Slashdot Mirror
AOL Cans 1 billion Spams In One Day
linuxwrangler writes "AOL announced today that its spam filters hit the 1 billion reject mark for a 24 hour period. This is an average of 28 rejects per day per member. In addition, AOL spam engineers say they receive 5.5 million spam submissions each day from AOL users. Other reports here(1) and here(2)."
28 per subcriber per day caught.
Only leaves 103 apeice...
TODO: Something witty here...
...only 15 originated outside of AOHell in the first place.
Are they responsible for creating the spam, or stopping it?
If you get an error, type "OVERRIDE" or "SECURITY OVERRIDE" and then try the optimize command again.
...how much of that was outgoing? i.e, how much did AOL users themselves generate? Probably more than they want to let on...
We recently had heard in the office over one of the Yellow Machine that's made by Anthology Solutions.
And how many got through?
Well, maybe they are, but that's not what's reported in the article.
AOL users are reporting 5.5 million spam messages a day to customer service.
I can see it now:
*bing*You got mail!
"You have 10 new messages"
"You have 293 rejected messages"
...I'll procrastinate tomorrow...
To measure the LEGIT email going through AOL?
I had a sucky sig.
How do you apply for a job like that? And why was it I immediately thought of that putrid spam in a can when I read that.. Ugg...
every other letter i write to my mom gets rejected. if i am not allowed to spam my mom, who else should be????
"You never want a serious crisis to go to waste." - Rahm Emanuel
And it is under the most correct section: Your Rights Online.
Today 1 billion voices were silenced. This is not some make believe movie where Alderan gets blown up. It is about the actual usurpation of the Freedom of Speech.
AOL has taken it upon themselves to decide for their users what is appropriate speech and what is not. That is sad. If you think Microsoft is taking away your freedoms because they own 90%+ in the OS market it is time to recheck your bad guys. AOL has just proven itself to be an enemy to Free Speech. That is a much more grave violation of your rights online than anything Microsoft has ever done.
The laughable part of all this is that AOL is the biggest real-world spammer with their tons and tons of CDs that have to be dumped into landfills every year.
Fuck you AOL for making yourself judge, jury, and executioner of the First Amendment.
I have been pwned because my
This may not be the crowd that wants to hear this, but some radical changes need to be made in the email protocol to minimize the amount of spam that users deal with these days. Bottom line is that the goal should be for email communications to be as trustworthy as phone calls - sure, there are some telemarketers and crank callers out there, but if the noise level from your phone was as high as in your email, there would be marches on Washington to demand a solution.
I would think the most likely candidate would be to build-in verification of the sender, and bring about the end of anonymous email. That's sure to raise the hackles of many here, but so far, nothing's working.
Stop by my site where I write about ERP systems & more
But how do I block the 1 billion AOL CD's I get each year?
The following statement is false.
The previous statement is true.
Welcome to my world.
In the AOL "Mail Center" there is an option to "Allow ALL mail". I take it this doesn't work, or that AOL should change it to "Allow all mail that we decide to let through..." ?
... I really did want to know how to please my partner with a bigger... Damn you for foiling my plans, Steve Case! \
Oh wait... you're not even there to blame anymore! Blast!
"PC Load Letter? What the $@#% does that mean?!"
If this is true, can you imagine how much bandwidth and disk space is wasted by spam. I'd be willing to bet that the money lost to spam exceeds the money lost to pirate software and mp3's combined.
The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
Yeah, I get 20+ penis enlargement spam per day.
But what puzzles me is how they know I have a
small penis?
I'm on a mailing list and our AOL-based members frequently post "did the list die? I haven't gotten any email in the last couple days". AOL doesn't even reject the messages, they just get blackholed. Someone in the bowels of AOL's mailservers is a cache of tens of thousands of messages about pickup trucks.
Our listmaster has been around and around in circles with AOL on it several times. It's almost not worth fighting anymore. Use AOL, accept the fact that email you want will not always get to you.
Does this mean I'm gonna get screwed on my mortgage and have to settle for an average sized penis?
... we were allowed to physically punch a spammer for each piece of spam we get (remember that line up of people in the movie Airplane waiting to smack some sense into the panicky woman? ;) )
Well, a guy can dream, can't he?
Fuzzy Knights: New RPG Strips Tuesday and Friday!:
http://www.fuzzyknights.com
Now my penis enlagrement products won't be drowned out by useless spam.
Bah...any rights you have on the Internet were endowed by Al Gore.
It would be interesting to see the code behind AOL's spam filters. What do they consider spam? Does the email have to contain a certain percentage of capitalized letters, come from a certain user/address, have lots of embedded images etc?
If the filter is anything like the filters in use in public schools and library networks, then it would be a fair guess that quite a few legit emails were blocked by the filters. It seems like writting an intelligent filter is pretty hard.
find / -name "*.sig" | xargs rm
I just totaled up the logs for the spam graph I keep for our mail server. In maybe a year and a half, we've caught approx. 1.6 million spams. I thought we were doing well.
But Jesus Christ! Who here wants to start a pool? We'll bet on how long it'll take before AOL has stopped a googol of spam, total. I bet two and a half years; three tops.
Carousel is a lie!
Don't exaggerate.
When you compare spam-blocking with Nazi atrocities, you're belittling the horror that Nazi victims experienced.
Many of those Communists, Jews, trade unionists, Catholics were often killed in all manner of horrific ways.
By contrast, AOL isn't killing anybody. If AOL blocks spam, somebody looses some money, and an AOL user gains some time, money & sanity.
There can be no fair comparison of these two activities.
"Can of worms? The can is open... the worms are everywhere."
I don't get a whole lot of spam daily, nothing to get terribly upset about. Bandwidth usage for the amount of spam I get on my private server would be relatively trivial.
But what kind of bandwidth would 1 billion spam messages take up? And system resources to process all that excess mail? I bet AOL spends a small fortune on spam - they gotta pay those "SPAM" engineers too.
I hear people complain about spam, but I generally think to myself "yeah yeah." But 1 billion freakin messages is nuts.
-kidlinux.
I'm kind of torn on this issue. On the one hand, I hate spam and those who allow it to proliferate. On the other hand, I abhor censorship in any form. I wouldn't have an issue with this at all if AOL simply provided its users with the *tools* to eliminate their own spam if they choose to do so. My problem with this is that AOL itself is deciding to filter its members' email, and making the determination itself as to what is and is not "spam". That's a reckless step down a slippery slope, in my opinion.
If AOL wants a strong anti-spam law passed so spammers can more easily have criminal charges or civil lawsuits brought against them, they ought to consider completely stopping the filtering so their customers get overwhelmed with junk e-mail. When the customers complain, AOL then tells the customer to contact their congressperson and complain about it and demand something be done.
I happen to believe in the sanctity of the Freedom of Speech. I do not subscribe to your concept of corporate control of rights.
I don't know where this idea comes from that just because you are a business it means that you can do whatever you want, including infringing upon rights guaranteed by the government.
This is a sad double standard being applied to "unwanted" emails. The KKK and the NOI can publicly advertise their unwanted speech because the First Amendment protects them. They cannot be barred from advertising in newspapers, they cannot be barred from advertising on billboards, and they cannot be barred from posting in open forums. But spammers don't have these rights?
You better think about that position a little.
I have been pwned because my
I would guess that deleting spam is about as expensive as transmitting it for an ISP. that is the processor intensive task of scoring and removing a spam probably is a wash with the processor light task of tranmitting and storing it. Now for the sake of argument lets just guess a wild number for the cost of filtering or passing along a spam. lets say 0.001 dollars.
if that were true then a billion spam deleted would cost AOL 1million dollars per day (plus the ones that got through). that would be a third of a billion dollars a year. THat seems way to high. So it must be less. SO maybe its 0.000001 cents?? that would come to a third of a million dollars a year.
My guess is that the latter is probably a good guess. why? well how many engineers has AOL assigned to the de spamination? perhaps a third of a million dollars worth every year? it would of course not make sense to spend more on de spamination than the harm it costs.
so anyhow assuming this wild guessing is within an order of magnitude then the proper charge to fine a spammer would be some multiple of 0.000001 dollars per spam sent. which is not an awful lot.
so is spam really that costly to ISPs??? Maybe not
Some drink at the fountain of knowledge. Others just gargle.
Seriously, now... I always click on the Microsoft ads and then hit the back button once their page finishes loading. It creates extra loads on their web servers. It probably costs them something. It makes them think that people are actually interested in their shit (as opposed to the realistic fact that people only use their shit because they're forced to), etc. And I'm sure that the good guys, like the folks at OSDN, benefit from people like me clicking on Microsoft's stupid ads.
- End user reports SPAM to his ISP.
- EU's ISP contacts ISP of spammer and says joe@isp.com is a spammer. Usually through abuse@isp.com.
- If spammer's ISP does nothing and the SPAM continues, EU's ISP blocks entire spammer's ISP.
- Spammer's ISP gets reports from clients they cannot send mail to EU's ISP.
- Spammer's ISP finally kicks spammer off due to pressure from its users not being able to email EU's ISP.
Of course, this is the theory."For every expert, there is an equal and opposite expert"
*shaking head*
psxndc
The emacs religion: to be saved, control excess.
I'm not sure what the problem is, but I just discovered this evening that all mail from my Time Warner/Roadrunner account is being bounced by AOL. Gives me some truncated error message, so I don't even know what the problem is.
Cute. :-/
Your Servant, B. Baggins
Apparently AOL users can set up their accounts to reject ALL email originating outside AOL (as if the rest of the internet were worse SPAMmers than AOL folks). Amazingly, this setting is turned on on some accounts (many, I suspect) without them even knowing it. I run a webserver for a few businesses, and we get LOTS of mail bounced back from AOL account for this reason. It's a real pain when, for example, an AOL customer is trying to sign up on our site, and their account activation key gets bounced back to us because of this stupid setting. I bet they're counting all these messages in their total.
Convert RSS to HTML - integrate webfeeds into your website
I remember some survey from years ago that asked "if you could press a button and someone on the other side of the World would die, but you'd recieve 1,000,000 dollars, would you do it?". I'm now wondering, if you could press a button, and a spammer, somewhere would die - would YOU do it? Scary as it seems to me, I'd probably say "yes"...
Code, Hardware, stuff like that.
Having all email routed to my inbox means that my figures above include dictionary attacks.
Using tagged addresses also runs up the total a lot. Every time I give out my email address, either on a registration form or in a public posting, I use a different tag.
I started tagging addresses in the early days of spam. Remember when we foolishly thought we could attach a disclaimer to usenet posts along the lines of "send me spam, and I'll bill you $50 under the anti-fax laws"? Well, I was dumb. I figured that in order to "prove" that unsolicited email was unsolicited, I had to have some proof of how the spammer got my email address, and that I had a clear disclaimer.
The good news: I have a pretty good idea of which of my online activities generate spam (e.g., posts to control.cancel and *.test, my NIC registrations, and usenet group-creation votes all seem to be popular for the spam-database trollers)
The bad news: I can easily get hit 30, 40, or 50 times for any one mass-spewing a spammer decides to do.
The totals above contain NO false positives -- they're all tied to tagged addresses which only produce spam. Not included are the 50 or so false negatives I get a day, which get tackled through other means.
Good for AOL and their subscribers. But I think I have a simpler way to block a billion spam messages/day: just go to Alan Ralsky's house and cut all his datalines?
* ^From:[ ]*[a-z0-9_]+@aol\.com$
:0c:formail.lock /' > return.tmp
:0:formail.lock /usr/sbin/sendmail -t
#
* ! ^X-Loop:.*mydomain
* ^TO_me@mydomain\.com
#
{
# Make a temporary file of the message to be returned
# Discard whitespaces, insert a leading blank
| expand | sed -e 's/[ ]*$//g' | sed -e 's/^/
# Prepare and send the rejection
| (formail -r -I"Subject: Rejected mail: Recipient refusal" \
-A"X-Loop: rejected-mail@mydomain.com" ; \
echo "Sorry, but your e-mail was rejected because the From: header" ; \
echo "didn't seem to include your real name. This is an automated" ; \
echo "message; replying to it won't work." ; \
echo "--- begin rejected mail ---" ; \
cat return.tmp ; \
echo "--- end rejected mail ---" ; \
rm -f return.tmp) \
|
}
Find free books.
Counting multiple e-mail addresses skews the statistics bit. How many spams do you receive per day per e-mail address?
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
All captured spam is sent to a giant warehouse in Arizona for processing. There, through amazing manipulation by ex-Netscape engineers, the messages are turned in AOL free demo CDs -- it takes about 15 messages to make a single one-billion-hours-free CD -- and then shipped for distribution to all 50 states and overseas. Thus, each piece of spam is repurposed and recycled. They try not lot a single go to waste, but quite obviously, they can hardly keep up.
If you want to get rid of spam, do this:
1. Create a "secret" email account from a reputable provider. Make it unguessable. Add some digits or weird long strings. Don't give it to anyone.
2.Go to spamgourmet.com and create an account. It's free and open source. In the "forward emails to" field, enter your secret email.
3. Give spamgourmet addresses to your friends. If your account name is Joe6Pack, give your pal Jack Daniels an address Jack.Daniels.Joe6Pack at spamgourmet dot com. To greatdeal.com, give greatdeal.com.Joe6Pack at spamgourmet dot com. This way you know who has what address. Those spamgourmet addresses are disposable.
All the emails sent to your various spamgourmet addresses are forwarded to your secret account.
4. If Jack, who is a friggin' idiot running XP and Outlook, gets yet another Kletz-like virus, the content of his Outlook address book will be compromized and all these addresses harvested by spammers. Just go to spamgourmet.com and disable the compromized address. Tell Jack he's a fool. Give him another disposable address if needed... Until next time.
If greatdeal.com turns out to be a spammer, just disable their address.
5. After a couple of months, disable your old email accounts, the ones that are spammed to death right now.
6. No more spam. Or if you get spam, just disable the spammed address and report the spammer to spamhaus.org. You'll never be spammed more than once.
Works for me.
--
Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/
However, nothing says I can't post a screenshot of my spam-box as viewed via pine.
For the poster who asked about the amount of spam-per-address...to be honest, I'm not sure. I didn't keep a good record of how many different tags I've used, and I'm not entirely sure how to adjust for the effects of dictionary attacks.
I'd guess that I easily somewhere between 70-100 spams per day to the address I originally used in the InterNIC record for my domain, for example, but I haven't kept stats at that level.
I'm unfortunately running a tar pit. But I've got to make up a measurable portion of submissions to uce@ftc.gov...not that that does any good.
So yeah, I get way more than my fair share of spam, because of being curious/stupid and tagging my address. I'm certainly not representative of how much spam Joe Average NetUser is getting. However, I think my spamlog may be interesting reading in the context of the overall growth of spam on the net.
I've been tracking my spam volume in the form above since 10 April 2002. One of these days I need to write up an article on how this is evidence of the expansion of spam.
One encouraging factoid: The rate of spam volume growth, at least for my little cesspool, seems to be slowing, at least as compared to what I saw during the last half of 2002. I don't know whether this is a real slowing, or just more filtering going on upstream from me, however....
P.S. -- 15 spams arrived between the time I pasted the listing from pine and my hitting preview a few seconds ago. :(
Let see here....
if we have 1 billion spams per day, at roughly 5kb per message, this equals to almost 5TB of wasted bandwidth. This is only what is caught. Now with this we can start estimating the costs per day for dealing with spam.
Lets consider bandwidth cost $1 per GB, AOL being as large as they are may be able to make that less. At that cost it is $5000 per day. This does not include the cost for extra equiptment to deal with the extra bandwidth, for people to write anti-spam software, etc. i'm going to estimate that it cost AOL over $10000 per day because of spam. or over 3.5 million in one year.
In America we are imprisoned by our fear of them.
Wish I could remember where I heard that. Searched google for it, and found this,
So I still don't know who wrote it, but at least I got a good laugh re-reading the whole piece.- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Straying a bit offtopic, but I suffer way more from being sent email viruses than I ever have from spam. I might see 1 spam (maybe 1k - 20k bytes) every couple of days, whereas I get anything from 20 to 100 copies of Klez or Yaha, at 45k - 188k bytes each per day.
AFAICT, all those came from the fact that I made the mistake of listing my real email address when I uploaded a Winamp skin. It was up for less than a week in December, and I'm still getting viruses now. The hotmail one I put up to replace it (only ever used for that Winamp skin) gets a similar level.
Registering accounts later than some other chrisb since 1997
I am AOL user since 1992 and I never lost any messages; except when I (twice actually) did not pay attention setting the exlusion filters.
What AOL really needs to do is:
1) allow more than 100 entries in the exlusion list (500 would be more reasonable)
2) perform more checking that the email header is really correct (reverse DNS etc). How can it be that spam is injected into the AOL gateway when clearly the FROM address is bogus?
I receive about 500 spam mails per month into my account; 20 real messages. More than 20 juk mails for every real message. I spend way too much time clicking the DELETE button!
Subject: [Slashdot] Metamoderation Results
From: slashdot@slashdot.org
To: xxxx@xxxxxxx.xxx
<snip>
Some of your past moderations have been meta-moderated by other Slashdot readers. Here are the exciting results:
<snip>
You have received this message because you subscribed to it on Slashdot.
<snip>
SPAM: Spamnix identified this message as spam. This report shows which
SPAM: rules matched the message and how many points each rule contributed.
SPAM:
SPAM: Content analysis details: (6.7 hits, 4 required)
SPAM: NO_REAL_NAME (0.5 points) From: does not include a real name
SPAM: CLICK_BELOW (1.5 points) BODY: Asks you to click below
SPAM: EXCUSE_1 (2.3 points) BODY: Gives a lame excuse about why you were sent this SPAM
SPAM: FREQ_SPAM_PHRASE (2.4 points) Contains phrases frequently found in spam
SPAM: [score: 10, hits: click here, help you, received]
SPAM: [this, thank you, this message, you]
SPAM: [for]
---
When I grow up, I want to be a kid again.
Spam became a huge problem here roughly a year ago, and it started taking up too much employee time. So roughly six months ago, we started using Spam Assassin. In that six months, Spam assassin has caught roughly 90% of the spam we get, totalling well over 500,000 spam mails.
Am I crazy, or is 1/2 million spams for only 7 people in less than six months absolutely insane or what? How can anyone argue that these spammers are running legitamite businesses?
I think it's high-time for some legis-fuckin-lation to curb this insanity :)
Sticking feathers up your butt does not make you a chicken - Tyler Durden
Much like alcohol;
AOL - both the problem
and the solution.
Karma: pi (Mostly due to circular reasoning in posts).
If I advertise a silly product to 50 million email addresses, how likely am I to get customers?
How can AOL complain? The spammers are just
following AOL's lead!
Does anyone else find it fitting that AOL [those responsible for a flood of "XXX FREE HOURS" discs each week in my snail mail, magazines, and breakfast cereal] should suffocate under an avalanche of their own electronic hellspawn?
There is sweet justice after all!
When you hear hoofbeats, think horses, not zebras