Slashdot Mirror
AOL Cans 1 billion Spams In One Day
linuxwrangler writes "AOL announced today that its spam filters hit the 1 billion reject mark for a 24 hour period. This is an average of 28 rejects per day per member. In addition, AOL spam engineers say they receive 5.5 million spam submissions each day from AOL users. Other reports here(1) and here(2)."
28 per subcriber per day caught.
Only leaves 103 apeice...
TODO: Something witty here...
...only 15 originated outside of AOHell in the first place.
Are they responsible for creating the spam, or stopping it?
If you get an error, type "OVERRIDE" or "SECURITY OVERRIDE" and then try the optimize command again.
...how much of that was outgoing? i.e, how much did AOL users themselves generate? Probably more than they want to let on...
We recently had heard in the office over one of the Yellow Machine that's made by Anthology Solutions.
And how many got through?
As an Internet user, it's my God given right to read... oh... wait...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Well, maybe they are, but that's not what's reported in the article.
AOL users are reporting 5.5 million spam messages a day to customer service.
we all know that AOL spams people and is spammed. Im not surprised its this high, afterall spammers deserve spam.
I can see it now:
*bing*You got mail!
"You have 10 new messages"
"You have 293 rejected messages"
...I'll procrastinate tomorrow...
To measure the LEGIT email going through AOL?
I had a sucky sig.
How do you apply for a job like that? And why was it I immediately thought of that putrid spam in a can when I read that.. Ugg...
every other letter i write to my mom gets rejected. if i am not allowed to spam my mom, who else should be????
"You never want a serious crisis to go to waste." - Rahm Emanuel
And it is under the most correct section: Your Rights Online.
Today 1 billion voices were silenced. This is not some make believe movie where Alderan gets blown up. It is about the actual usurpation of the Freedom of Speech.
AOL has taken it upon themselves to decide for their users what is appropriate speech and what is not. That is sad. If you think Microsoft is taking away your freedoms because they own 90%+ in the OS market it is time to recheck your bad guys. AOL has just proven itself to be an enemy to Free Speech. That is a much more grave violation of your rights online than anything Microsoft has ever done.
The laughable part of all this is that AOL is the biggest real-world spammer with their tons and tons of CDs that have to be dumped into landfills every year.
Fuck you AOL for making yourself judge, jury, and executioner of the First Amendment.
I have been pwned because my
yes, big difference between whats actually going on and whats being reported..
and i'd imagine that the amount that AOL users are sending out is much higher than 5.5million.!
This may not be the crowd that wants to hear this, but some radical changes need to be made in the email protocol to minimize the amount of spam that users deal with these days. Bottom line is that the goal should be for email communications to be as trustworthy as phone calls - sure, there are some telemarketers and crank callers out there, but if the noise level from your phone was as high as in your email, there would be marches on Washington to demand a solution.
I would think the most likely candidate would be to build-in verification of the sender, and bring about the end of anonymous email. That's sure to raise the hackles of many here, but so far, nothing's working.
Stop by my site where I write about ERP systems & more
But how do I block the 1 billion AOL CD's I get each year?
The following statement is false.
The previous statement is true.
Welcome to my world.
In the AOL "Mail Center" there is an option to "Allow ALL mail". I take it this doesn't work, or that AOL should change it to "Allow all mail that we decide to let through..." ?
I dont think we should worry about AOL users not being able to send e-mails. Infact I think AOL are doing us a favour.
... I really did want to know how to please my partner with a bigger... Damn you for foiling my plans, Steve Case! \
Oh wait... you're not even there to blame anymore! Blast!
"PC Load Letter? What the $@#% does that mean?!"
If this is true, can you imagine how much bandwidth and disk space is wasted by spam. I'd be willing to bet that the money lost to spam exceeds the money lost to pirate software and mp3's combined.
The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
Yeah, I get 20+ penis enlargement spam per day.
But what puzzles me is how they know I have a
small penis?
I'm on a mailing list and our AOL-based members frequently post "did the list die? I haven't gotten any email in the last couple days". AOL doesn't even reject the messages, they just get blackholed. Someone in the bowels of AOL's mailservers is a cache of tens of thousands of messages about pickup trucks.
Our listmaster has been around and around in circles with AOL on it several times. It's almost not worth fighting anymore. Use AOL, accept the fact that email you want will not always get to you.
... AOL could do something right for once and put an end to world hunger. It's funny because it's stupid.
"Programming is like sex - one mistake and you'll have to support it for the rest of your life."
Does this mean I'm gonna get screwed on my mortgage and have to settle for an average sized penis?
... we were allowed to physically punch a spammer for each piece of spam we get (remember that line up of people in the movie Airplane waiting to smack some sense into the panicky woman? ;) )
Well, a guy can dream, can't he?
Fuzzy Knights: New RPG Strips Tuesday and Friday!:
http://www.fuzzyknights.com
Now my penis enlagrement products won't be drowned out by useless spam.
The poster got the figures wrong. Since AOL's user base has been declining, that leaves them with 10 users, meaning 100,000,000 spam emails a day. That seems about right...
It would be interesting to see the code behind AOL's spam filters. What do they consider spam? Does the email have to contain a certain percentage of capitalized letters, come from a certain user/address, have lots of embedded images etc?
If the filter is anything like the filters in use in public schools and library networks, then it would be a fair guess that quite a few legit emails were blocked by the filters. It seems like writting an intelligent filter is pretty hard.
find / -name "*.sig" | xargs rm
Those users of AOL can always sign up for a web mail account from one of the thousands available. Lycosmail.com does a great job of filtering (or else I have managed to not give away my address to a spammer) because in the last week I have gotten 0 spams.
There are many others. Donate $10 to some orginization / charity that has a free web mail account with membership. Many don't even require you to donate to get the account!
robi
I just totaled up the logs for the spam graph I keep for our mail server. In maybe a year and a half, we've caught approx. 1.6 million spams. I thought we were doing well.
But Jesus Christ! Who here wants to start a pool? We'll bet on how long it'll take before AOL has stopped a googol of spam, total. I bet two and a half years; three tops.
Carousel is a lie!
So thats why I haven't received any email today!
I'd rather be a conservative nutjob than a liberal with no nuts and no job.
Don't exaggerate.
When you compare spam-blocking with Nazi atrocities, you're belittling the horror that Nazi victims experienced.
Many of those Communists, Jews, trade unionists, Catholics were often killed in all manner of horrific ways.
By contrast, AOL isn't killing anybody. If AOL blocks spam, somebody looses some money, and an AOL user gains some time, money & sanity.
There can be no fair comparison of these two activities.
"Can of worms? The can is open... the worms are everywhere."
Did they stop the MEXIcan, AFRIcan, or AMERIcan originated spam?
I recognize that much of the spam is originating from South Korea. I know I'm posting anonymous, yet I must volunteer that I receive 50 peices of SPAM eMail each day the server's mailbox is not checked. I don't run Spam-blocking software because I fear somthing will be accidently incorrectly profiled and deleted, such as a legal revision to the PayPal user-agreement, etc. Some of the eMail I receive is not spam, yet may *appear* as being spam and this is what I fear.
All-in-All, everyone thinks I'm a man with yellow teeth, needs to re-finance my house-of-four-weels, needs to check my credit, is suspicious of my wife perhaps because I am not using Viagra, I'm balding, and helps anonymous niggers from Africa to move 20 million dollars into a United States bank.
Rob Malda still can't figure out how to configure spam assassin.
They came for the spammers, but I wasn't a spammer so I didn't speak up.
Then they came for the t-shirt wearers, but I didn't wear those t-shirts so I didn't speak up.
3. ???
4. Loss of rights!!!
I have been pwned because my
I assume a portion of this spam was for people who are signed up for AOL. If this is correct, why don't ISPs (especially big ones) put hefty fines on users that they catch abusing their TOS?
Way to go AOL.
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
I don't get a whole lot of spam daily, nothing to get terribly upset about. Bandwidth usage for the amount of spam I get on my private server would be relatively trivial.
But what kind of bandwidth would 1 billion spam messages take up? And system resources to process all that excess mail? I bet AOL spends a small fortune on spam - they gotta pay those "SPAM" engineers too.
I hear people complain about spam, but I generally think to myself "yeah yeah." But 1 billion freakin messages is nuts.
-kidlinux.
...is onslaught
Let's admit it. Spam is becoming like rain on the roof. Everyone I know has just whitelisted for email. Yes, you have freedom of speech. But I am free to ignore you....
I'm kind of torn on this issue. On the one hand, I hate spam and those who allow it to proliferate. On the other hand, I abhor censorship in any form. I wouldn't have an issue with this at all if AOL simply provided its users with the *tools* to eliminate their own spam if they choose to do so. My problem with this is that AOL itself is deciding to filter its members' email, and making the determination itself as to what is and is not "spam". That's a reckless step down a slippery slope, in my opinion.
Are the members able to elect not to have there mail filtered? I myself would not want my mail filtered. I feel spam filters in place by ISP can cause lost mail and to me is a sense of censorship.
If AOL wants a strong anti-spam law passed so spammers can more easily have criminal charges or civil lawsuits brought against them, they ought to consider completely stopping the filtering so their customers get overwhelmed with junk e-mail. When the customers complain, AOL then tells the customer to contact their congressperson and complain about it and demand something be done.
I happen to believe in the sanctity of the Freedom of Speech. I do not subscribe to your concept of corporate control of rights.
I don't know where this idea comes from that just because you are a business it means that you can do whatever you want, including infringing upon rights guaranteed by the government.
This is a sad double standard being applied to "unwanted" emails. The KKK and the NOI can publicly advertise their unwanted speech because the First Amendment protects them. They cannot be barred from advertising in newspapers, they cannot be barred from advertising on billboards, and they cannot be barred from posting in open forums. But spammers don't have these rights?
You better think about that position a little.
I have been pwned because my
I would guess that deleting spam is about as expensive as transmitting it for an ISP. that is the processor intensive task of scoring and removing a spam probably is a wash with the processor light task of tranmitting and storing it. Now for the sake of argument lets just guess a wild number for the cost of filtering or passing along a spam. lets say 0.001 dollars.
if that were true then a billion spam deleted would cost AOL 1million dollars per day (plus the ones that got through). that would be a third of a billion dollars a year. THat seems way to high. So it must be less. SO maybe its 0.000001 cents?? that would come to a third of a million dollars a year.
My guess is that the latter is probably a good guess. why? well how many engineers has AOL assigned to the de spamination? perhaps a third of a million dollars worth every year? it would of course not make sense to spend more on de spamination than the harm it costs.
so anyhow assuming this wild guessing is within an order of magnitude then the proper charge to fine a spammer would be some multiple of 0.000001 dollars per spam sent. which is not an awful lot.
so is spam really that costly to ISPs??? Maybe not
Some drink at the fountain of knowledge. Others just gargle.
to aol engineers 5.5 million emails start to feel like spam when it shows up in their mail boxes
A Good Troll is better than a Bad Human.
You're right:
National Do Not Call List
I do agree, though, that the email protocols could use serious fixing.
Wow, it works great, I only got 24 junkmail emails in my AOL mail box today!!
(seriously.....)
Oh, please...half? Who's side are you on?
10 per day total....4 filtered as spam....2 filtered wrong, leaving you with 8 per day legitimate? You only get 2 real spams per day per 10 mails? I have three accounts, and my numbers are the opposite from yours, and I think I', closer to the norm. I simply cannot recall a time when a legitimate mail was flagged as spam by my filters (PS X Mail for the last 1.5 yrs.)
You bet it is hard! It is writing an AI agent to live on your server and interact with messages generated by humans (indirectly).
When you can write a filter that will only delete all spam and let 100% of the legit mail through, then you have either created an all knowing program, God, or you have the knowledge of the origin of all communication and the intention of the sender, God.
It can't be done.
robi
Seriously, now... I always click on the Microsoft ads and then hit the back button once their page finishes loading. It creates extra loads on their web servers. It probably costs them something. It makes them think that people are actually interested in their shit (as opposed to the realistic fact that people only use their shit because they're forced to), etc. And I'm sure that the good guys, like the folks at OSDN, benefit from people like me clicking on Microsoft's stupid ads.
1 billion - 5.5 million = 15
"There's no reason AOL can't censor you, and there's nothing to stop the Slashdot mods putting you to -1"
So I finally used that little grey orb for "friend, foe, neutral". I wonder if it can help filter out dribble? I am liking that system.
robi
I hear they were former Hormel employees.
You'll be screwed with a Bigger Penis! on your mortgage, and won't be able to Get out of debt!
There is less first amendment protection for commercial speech.
Even if it protected, you have no right to use my bandwidth, my disk space, my processing power, and to tresspass on my machines to advertise to me.
Fight Spammers!
23 February: 1095 spams, 7,821,318 bytes
How? Christ almighty, I probably get like 6 a day (that's *before* filtering). And my username is four letters long. And our mailserver at school got rooted (and someone stole the list). On the mailserver I run, I have *never* received a piece of spam (over a year).
Do you have your real email address up on a web page w/o obfuscation? What's going on here? Because spam seems to be a much greater problem for some people than others. I still don't like it, but it must suck to be you.
btw, how many false negatives/positives do you get?
-Looking for a job as a materials chemist or multivariat
I use the mail program Apple provides with a Mac. It has a training button to label Junk Mail. So, over time, the computer learns what you consider legitimate mail vs. junk mail. The Mail aplication color codes the difference in your in box untill it goes over a month w/o mistakenly labeling legit mail to be junk. Then it asks you if you would like to send spam to the Junk folder. Only twice has my mail program been wrong since the end of training mode. Both were FWDed joke w/pictures emails sent to a massive list of reciepents. Nothing I would truly miss. If the AOL filter is anything similar it is a pretty solid technology. IMHO
Back when Blue Mountain Greeting Cards was a multi-zillion-dollar dotcom, my wife coined the term "Mommy-spam" for the cutesy stuff her mom would send from her AOL account....
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
*shaking head*
psxndc
The emacs religion: to be saved, control excess.
I'm not sure what the problem is, but I just discovered this evening that all mail from my Time Warner/Roadrunner account is being bounced by AOL. Gives me some truncated error message, so I don't even know what the problem is.
Cute. :-/
Your Servant, B. Baggins
I would expect such blatant racism on Fark, but on Slashdot? Mods please ban this asshole.
after your mailserver has sent to $N @aol.com addresses, they begin to silently drop further emails for some period of time. When your subscribers are (to put it most chairitably) not extremely computer literate; your only option might be to feed your aol subscribers as a separate job, sending many more copies of the same email over the wire than would be necessary otherwise.
Apparently AOL users can set up their accounts to reject ALL email originating outside AOL (as if the rest of the internet were worse SPAMmers than AOL folks). Amazingly, this setting is turned on on some accounts (many, I suspect) without them even knowing it. I run a webserver for a few businesses, and we get LOTS of mail bounced back from AOL account for this reason. It's a real pain when, for example, an AOL customer is trying to sign up on our site, and their account activation key gets bounced back to us because of this stupid setting. I bet they're counting all these messages in their total.
Convert RSS to HTML - integrate webfeeds into your website
spam spam spam spam spam spam spam spam baked beans spam spam spam..
but i dont like spam!
At least the war on the environment is going well
As of this moment, AOL is rejecting everything from (my local) RoadRunner mail server (nycsmtp2out.rdc-nyc.rr.com). It's pretty easy to stop that many messages when you're blocking all mail from one of the biggest ISPs in the country.
Good: ISPs are finally recognizing people hate spam and using it as a marketing tactic.
Bad: ISPs still are clueless. Filtering will never be effective. Until mail relay hijacking is globally criminalized and aggressively prosecuted, nobody will ever see any substantive reduction in spam.
I remember some survey from years ago that asked "if you could press a button and someone on the other side of the World would die, but you'd recieve 1,000,000 dollars, would you do it?". I'm now wondering, if you could press a button, and a spammer, somewhere would die - would YOU do it? Scary as it seems to me, I'd probably say "yes"...
Code, Hardware, stuff like that.
Bill - Hey Bill - are you there? One of those was for you - but it got blocked. Anyway, call me OK?
(Had to be said)
Because I just added @aol.com to my blocked senders list in the bluebottle.com anti-spam system that is protecting my account.
Occasionally I review the ones that are "pending verification" to see if there are any valid machine sent mails that cannot be authenticated because noone is reading the authentication challenges.
And I just got sick of seeing the @aol.com addresses there. I know noone who uses aol.com anyway - and if I did, I'd need to have a chat with them about changing ISPs.
FWIW (not much I guess)...
ISO certified == THX certified
You must be joking. I haven't answered my phone in years. I only call back after someone left a message on the answering machine, since the majority of calls are call centre spam.
Good for AOL and their subscribers. But I think I have a simpler way to block a billion spam messages/day: just go to Alan Ralsky's house and cut all his datalines?
My provider is of the opinion that email is a luxury--they provide it but make no guarantees--and it shows. I'd switch but they are the only ISP that can provide me with broadband.
I run an email server for my private needs. It is not an open relay and I do not spam but there is one RBL that has decided that any mail coming directly from the user IP address space of my provider is suspicious. I've never had a problem but my fiance, Kim, has run into a few servers that bounce her emails.
If you've guessed that AOL is now blocking mail from my server then you guessed correct. Kim doesn't have many contacts on AOL and they don't get much mail from her but she discovered, within the last week, that mail to any of these contacts bounces back.
So AOL's solution to block spam is to use RBL's--the message specifically mentions the familiar RBL that blocks my address range. I understand that the RBL's are in a difficult situation because their task is monumentally difficult but at least one has chosen an easy way out. I've long considered this RBL to be practicing bad netizenship and I now feel justified because their services are being utilitized by the provider who has been historically associated with bad netizens.
* ^From:[ ]*[a-z0-9_]+@aol\.com$
:0c:formail.lock /' > return.tmp
:0:formail.lock /usr/sbin/sendmail -t
#
* ! ^X-Loop:.*mydomain
* ^TO_me@mydomain\.com
#
{
# Make a temporary file of the message to be returned
# Discard whitespaces, insert a leading blank
| expand | sed -e 's/[ ]*$//g' | sed -e 's/^/
# Prepare and send the rejection
| (formail -r -I"Subject: Rejected mail: Recipient refusal" \
-A"X-Loop: rejected-mail@mydomain.com" ; \
echo "Sorry, but your e-mail was rejected because the From: header" ; \
echo "didn't seem to include your real name. This is an automated" ; \
echo "message; replying to it won't work." ; \
echo "--- begin rejected mail ---" ; \
cat return.tmp ; \
echo "--- end rejected mail ---" ; \
rm -f return.tmp) \
|
}
Find free books.
I work for a major computer hardware makers and offen when we email software patches to aol adress the mailes get eaten! Happens alot on hotmail as well. and no we don't spam.
Late last night I thought of a very simple method of of thwarting automatic internet page scanners, such as e-mail-address finding spam-bots. We take a font set (Times New Roman, Arial, etc.) and scramble the associated symbols to the binary characters. So pressing "a b c d e f" on the keyboard would produce symbols like this ". Of course the binary code still says "a b c d e f" and all anyone would need to do is view the letters under another font to see what it says. However, here is the genious of my idea: we create a simple java program that will do the scrambling and keep a log file so that if you press "a" (01000001) on the keyboard the java program will input the symbol "a" as well BUT, it will be with the scrambled font set so the binary will be 00100101 (or something) so any automatic program crawling through the Internet will see a random bunch of ascii/html characters completely unrecognizable as an email address.
Of course anyone with the intelligence of a slug will realize this boils down to simple(-st) substitution encryption. And I would not trust this to encrypting my grocery list, however automatic Internet bots generally do not have built in decryption algorithms. If we use the java program to write or convert texts to the scrambled character-maps and then put that text on web pages web-bots will be helpless. We do not have to do this for whole web pages, this could just be done for the Email address text of the web page and then we leave a message next to it "to see the email address please download this font file". Anyone wanting to send you an email can spare the extra 5 seconds to download the font file and then type the email address the will then see (copy and paste will not work of course) in manually to their email program. So unless web-bots are able to automatically download associated fonts to web pages, then visually, recognize the text they will not be able to collect email addresses.
If we were to do this for entire web pages then this could be used as a method to make copying copyrighted material more difficult. Whenever a web-surfer were to visit a page the page could be set to automatically load the scrambled font set so the scrambled text would appear normal, because the displayed symbols would make up regular words. The process would be completely invisible to the end users/viewers. Any automatic scans of the web pages (programs, not people) would show gobbledygook, unless they have built in visual-text-recognition. This would not stop any even mildly determined person, naturally, but it would prevent prevent the casual 'ctrl-c, ctrl-v, ctrl-p'-er.
I am not a programmer so I am not making up this program, but anyone else could if you wanted to. So what do you think?
Literally. I simply cannot belive your numbers. They are far away from the worst I have ever seen by at least a power of 3. (and I post with my real address on usenet!)
If this really does happen to you, I am sorry, but this just doesn't seem realistic.
it is not funny enough
"In addition, AOL *spam engineers* say they receive 5.5 million spam submissions each day"
Do you suppose they get to put "Spam Engineer" on their resume?
My personal record is 237,000 pieces blocked at the MTA level in a week. We had around 2800 users at that time. That's 12 per user per day, 84 per week. It was a very very busy week for our mail server. I blocked them with a combo of DNSBLs and my personal domain/netblock list of spammers and pro-spam ISPs like Broadwing. Very effective.
All captured spam is sent to a giant warehouse in Arizona for processing. There, through amazing manipulation by ex-Netscape engineers, the messages are turned in AOL free demo CDs -- it takes about 15 messages to make a single one-billion-hours-free CD -- and then shipped for distribution to all 50 states and overseas. Thus, each piece of spam is repurposed and recycled. They try not lot a single go to waste, but quite obviously, they can hardly keep up.
Spam... the ultimate denial of service attack!
If you want to get rid of spam, do this:
1. Create a "secret" email account from a reputable provider. Make it unguessable. Add some digits or weird long strings. Don't give it to anyone.
2.Go to spamgourmet.com and create an account. It's free and open source. In the "forward emails to" field, enter your secret email.
3. Give spamgourmet addresses to your friends. If your account name is Joe6Pack, give your pal Jack Daniels an address Jack.Daniels.Joe6Pack at spamgourmet dot com. To greatdeal.com, give greatdeal.com.Joe6Pack at spamgourmet dot com. This way you know who has what address. Those spamgourmet addresses are disposable.
All the emails sent to your various spamgourmet addresses are forwarded to your secret account.
4. If Jack, who is a friggin' idiot running XP and Outlook, gets yet another Kletz-like virus, the content of his Outlook address book will be compromized and all these addresses harvested by spammers. Just go to spamgourmet.com and disable the compromized address. Tell Jack he's a fool. Give him another disposable address if needed... Until next time.
If greatdeal.com turns out to be a spammer, just disable their address.
5. After a couple of months, disable your old email accounts, the ones that are spammed to death right now.
6. No more spam. Or if you get spam, just disable the spammed address and report the spammer to spamhaus.org. You'll never be spammed more than once.
Works for me.
--
Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/
...why everyone has such a big problem with spam.
i have a personal email address that gets absolutely no spam, except for the crap that my family sends me. then i have 3 other emails addresses that are used for things such as my webpage, signing up for stuff, and for posting places.
i don't give a damn if those three addresses get spammed because it falls on blind eyes. so why waste the time dealing with spam when you can just get a new email addy? is this just a matter of laziness or masochism?
IMAGE VERIFICATION IS EVIL!
Geez I did not know that AOL's subscriber base was that large . . .although I prefer calling them "myopic pond scum" myself . . ."rejects" is too nondescript
Isn't canning part of the process of making SPAM(tm)?
The shareholder is always right.
Thus assuming they are somewhat effective, then its possible to estimate the cost of spam based on the outlay AOL is willing to make to prevent it.
all of the guesswork is order of magnitude, not exact. But it presumably lands in the ballpark of what spam costs AOL. It's a clever way of making an estimate that does not rely on AOL's exagetated claims, but instead just looks at what they are willing to pay to get rid of it. this includes both direct costs and good-will costs.
your list of costs is thus entirely included in this estimate by default.
Yeah, most of it was spam. AOL makes it so trivial to harvest AOL email addresses that they're a major target. But a chunk of the mail randomly thrown away wasn't spam. It was email people had asked for that was discarded by faulty spam filters.
you claim:
(harm done by spam) much greater than (cost of engineers to despam) + (cost of bandwidth to receive spam) + (cost of processing power to score and delete spam)
assume this is true. assume also that 1 unit cost of increaced engneers (or processing power) results in X units of reduction in the cost of spam.
then if X greater than 1 then AOL saves money by hiring more engineers increacing its processing power to reject spam.
therefore it will tend to be that market forces will make this equation a near equality within an order of magnitude.
thus one can logically assume that AOL's de-spamination costs are on the same order as the direct cost of spam and the consequences of spam (loss of customers) combined.
economics 101. class dismissed!
Let see here....
if we have 1 billion spams per day, at roughly 5kb per message, this equals to almost 5TB of wasted bandwidth. This is only what is caught. Now with this we can start estimating the costs per day for dealing with spam.
Lets consider bandwidth cost $1 per GB, AOL being as large as they are may be able to make that less. At that cost it is $5000 per day. This does not include the cost for extra equiptment to deal with the extra bandwidth, for people to write anti-spam software, etc. i'm going to estimate that it cost AOL over $10000 per day because of spam. or over 3.5 million in one year.
In America we are imprisoned by our fear of them.
Whoever modded parent up as 'informative' is as funny as the poster.
if 40% percent of all my phone calls were telemarketing, I would quit using phones too.
rehab, captain ahab, you're chasing the wrong fish!
seeing as their olden days policies are a good reason for the amount of spam.
My Honeypot at home has consumed 40.000 mails the last 8 hours, all for aol.com.
And I just had my honeypot for 2 weeks, and never announced it.
I recently subscribed to AOHell - 45 free days, I'm a poor college student with no broadband unless I cough up a 100 bucks a month - anyway in the first 12 hours with aol I recieve 20 messages all from "customer service" telling me how to better use my account...
I cannot send email to AOL users from my self-hosted email server. Good thing I dont usually talk to anyone who uses AOL :*)
-Bone
Well, I was dumb. I figured that in order to "prove" that unsolicited email was unsolicited, I had to have some proof [google.com] of how the spammer got my email address, and that I had a clear disclaimer
That's just nuts !! Imagine if the same rule applied to rapes and burglary .. The *victim* would have to prove that he didn't somehow ask for the thing to happen ?
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
"Frea speach" a common term used to refer to a spammer's claim of free speech giving them the right to spam.
It is intentionally misspelled to distinguish their version from actual free speech rights.
As the owner of a small hosting company, I can assure you that spam costs us money.
Money for bandwidth.
Money to pay an employee to research blocking it so that it doesn't take up as much bandwidth.
Money to explain to the clueless end user that the spam didn't originate from our systems.
Maybe it doesn't hurt the big boys, but for all the "mom and pop" ISPs, there are REAL consequences.
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
If I'm not mistaken, I think that AOL blocked all incoming emails from Telia (*@telia.*) or something for a week because they thought that Telia spammed to much or something..
Not sure if it was AOL though
Wish I could remember where I heard that. Searched google for it, and found this,
So I still don't know who wrote it, but at least I got a good laugh re-reading the whole piece.- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
what do you do with freaks like me ?
Siggy Say, Siggy Do
god bless the spammers SPAM engineers ? how cool is that ? Algorithms to filter out spam , tracking systems, ipblocks. they are creating job opportunities here. They are doing what dubya cant do.
Siggy Say, Siggy Do
I live in China, all email sent to an AOL address is blocked as SPAM.
Email from China = SPAM
Straying a bit offtopic, but I suffer way more from being sent email viruses than I ever have from spam. I might see 1 spam (maybe 1k - 20k bytes) every couple of days, whereas I get anything from 20 to 100 copies of Klez or Yaha, at 45k - 188k bytes each per day.
AFAICT, all those came from the fact that I made the mistake of listing my real email address when I uploaded a Winamp skin. It was up for less than a week in December, and I'm still getting viruses now. The hotmail one I put up to replace it (only ever used for that Winamp skin) gets a similar level.
Registering accounts later than some other chrisb since 1997
I am AOL user since 1992 and I never lost any messages; except when I (twice actually) did not pay attention setting the exlusion filters.
What AOL really needs to do is:
1) allow more than 100 entries in the exlusion list (500 would be more reasonable)
2) perform more checking that the email header is really correct (reverse DNS etc). How can it be that spam is injected into the AOL gateway when clearly the FROM address is bogus?
I receive about 500 spam mails per month into my account; 20 real messages. More than 20 juk mails for every real message. I spend way too much time clicking the DELETE button!
At the ISP level it should be pretty easy. The same spam is going to reach a large number of people. I mean, even if the content of a spam message has never been seen before, the fact that the exact same message is being sent to a few thousand users simultaneously should be enough to trigger the filters.
There is a problem with 'simultaneously' of course. It would be required to tracking the document distances between
all recently received emails, form clusters and discard the biggest clusters... can be pretty hairy computationally.
I miss my rubber keyboard.(Homepage)
Subject: [Slashdot] Metamoderation Results
From: slashdot@slashdot.org
To: xxxx@xxxxxxx.xxx
<snip>
Some of your past moderations have been meta-moderated by other Slashdot readers. Here are the exciting results:
<snip>
You have received this message because you subscribed to it on Slashdot.
<snip>
SPAM: Spamnix identified this message as spam. This report shows which
SPAM: rules matched the message and how many points each rule contributed.
SPAM:
SPAM: Content analysis details: (6.7 hits, 4 required)
SPAM: NO_REAL_NAME (0.5 points) From: does not include a real name
SPAM: CLICK_BELOW (1.5 points) BODY: Asks you to click below
SPAM: EXCUSE_1 (2.3 points) BODY: Gives a lame excuse about why you were sent this SPAM
SPAM: FREQ_SPAM_PHRASE (2.4 points) Contains phrases frequently found in spam
SPAM: [score: 10, hits: click here, help you, received]
SPAM: [this, thank you, this message, you]
SPAM: [for]
---
When I grow up, I want to be a kid again.
Lameness filter encountered. Post aborted! Reason: Please use fewer 'junk' characters.
Slashdot think it's own email is junk :)
---
When I grow up, I want to be a kid again.
Are these metrics from AOL supposed to impress us? The only measure that matters from the user's perspective is the amount SPAM that gets through. The only target goal that matters is "Zero Defects." If vendor YYY does a better job of eliminating SPAM from my mail box than vendor XXX, I will go with Vendor YYY. It does'nt matter to me how hard XXX is working.
Work smarter not harder
Use your head, can't you, use your head,
You're on earth, there's no cure for that - S. Beckett
One encouraging factoid: The rate of spam volume growth, at least for my little cesspool, seems to be slowing, at least as compared to what I saw during the last half of 2002. I don't know whether this is a real slowing, or just more filtering going on upstream from me, however....
Don't get too excited. I've been tracking since mid-2001. Traffic grows faster in the second half of the year. Must be the Christmas effect.
People who disagree with you are not automatically evil, greedy, or stupid.
Spam became a huge problem here roughly a year ago, and it started taking up too much employee time. So roughly six months ago, we started using Spam Assassin. In that six months, Spam assassin has caught roughly 90% of the spam we get, totalling well over 500,000 spam mails.
Am I crazy, or is 1/2 million spams for only 7 people in less than six months absolutely insane or what? How can anyone argue that these spammers are running legitamite businesses?
I think it's high-time for some legis-fuckin-lation to curb this insanity :)
Sticking feathers up your butt does not make you a chicken - Tyler Durden
Because the spammers cancle the account after one use and find ways not to pay fines.
Part of that is the down side of instant sign up. Spammer gets an account, sends out a billion e-mails, abandons the account and puts a block on the credit card he used.
I think the ISPs should do a few more checks. A reverse phone number look up. Verify the CC billing address matches. If there is anything suspicious, have them fax in a signed acceptance of the TOS, then fax back their password. This whole process could still be fairly "instant".
You could also limit new users to 10 e-mails a day or something for a probationary period.
Having to prepay a few months would also increase the pain of "SPAM and Run".
Much like alcohol;
AOL - both the problem
and the solution.
Karma: pi (Mostly due to circular reasoning in posts).
If I advertise a silly product to 50 million email addresses, how likely am I to get customers?
And why aren't they immediately canceling the accounts of every AOL user who sends out spam?
One billion pieces of spam is about how much crap aohell cd's are mass mailed out to every Joe, Dick and Harry.
If anyone should be blocked, it should be aol themselves.
eTrade SUCKS
According to you do not comply with the RFCs that govern SMTP traffic.
By their definitions, auto-replying to your "postmaster@aol.com" account with machine-generated directions to mail some other address does not satisfy the requirements of RFC2821. And public statements that you will not answer messages sent to "postmaster@aol.com" is a clear violation of RFC2821 in anybody's book.
If AOL can't play by the rules, they should shut down their Internet gateways and go back to being a private service. AOL users are paying good money on the assumption that AOL will try to interface correctly with the rest of the world, rather than inventing their own rules.
I personally maintain the postmaster addresses for the corporate and private Email systems I administer, and I have far fewer staff and far less money than you do. If you can't handle the job, you should close up shop and find another business to be in. Whining about Slashdot bias when you are not following the RFCs just makes you look like a bunch of crybabies.
I realize this is OT, but with no human postmaster how was I supposed to talk to you about this?
Anybody who remains on the RFC-IGNORANT-POSTMASTER listings for as long as you have obviously isn't doing the job right. It's trivial to get off their list -- unless you are both incompetent and obnoxious.
Does she get email from any non-AOL address? If not, tell her to check her settings; she may have auto-reject turned on for non-AOL accounts.
If she doesn't do that, I'd check your domain or ISP's IP against spam registries. The IP and/or IP block may be listed...meaning that AOL and other sites block your other mail too.
...No wonder it's #1!!
The Adult Happy Meal - "I'm lovin' it!"
It's for reasons like this that pushed me to use my own e-mail server. It's not all that tough to either build your block list or use the list from SPEWS. Just for kicks I greped the mail log for "Access" and found tens of thousands of Access Denied statements.
After a while the spammer just stops sending, but of course there are plenty more to take their place.
"I bow to no man" - Riddick
How can AOL complain? The spammers are just
following AOL's lead!
Does anyone else find it fitting that AOL [those responsible for a flood of "XXX FREE HOURS" discs each week in my snail mail, magazines, and breakfast cereal] should suffocate under an avalanche of their own electronic hellspawn?
There is sweet justice after all!
When you hear hoofbeats, think horses, not zebras
Apparently the next level in spamming is to hack accounts and send from there. I acctually had some first hand experience with that as the account my parents use was hacked. I guess thats second hand though isn't it? Oh well, Anyway their account was suspended and they had quite a difficult time getting it back (typical crappy database infrastructure, some had old information some had new information..)
AOL:"Thats not the address in our files sir."
DAD:"Thats where you bill me."
AOL:"Thats not the address in our files sir."
DAD:"..."
Perhaps start filtering the domains from which the spam originates? I mean you are important, no doubt, but are you important enough to be getting email from any gook domain (no offense anybody), any domail with *offers* in it, netscape.net (lousy kokgobblers), or any domain from whom 98% of the emails are crap?
Do that and filter any email with the words 'penis', 'sex', 'larger', 'mortgage', 'free', '(several euphamisms for vagina)', 'webcam', etc... and Voila! you can actually read your email in peace.
Granted it doesn't help much with bandwidth on the outside of the filter, but really - if you get 1000 spam a day what chance does legit email really have of getting read?
Glonoinha the MebiByte Slayer
that button is great, actually. you can tell spam the second you see it and instead of opening it, you click "report spam" and it blocks the address, deletes the spam, and sends a note (with your optional comments) to AOL. It's almost as easy as clicking "delete" so I think that a huge percentage of spam is being reported. One-day totals don't mean a lot because users don't check their email every day, but overall, I'd guess the percentage is very high.
The truth doesn't care what I think.
...I have to wonder how many of them are real.
AOHell seem to ahve rolled out their latest and greates software without bothering to actually give their users any indication of what the fancy new buttons do. As a result, the majority seem to use the 'report as spam' button as a delete key.
Judging from the AOL spam reports that I see, well over 90% are reporting mails that are definately non-spam - like their replacement PIN numbers from banks, holiday bookings, personal correspondance, order confirmations and so on.
While it can be interesting to see what a cross section of AOL subscribers get up to in their free time, it is not the best use of my (or any other abuse handler's) time to read about who is going to do what to whom over the weekend.
Of the remaining 10%, most are due to problems with customers (i.e. misconfigured mail servers etc) which have been sorted before the reports start rolling in, or AOL users reporting SMTP bounce messages as spam(!).
Aargh!
Where they wired up a convincing stooge to fake electrical implants and told test subjects to zap the guy. Most of them did it, even though he was screaming. This was to show that people respect authority (even that of a researcher) more than (apparent) physical suffering. Hence authoritarian regime in %country% works.
But if it is only filtered outgoing, how does stop a spam company from setting up their own ISP and sending from there...
Canned Spam fried with some onions, peppers, and mushrooms is YUMMY! Don't think I could eat 1 billion cans of it a day though!
"This is your life and it's ending one minute at a time."
That's got rid of my spam, now what about everybody else?
Do cans of AOL CDs count as spam? They probably taste better.
I thought for a minute the story was about the new tin packaged AOL CDs... (ya know, just like canned spam)
Those who don't want spam blocked are Free to change to another ISP.
Free? More like coercion. If your local cable monopoly is Time Warner Cable and your phone company has not yet put in DSL, then changing to another ISP will either cost $200,000 (expenses to move to another house) or result in a 10-fold reduction in data transfer rate (switch from broadband to dial-up).
Of course, this is all moot if instead of deleting spam on the spot, AOL moves spam to a holding zone (much like Hotmail and SpamCop do).
Will I retire or break 10K?
OK, CmdrTaco, no reason to get childish...
Actually, that's pretty much how it works for date or acquaintence rape. Random Chance help you if you were wearing a short skirt...
Don't you wish your girlfriend was a geek like me?
Just as a FWIW, I know for a fact that Hotmail regularly blocks over a billion spam messages a day, though exact numbers are slightly tough to compare since Hotmail counts their messages differently than AOL does (1 message to 100 address = 1 message for Hotmail vs. 100 messages for AOL as I understand it). In total, Hotmail gets about 2.3 billion messages a day, of which about 90% are spam. Typically between 50 and 60% of those spams are blocked without ever being delivered.
False positives are rather tough to guess because the vast majority of "false positives" are actually the spammers sending their spam out to their own e-mail address and clicking on a "this is not spam" button.
Ohh, and before anyone spouts out about how all the spam actually comes from AOL or Hotmail, there is actually virtually ZERO spam that really comes from either of these providers. What there is, is a LOT of spam that is send with the From: line listing either Hotmail or AOL (Yahoo, Lycos and Earthlink are other popular addresses). Many of these spams also falsify other headers to try to pretend that the message came through Hotmail or AOL.
dude, server side filters are the way to go. I have an attbi account with Brightmail on the server side, and I've never seen more than 10 spams in my mailbox throughought my whole 3 years of using it.
...my freedom to choose what I listen to begins.
In other words, it's not freedom of speech to force-feed your spam on the rest of the world. Period.