MSNBC: Offices Remain Spam Free Zones

Makarand writes "Thanks to a good job done by the tech staff and filtering software, office workers in the US are not bothered by spam mail and the value of email communications has not eroded. A survey conducted by Pew Internet & American Life Project, whose findings are reported in this article by MSNBC.com, found that spam is certainly a problem for personal email accounts but not for company provided email accounts. This is contrary to the perception that American workers are wasting too much time battling spam." YMMV.

Or just lack of exposure?

[Otter]

Thanks to a good job done by the tech staff and filtering software...

In part, certainly, but I wonder how much of the difference is due to the fact that spammers have a harder time getting work addresses. They're a lot less likely to be on public web pages, they're not used in chat rooms and they're much harder to generate by brute force.

Re:Or just lack of exposure?

[Ace905]

I'm a bit of a self-proclaimed expert in this area ; my software company developed 'Spam Interceptor' and in the initial stages of development almost all of our time was spent doing research on how email addresses are collected. We looked at MonsterHut's collection practices (Having known the former CEO) and moved on from their.

For the most part, I believe Business addresses are easier and more 'enticing' to collect. Every individual has different browsing habits, but for the most part - businesses in particular sectors tend to list themselves in very specific databases, are more likely to have the receptionist or researcher that signs up for mailing lists, and business domains are easier to identify. Some spiders look specifically for "INC." in the whois database - just as google does.

With the companies I am personally involved with, we do not receive Nigerian Scam Emails until we are listed in a business directory - but how can you avoid the publicity business directories offer? It's not easy. Online businesses start receiving resumes around the same time. We received resumes before our home page was complete - people didn't even know what we did as a company, and that's the only way we knew they hadn't, "Been following the progress of our company for some time and [felt] very enthusiastic about working for us". I mean, these are just job-seekers with an automated resume distribution. Imagine if they made money simply by finding us.

I don't want to get into too many details on business address collection techniques - let the spammers brainstorm them all over again. But I am certain the very fact that a business is a business - makes them more enticing to a wider range of higher-priced products and services. The collection of addresses, no matter the problems will be overcome, and in my experience have been overcome.

Re:Or just lack of exposure?

[Otter]

Huh? Most company e-mail addresses I have seen are trivially guessable. They username is almost always some combination of first name or initial and last name, with or without dots thrown in for good measure.

Not being a spammer, my reasoning may be wildly off on this, but -- they're trivially guessable in the sense that given an employee name and an employer you can generate the likely email address. If you're a spammer, though, trying to generate a million addresses with a high likelihood of validity, it's a lot easier to iterate from a@aol.com to 9999999@aol.com than it is to permute lists of first names, last names and corporate domains. What's the probability that there's really a franklin.deveraux@tgifridays.com?

That's my reasoning, anyhow...

Spamassassin at work?

[jridley]

I wonder how much the lack of spam hitting business email accounts is because companies install spam filters? Our company throws all inbound email through spamassassin, and it works great.

We have no real problem either...

[Magus311X]

Good filtering software, along with good filters, really makes the difference.

At work I use a product which allows me to filter on multiple levels:

1. Allow. If it's on the domain list, IP list, or if the message contains any of the keywords in the list, it's allowed through.

2. IP blacklisting. IP address matches? Delete it.

3. Domain name blacklisting. Domain name matches? Delete it.

4. Content filtering. Meets any of the content filters? Quarantine it.

5. Attachment blocking. .cmd? .bat? .vbs? The other 18 I specified? Matched something in the antivirus pattern file? Delete the attachment, regardless of the source.

Virus infections in the past year? 0 workstations, 0 servers. Number of spams/day before companywide? Averaged about 800 for 25 users. Now? About 20 for 25 users.

Cost of the product? $1500 for the server license for both products. I'm happy.

-----

Re:We have no real problem either...

[Jucius+Maximus]

"Virus infections in the past year? 0 workstations, 0 servers. Number of spams/day before companywide? Averaged about 800 for 25 users. Now? About 20 for 25 users."

One more element that is necessary for big companies (not necessarily your 25 user network) is to block off hotmail, yahoo mail, etc. The company I used to work at had more than one thousand people on the corporate network and most of them weren't very smart about how to be safe when using computers. (And because of corporate policy we were forced to use Outlook + MSIE, which is not exactly safe either.)

When your network gets sufficiently big, you WILL have lamers that will infect the whole place from infections they got through hotmail. It doesn't matter how good your filtering is in that case.

When the corporate IT people finally closed off the popular webmail providers, we went from one unleashed virus every 2 weeks to one every 4 months.

Too bad for my users!

[bwalling]

I don't do anything to filter out spam. There isn't much spam, though. The only people that actually get spam are those in the IT department who post to newsgroups. I am quite certain that newsgroups are the source of the spam that I get at work. It started within 48 hours of the first time I made the mistake and used my real email address. The problem is that Google archives all of the newsgroup postings, so my email address is forever sitting in an easily harvested place.

My experience

[minesweeper]

Well, when I had a corporate email account about a year ago, I don't recall ever receiving one piece of spam. Granted, maybe this was due to some good filtering at the server level, but I think it's more due to the fact that I never used that email address for business outside of the company. I never used it to buy anything online or sign up for any service, or published it on any website. Also, the address was firstname.lastname@[companyname].com. I'm sure that makes it considerably harder for a spammer just to cycle though alphanumeric string hoping to hit a real address.

Similarly, I currently have an email account with my university, but I use it almost exclusively for academic-related communications, and I've not received one spam email at that address in over a year now. And, I doubt the university has invested much money in spam filters for student email accounts.

Re:big fish

Naaaa... you really think spammers are going to look through their thousands or millions of email addresses and remove the ones they think are for corporations? Not gonna happen.

I get all of my spams on my corporate account. I've had it for 6 years, so there's been time for the spammers to find it. Not to mention the marketing folks sign me up for all sorts of trade shows and I get targeted spams.

I've pointed our IT folks to SpamAssasin (which, coincidentally, was written by one of the former IT guys at my company!) but they won't use it as is because they're afraid there's a chance we could lose a single valid email. So I just run an individual version from DeerSoft in my Outlook client.

Interestingly about 90% of my spams are to an email address which has never even been VALID for me at the company, but when we switched to Exchange they entered about 40 different email addresses for me consisting of all sorts of permutations of my name and initials and lots of THOSE get spam. I need to configure my spam blocker to block the one offending recipient... gotta remember next time I'm in the office.

Re:No problem at work for me.

[TheRealFixer]

Hotmail is notoriously bad about spam. Their filters are easily the worst, and the "Junk Mail" folder only seems to catch a small fraction of the incoming spam, while filing away a good portion of vaild incoming messages. They also seem to have no protection against email bombing. I had a lame spammer mail bomb me overnight with a few hundred duplicates advertising NEW LOW MORGTAGE RATES, and Hotmail kindly managed to place the messages in the Junk Mail folder... and then disabled my account for going over the mailbox limit. And this happened three seperate times, over the course of a couple weeks, once when I was on vacation, and I missed who knows how many valid emails when I returned.

I ditched Hotmail shortly after that.

I wonder if the filters that are used by corporate America could be used by Hotmail, actually I wonder why they are not.

Because Microsoft caters to internet advertising companies. Internet Explorer alone can tell you that. I wouldn't be surprised if MS left Hotmail open to spam on purpose, while pocketing a few extra bucks from spam kings.

Re:how do they get hotmail addresses?

[Student_Tech]

I perfer yahoo's "This is spam" thing for reporting it is spam. Although in my hotmail I have filters for cathing the emails with addresses ending in .phd, .now, .you, and the ones like that. (Heck, I even added those to the filters to my primary yahoo account).
I agree though, I get spam on the hotmail, although I have only given to a few friends(7) and never used it any where else, total email from friends is like 1 msg/month or less, because most send it to my yahoo account. Now yahoo, I have an account that I haven't really used that my friends now and it gets no spam messages.

Course right now biggest problem with hotmail is that I can't use my unaltered last name with it, "Glasscock", tells me to use a different one or something... ("Glassc0ck" works but it bugs me that their filter on words won't let me use it unaltered. Anybody else with real names that hotmail doesn't like?)

Re:I Disagree.

[Pfhreakaz0id]

the best reason to use Outlook/exchange is to send an email to vote where to go to lunch (and view the voting results).

Easier fix

[0x0d0a]

with an HTML enabled mail reader, sometimes the first thing they saw was some pornographic picture.

The obvious solution would be to not use an HTML "enabled" mail reader...

Re:It's still a problem.

[Galahad2]

Oops... itchy "submit" finger. The fact that every individual employee doesn't have to battle spam doesn't mean that its not a problem for business. It only means that the company has hired a $70,000/year person whose entire job is to stop spam. Or bought a ten thousand dollar program that must be constantly monitored.

Re:Is it really the filters?

[gibbo2]

I think you're right, because I also get very little spam through my work account (I could count the number of spam for this whole year on one hand). But its not because it gets filtered, we only recently implemented spam filtering on the mail server.

Anyway, I was shocked when I found out how much spam my co-workers get... I guess they are a lot less careful where they make their address public. However, one time we were setting up new employee's machine and before he'd even enabled and checked his mail for the first time, he had several dozen spam emails in his account! And he didn't have an easy-to-guess name. I have no idea how they got that address...

Re:I Disagree.

[Xenna]

Qmail has the handy feature that any user can define his own sub mail adresses.

So, if my mail address would be xenna@xenna.com, I could give out the address xenna-netop@xenna.com which would land in my mailbox (unless filtered).

So Qmail saves you from getting your own domain in order to accomplish this...

Regards,
Xenna

Re:losing legit email because of spam filtering s/

[nzhavok]

That is how the spam war will end: The spammers will become sophisticated enough that no matter what we do, any filter we try to use will result in too many false positives (falsely labelled "spam") to be of any use

At this point people will most probably switch to whitelists or somesort, however I had a horrible thought once when thinking about this.

<horrible_thought>

Another approach other than a whitelist is to include a signature like PGP in the email. This could be placed in the headers of the mail and attached by the mail client. Mail servers could have an option to check these signatures automatically, or the signature can be checked by the recieving mail client at the expense of a bit more bandwidth. Once the clients can transparently sign and verify messages this means that a user can choose to only to accept signed messages (i.e. I don't add you to a whitelist but you need a valid key). These keys need to be managed by some central authority which revokes keys if they are found to be used by spam, therefy causing all the messages sent to be useless.

My horrible thought is that MS is in the best position to offer this becasue of the Outlook/Hotmail dominance. They would call it their spam inititive and ship all updates to outlook with this feature, the next update when the feature is widespread would auto-enable the feature. This would block out most mail to and from non MS agents in the name of fighting SPAM.

</horrible_thought>