Slashdot Mirror
Jupiter Forecasts 50% Increase In Spam
Mr. Sketch writes "According to Yahoo, the amount of spam is expected to increase 50% in the next five years, meaning the average american will get over 3600 of them a year. The future of email is??"
← Back to Stories (view on slashdot.org)
'cause they include clever spam filters.
I'm trying out POPfile (Naive Bayes text classifier and a POP3 proxy) these days, it's looking good so far.
-- From Denmark
Whitelisting. If you don't know what it means, you only specify who you want to receive email from, and don't receive any other mail.
That would be a start!
Between all of my email accounts, I get about 250-300 spam messages a day. My most active account at my own domain (which has a catchall) gets about 200-250 per day. I'd kill to only be getting ten spams a day.
I wonder how accurate that statistic is. Frankly, I'm amazed the "average" number of spams isn't already around ten a day or even higher. Almost everyone I know receives this much, and the ones who don't are pretty close. Maybe it's just because the folks I know use email more extensively than all the Grandpa Joes out there who only get a message or two from their grandkids in their mailbox every week? Such is the curse of email, I suppose...the more you spread your address around, the more spam you're likely to receive...
DennyK
Yahoo has launched a 'war against spam'. I've actually had a yahoo account for a little bit more than a year and it has been relatively clean. (note that I've used it as my 'dirty' account, i.e. list submissions and suchs goes there...)
The problem currently is that there's so many people who are doing a very good job at blocking / stopping most of the spam that the average joe or public official doesn't realize just how much spam is sent to his mailbox every day (or at least would be if it weren't for the anti-spammers).
What if for a period of time, maybe a week or a month, a day isn't long enough, the anti-spammers just quit. All of them. Let the spammers have an internet-wide orgy. Let people see how much of a problem this is - let the lawmakers make better spam laws, and then have the law enforcement stop them.
Blocking the spam is counter-productive, it only encourages the spammers to come up with better ideas on how to get it into your mailbox. The spam needs to be stopped at the source.
...Also, I didn't know Buggalo could fly.
It depends on the SMTP server software. In an ideal world, the spammer would deliver one copy to hos relay host, that relay host would deliver one copy to each of the servers maintaining the domains that the spam is being sent to and those servers keep one copy for all to share.
Some of the decent open source ones do the first two but store a copy of the message in each of the mailboxes.
Some of the database-like mail proggies only stores a single copy of the message for all of the recipients.
Perfect client side email filtering.
The more people blow this problem up, the more likely it is that legislators will try and tackle it.
And you know what that means; more bad "cyberlaw".
Much better to concentrate on solutions to a problem, rather than making repretitive and useless noises about the problem itself.
ATH0 Bitcoin: 1DnwFLXczVZV8kLJbMYoheUrpqHesjxrSi
more like 6 months
:-)
I see a Moore's Law for spam - spam power will double every 9 months
So if you want to get into a growing industry work for/found an anti-spam company.
as ever with a
I'll probably loose karma over this, but here goes anyway.
Of course spam is an important issue. And it's damn annoying too. But I simply don't believe all these stories about how email is going to become crippled by it.
There are spam filters. More importantly, the use of aggressive blacklists forces ISPs themselves to take a tough line.
The questioner asks what the future for email is. Well, it's simple: email is fine as long as the user is sensible. I have several accounts. I know that my hotmail account is entirely unusuable because of the level of spam it recieves. If I need to give my email address to someone I don't trust fully, I give them that.
I have a work address. This gets a little spam from time to time as the organisation gets targeted. I filter out these spams with my own spam filter.
Mailing lists tend to go to another address. So far, I haven't had too much spam from that quarter.
My personal address is known only to a few friends. So far, no spam.
The rule for keeping your address spam free is the same as it ever was: don't publish it.
Now, what about people who want to advertise their address for open source projects and the like? Well, put it in the source code, in the README files, wherever you like. Just not on your web page.
Ok, now if you wanted to send 100,000 messages of 2kB each, that would require from you to send 200MB + time to connect cost + DNS lookup cost + SMPT session cost == a couple of days.
Pretty impossible for one person don't you think?
So how is it done? Simply by SMPT server duplication and redirection of messages. A spammer only sends a few e-mails which are *exponentially* multiplicated in a hierartic tree of SMPT servers.
Theoretically that exists to reduce to load of mailing lists, etc.
So cut that feature down are DEMAND that everybody who wishes to send multiple copies of the same message to HAVE to do SO equal amount of times to each recipient respectively.
You have a right to free speech, that does not mean you have a right to be heard. You can stand up in a public place and bellow until your blue in the face, but I can turn around and walk away from you. You cannot follow me and prevent me from going where I will, or otherwise force me to listen to you. I can put up a "No trespassing" sign in my yard, and you can't even come to my door. If I use a spam filter, and you figure out a way to bypass that filter, you have now effectively forced your way into my home after I've made it clear that you're not welcome. If you'd done that in person, I'd have shot you.
I consider myself to be Libertarian as well, which to me means (among other things) that I get to do as I please, so long as I'm not infringing on the rights of others (like pestering the crap out of them when they just wish to be left the hell alone).
There's no way in hell we're going to be that lucky. A 50% increase in 5 years would make me jump with joy.
The truth is it's increasing at a much faster rate than that. Recent research has shown that it's going up about 400% per year!!! And my personal email account verifies that sort of increase.
I suspect Jupiter is going to be eating its own words. In 5 years I suspect we'll be seeing perhaps 50 times more spam, not 50% more.
Matt. Want XML + Apache + Stylesheets? Get AxKit.
I configured SpamAssasin on our incoming mail servers earlier this year. Whew! Was I a happy man! Not enough is said about the great work the SpamAssasin team has done. It just works, filtering out >95% of the spam I receive (about 30 to 40 per day). And what about my hotmail account? I can't be bothered to look through that load of garbage anymore.
Real men don't need signitures!!!
The golden age of advertising is here, and it's only just beginning. If you think that you're immersed in marketing noise right now, don't even think that it won't get much worse.
Surely we're all supportive of freedom in the marketplace, but we don't have to be such market fundamentalists that we can't talk about legislation that would tell advertisers where they *can* advertise, rather than where they *can't*. We could settle this question of whether or not money equals free speech once and for all. We could create forums for advertising, and the market could be more equitable.
Why take such a step? Advertising is taking over our lives, and it's displacing many of the more meaningful aspects of human culture that have been developed over millions of years. It's all going away...
Use your imagination to see 50 years into the future...the people who are pushing the desceptive ads of today are just trying to be competitive....they and their successors won't stop pushing advertising further and further into every moment of our lives because their competitors won't stop pushing advertising further and further into every moment of our lives.
Imagine...we could actually end this spiral that's quickly taking human civilization down the toilet.
If I sound like a radical to you, it's only because we're all so perfectly accustomed to it, and we have no idea what things might be like without so much of it. As I type this, I can see logos and slogans on my screen, to my left, to my right, behind me...just look around...it's everywhere!!! AAAUGHHH!!!
Nice idea but very difficult to implement. The problem is not the protocol. It's the content. No matter how secure a protocol is, a pinhead can always use it to send ads. It just arrived through a "secure" route.
I guess the best way is to slow down e-mail. That way it would take days to send a million messages. This would hurt mailinglists but exceptions could of course be made. Let certain known behaving servers send e-mail faster. That way you have to earn the right to send e-mail fast.
I doubt it. The vast majority of spam I receive is non-Western (various East Asian charsets).
Proves nothing - it all depends on which lists you end up on. I get about 120 spams a day, of which about 115 are in ASCII - and 95% of those come from the US.
I suspect the US will never legislate effectively (i.e., at a federal level) against spam. Any legal framework is likely to come out of the EU, which has much stronger data protection laws.
Nae bother
Not everyone is in your position. It is not about mental capacity, but about time and money. When I check my mail on a dialup connection, and if I haven't checked it for a day or two, I have to download large amounts of spam. So much, in fact, that it drowns the e-mails I actually want to read.
The address I'm talking about now is not a very active one. It's mostly for friends and relatives. So rather than deleting the occasional spam amongst a number of valid e-mails, I have to spot the occasional valid e-mail in-between lots of spam mails. So I'll just point you back to the example with an old friend who tries to get in touch through e-mail, but never gets a reply because it was accidentally deleted, being hidden in tons of spam.
Snail mail? Sure, I'll just write a letter, take 50 dead tree copies of it and send it through snail mail to the 50 or so people on a private mailing list we run. That's sure to save me both time and money, right? Sigh.
I've already explained how spam is a serious problem to me personally as well as my employer. I forgot to mention how ISPs also have to deal with spam. If I am on a large ISP, you can guess how much spam they have to cope with. The spam wastes their bandwidth and disk space. The result is that running the ISP becomes more expensive, which again might lead to a lesser quality service or increased subscription fees.
How serious it is depends on the person, but you cannot deny the fact that it is a very serious and very valid concern to a lot of people, me and my employer included (I don't know about my ISP). People have all the right in the world to "whine" about spam. Why? Because spam is a serious problem to them.
(And your comment about dead-tree-mail is obviously nonsense. I don't even know why you bothered to try that one.)
Clever signature text goes here.
People shouldn't have to spend their time dealing with spam. Why should I have to? Why should I have to get multiple e-mail addresses because of spam? Why should my employer have to spend lots of money and resources on fighting spam, when it could have been spent elsewhere to improve performance rather than trying to prevent performance from deteriorating because of spam?
How does spam cripple e-mail communication, you ask? Again, you said it yourself. People have to start hiding their e-mail address. It will be harder to find a contact address to get in touch with them.
You are talking about spreading FUD. At the same time, you kind of contradict yourself by showing that yes, e-mail addresses can become unusable because of spam and yes, spam can cripple e-mail communication.
So where's the FUD? Spam is a serious problem to many, and you, as someone else I responded to, don't seem to understand this. You only seem to be able to see it from your own point of view. Maybe spam doesn't bother you. Well, I can inform you that it does bother me, my friends and my employer. A lot. It costs us money. It costs us time. This is not "gloom and FUD", it is reality.
Clever signature text goes here.
Hash cash is the answer.
Ok I want to send letter M to person T, I find
h = HASH(M || T)
Now I have to find a random string R where HASH(R) matches h for the lower K bits [you choose K] this is called a "collision".
Now I send the message M, to person T along with R. They verify it.
This can be used initially just to sort email so you can prioritize it [e.g. hash cashed email and non].
The trick is the bulk of the time is on the sender and it really hinders. If it takes them a second or two to find a K bit collision then they obviously can't spam millions of people a second.
Tom
Someday, I'll have a real sig.
I agree that it's crazy that .0001% actually purchase something, then they think it's a success and spam even more.
.aol or .msn accounts anyway (and if you have time, those get sent to abuse@aol, etc. -not that they'll do anything, but it's good to annoy them) Overall, after a few weeks of fighting back, my spam has been reduced greatly.
But what I really can't stand is when tech people run around and say "never, ever respond to spam, or try to opt out. You will only get more once they realize your email address is good." This is just BS. It can be confusing to explain the best way to remove spam - learning to decipher legitmate companies (Buy.com, Hickory Farms, Citi Bank) from the viagra ads, but you have to try. The legit ones will truly remove you when asked - so that's done. The ones with broken links and return addresses that go nowhere get filtered - (they can't verify squat because you couldn't reply anyway). And for some of the porn that have either web links or reply requests, just try them. It's a pain to keep track of those you reply to then check to see if they come back, but if they do, that's when you type "remove me from your list and any other list connected to you or I will forward this message to my state's attorney general". I've done this a couple of times, and it's like a big swoosh sound as the spam gets sucked off of my computer. Those few viagra and hot teen things that come to me I just delete. These are mostly from fake
Ironically, out of all of the articles and how-to's I have read, very few explain how to try to opt out. The National Enquirer, of all rags, actually had a very good article on spam and included opt out instructions that pretty much follow my method - when to do it, when to not bother. They have also had good articles on keeping kids safe online, identity theft, alerts on kids modeling sites that border on child pron - who would have guessed to find decent tech stuff there?
I have tried both http://www.mailcircuit.com and http://www.spamcop.net . Both are usable, neither is good enough yet for all. Mailcircuit ($20/year) will drive fellow email list users ape because it does not allow whitelisting, so its ping-pong email acceptance messages get thrown all over the place, i.e., adding its own spam population. Spamcop ($30/year) does not have ping-ponging, and so does allow three or four garbage messages per month through, but its reliability is excellent. I use Spamcop now, but will switch if I find something different which does everything I want. On the other hand, Spamcop is in heavy development (and it is nonetheless extremely reliable, I get tons of email every week), and their people reliably respond to email queries; whereas Mailcircuit told me they would solve the problems of which I spoke to them, and did not, and belatedly claimed that it was impossible (give me a break).
/dev/null instead of holding, and (d) the ability to do everything through SMTP/POP3, i.e., to never ever have to use webmail or web interaction, to do everything by automated email commands.
What is needed, in my opinion, is such a service with (a) whitelists, (b) ping-ponging, (c) blacklists which
J.E.B.
Joshua Corps
I'm getting really ticked about this spam crap. This is something that the ISPs need to handle, and handle fast.
Why is it that they feel responsible to filter out Napster, Kazaa...filter out port 25...filter this, filter that, monitor this, monitor that....
Yet none of them can do something as simple as an opt-in spam guard. It's turned on by default..and you don't need some fancy enterprise edition. You need Exim, Exiscan and SpamAssassin. Done. Should take a half-competent fresh college grad admin about an hour to do.
Sure, some ISPs do it already. I remember when I was on Earthlink (2+ years ago) they had it...worked ok. How about everyone else? How about doing it FOR FREE?
You don't win the war on drugs by going after drug dealers or importers. You win the war on drugs by poisoning the drugs so noone wants them.
You don't win the war on spam by going after spammers or Asian servers. You win the war on spam by doing your part to educate end users and block it for them, thus removing the spammers' audience.
Corporate MS/RIAA/MPAA/FCC-like nonsense happening. When are these people going to wake up and do their part?
FYI, system stats to date for just my personal server at home:
SPAM caught to date: 4193 in 84,397,706 bytes
Viruses caught to date: 1018 in 277,420,970 bytes
Yes, I'm donating my spam collection to spamarchive.org.
I suppose that we are far better predicting spam rates in 2007 than we were in 1997 at predicting 2002 spam rates.
Did our prediction accuracy increase when we could finally build a Quad 2GHz Xeon board?
C'mon people... in 2007 spam will take many other forms than just email.
Email services as we know it must fundamentally change. The only workable solution that I see is white listing.
I know that there are great filtering programs out there but I end up going though all of the spam anyway to make sure that I don't flush an important message. The only difference is that instead of deleting spam from my inbox, I'm deleting it from my spam folder.
I ISP needs to implement white listing on there server and it needs to be made so that list maintenance is as easy as possible.
One idea is to put a disposable 'code' word as part of the email address. emails with the correct code word would pass directly through and the sender's email address would be added to the white list automatically. The code word part could be changed by the owner at any time.
Any mail received that didn't have the correct code word OR the sender's address wasn't already white listed would be put into a queue. The ISP's server would automatically reply to the sender with a message that basically says "You are not on this person's white list. If you are not a spammer and want to be added please reply to this message with a single line in the body: X2ke34Y."
The ISPs would want to vary the above message to make it difficult for a spammer to automate the reply. Maybe "Please reply with the second word from the third sentance and the forth word from the first sentance all in caps." Anyway, you get the idea.
If the person follows the instructions and replies the queued message is forwarded and the sender's email address is added to the white list. Most spammers use faked email addresses so they won't even get the instructions. Queued emails will be held for a predetermined time period before being sent to the bit bucket.
The ISP should provide an easy way for the user to deal with the few spammers who will actually provide a legitimate email address and follow the instructions to force their spam through.
This would be a big change and a bit more of a hassle but not nearly the hassle of wading through hundreds of 'Increase the size of your penis' spams each day!
The race isn't always to the swift... but that's the way to bet!