you're able to turn a profit.
Spam in general is like that. They don't care that 99.999% of the messages they send out get ignored. They care that 0.001% arrive in the inboxes of the criminally stupid.
Re:Anyone can use gmail's anti-spam too! (Score:3, Insightful)
Re:I'd say more than 35% (Score:4, Insightful)
All ISPs should take reasonable care not to reinstate mail sending privileges until they are sure that the user's computer is clean.
Any ISP that actually gives enough of a shit to care what is coming out of their network and manage their users like this has already managed the spam problem. How much spam do you see coming from AOL IPs? Yeah, it's because they got people like Carl Hutzler who actually took the problem seriously and they gave him real power to implement solutions.
I see armchair admins come up with these oh-so-clever solutions every day, but the reality is that solutions exist now, and what stands in the way of their implementation is nothing more than incompetence and greed. Comcast, Brazil Telecom, Orange/TPnet, all of them could stop their massive armies of zombies overnight, but it's just too expensive. Their cost-benefit analysis lets them keep polluting our mailboxes with direct-to-MX zombie connections rather than deal with the support costs of the 0.01% of users that will ACTUALLY have a problem with port-25 blocking.
We have to make it expensive for ISP's to continue letting their zombies send us spam. That is my FUSSP.
Re:I'd say more than 35% (Score:2, Insightful)
There are a few ways the deal with most spam already deployed but because they require all mail servers to do the same thing (and it's very hard to get ALL mail servers, even the legitimate ones, to do something) they have to allow the standard SMTP protocol to function as normal otherwise they will lose emails.
Re:I'd say more than 35% (Score:3, Insightful)
Spam is just the symptom... (Score:4, Insightful)
The real disease is: those vast botnets. Really, it's a scary thought. We are lucky that they only being used for spam and the usual phishing scams and the like - as far as we know! Imagine if the terrorists buy themselves some botnets for some nefarious purpose, or the Chinese or North Korea government corner the market on them to run millions of bots to steal corporate secrets or IDs or who knows what? What I'm saying here is that the large increase in spam should be triggering off alarm bells everywhere. The spam is not the problem - it's the botnets. Why in the world don't responsible world governments unite to put a swift end to this problem? Really - it could be dealt with swiftly and effectively in a hundred different ways that I will up to the imagination of the reader. I am just astonished this hasn't happened. I mean - couldn't our friend and champion of democracy George W. include this in his initiative against terrorism? He would probably have more luck tackling this problem then he is having in Iraq. What if he put that on his agenda - and set loose all his military might along with the help of some coalition of the willing? Perhaps he could salvage what's left of his image? Are you listening Mister Bush?
http://www.magma.ca/~gtaylor/AudioTestFileGen.htm [magma.ca]Re:Plus, SMS Spam (Score:2, Insightful)
Re:Why do we fight this at the end? (Score:2, Insightful)
a few milltion mails a day you won't mind paying the bill for a couple of million?
or would you mind?
i have some objections to it.
kind regards,
Re:I'd say more than 35% (Score:4, Insightful)
#1.1 Block REMOTE images!!! PERIOD (Score:3, Insightful)
images, if you completely block those they cannot use the servers statistics/unique session id to figure out
which mails worked or didnt.
2. Use those remote image location to flood their session stats and pollute their databases and tell their ISPs to drop them too.
Re:I'd say more than 35% (Score:5, Insightful)
Everyone has equal potential to be scum. It's just easier to make people hate successful scum.
Re:I'd say more than 35% (Score:3, Insightful)
This comes up a lot, so skip this if you've read my take on the matter before.
One of my clients has a website that features an opt-in email newsletter. Each message is roughly 1MB in size (many pages, lots of images, etc.). He has about 25,000 subscribers. This means that near the first of each month, he's sending about 25GB of email out to people who want to get it. Under SMTP, this is no big deal - just give Postfix a list of recipients, and let it work out the delivery details. The mail queue gradually shrinks over time, and in the case of many customers at the same domain, his server can group all of those recipients into a single connection.
Under DJB's plan, he would send out 25K notices that the newsletter is ready. Whenever people arrive at their office in the morning and check their mail, his WAN connection would catch on fire as they all try to simultaneously download the message (or at the least overwhelm it in predictable waves: 9AM EST, 9AM CST, 9AM MST, 9AM PST). His service would completely fall apart.
Not only would spammers hurt under this plan, but so would every legitimate bulk sender (such as my friend and every mailing list operator). That's a price I'm not willing to pay.