AOL Cans 1 billion Spams In One Day

linuxwrangler writes "AOL announced today that its spam filters hit the 1 billion reject mark for a 24 hour period. This is an average of 28 rejects per day per member. In addition, AOL spam engineers say they receive 5.5 million spam submissions each day from AOL users. Other reports here(1) and here(2)."

Wow!

[Tyler+Eaves]

28 per subcriber per day caught.

Only leaves 103 apeice...

Re:Wow!

[StarOwl]

Man, what I'd give to only have 28 pieces of spam thrown my way each day. Here's how many pieces of putrid canned ham have been spewed my way in the past few days:


23 February: 1095 spams, 7,821,318 bytes
24 February: 1320 spams, 6,581,776 bytes
25 February: 1700 spams, 6,875,706 bytes
26 February: 1598 spams, 7,910,568 bytes
27 February: 2659 spams, 13,183,247 bytes
28 February: 1436 spams, 6,280,790 bytes
1 March: 1492 spams, 6,917,835 bytes
2 March: 1274 spams, 5,805,475 bytes
3 March: 1488 spams, 6,196,761 bytes
4 March: 1626 spams, 9,023,298 bytes

Thank Ghu for tools like procmail, tmda, and spamoracle.

AOL spam engineers?

[nizcolas]

Are they responsible for creating the spam, or stopping it?

Re:AOL spam engineers?

[ngyahloon]

They should use this threat in the next Austin Powers movie. Dr Evil spamming everyone's email with 1 billion ads/spams unless he is paid "1 Million Dollars"

What I want to know is...

[AEton]

...how much of that was outgoing? i.e, how much did AOL users themselves generate? Probably more than they want to let on...

Failure rate?

[waytoomuchcoffee]

And how many got through?

Re:Failure rate?

[mosch]

More importantly, how many valid emails were wrongly discarded as spam?

Re:Failure rate?

[Anthony+Boyd]

how many valid emails were wrongly discarded as spam?

I can partly answer that, and say it's probably a huge number. Bigger than they want you to know. I help out with a local church's Web site. This is a church -- they're far too nice and technically inept to spam anyone. But their site is hosted on a machine that about 100 domains use. Other customers of the ISP HAVE sent spam. AOL blocks at IP address, so all 100 domains are blocked.

So. To answer your question, a LOT of legitimate email is not getting through. I had to work with the church's ISP and AOL spam cops to get them to make an exception for the church's domain. They LEFT the other 98 domains that hadn't spammed on the block list, just because those domains hadn't complained yet. And of course, every now and then, they "forget" that they've made an exception for us, and I have to go over it all again.

Really, AOL gets such big numbers because their system is not very efficient.

New notification

[Defender2000]

I can see it now:
*bing*You got mail!

"You have 10 new messages"
"You have 293 rejected messages"

wouldn't it be easier, quicker and smaller...?

[irving47]

To measure the LEGIT email going through AOL?

Re:wouldn't it be easier, quicker and smaller...?

[sixdotoh]

lol, that sounds like the making of a bbspot story.

AOL user shocked! "I received a personal message that was not trying to sell me anything! I didn't know this kind of thing existed!"
AOL engineers responded that this anomaly occasionally happens about every 0.264% of regular mail sent. . . .

not to burst your anti-spam bubble, but . . .

[kraksmoka]

unfortunately, i would guess that half of their spam is legitimate communications that get blocked. i have alot of email addys. but apparently, only my mac.com address gets through.

every other letter i write to my mom gets rejected. if i am not allowed to spam my mom, who else should be????

Re:not to burst your anti-spam bubble, but . . .

[agentZ]

I have to know why you're asking your Mom if she'd like to add three or four inches to her penis length.

This is the most important story of the year

[ObviousGuy]

And it is under the most correct section: Your Rights Online.

Today 1 billion voices were silenced. This is not some make believe movie where Alderan gets blown up. It is about the actual usurpation of the Freedom of Speech.

AOL has taken it upon themselves to decide for their users what is appropriate speech and what is not. That is sad. If you think Microsoft is taking away your freedoms because they own 90%+ in the OS market it is time to recheck your bad guys. AOL has just proven itself to be an enemy to Free Speech. That is a much more grave violation of your rights online than anything Microsoft has ever done.

The laughable part of all this is that AOL is the biggest real-world spammer with their tons and tons of CDs that have to be dumped into landfills every year.

Fuck you AOL for making yourself judge, jury, and executioner of the First Amendment.

Re:This is the most important story of the year

[mstockman]

Would someone mod the parent up +1 Funny, please? Because the poster can't be serious. Let's look at a few of the more obvious problems with the post:

• You capitalized "Freedom of Speech" being usurped, so I assume you mean the freedom guaranteed by the First Amendment, which you mention at the end. Sadly for your post, that Freedom and that amendment apply only to the Government. Private institutions can suppress (that is, fail to use their own money to allow) any speech they damn well please.

• Nobody is taking away anyone's freedoms, because each and every AOL user whose spam was blocked paid AOL to do it. Those who don't want spam blocked are Free to change to another ISP. (Oh, quit it... AOL is too an ISP. Stay on topic, all right?)

• Finally, tons and tons of CDs, unless they appear as ISO images in your mailbox, are Junk Mail, not spam.

Hope this clears up exactly which "rights" have been infringed here -- the rights of spammers to dump 1 billion pieces of mail into AOL users' mailboxes. And I just can't get too hot under the collar about their loss.

Re:This is the most important story of the year

[robi2106]

Exactly. Tell me where it says in the USA Constitution that a corporation is required to pay to support your missguided interpretation of freedom of speech? The government isn't even required to do this.

The only thing the government can't do is supress or prevent you from doing so.

I should be allowed to stand on the steps of the White house and demand that I be given press conference time immediately following the President, just because I am a citizen. But I should be reqected my requests and even asked to shut up and read the Constitution that I tried erroneously to wave in my defense.

And how many spams originate from citizens of USA any way, more from outside I would venture.

robi

Re:This is the most important story of the year

[bkocik]

AOL has taken it upon themselves to decide for their users what is appropriate speech and what is not

No, we have not. Spam is the #1 complaint we get from our users. They don't want the stuff, so we're fighting it. We block what they ask us to block.

But, of course, we're AOL and this is Slashdot, so naturally everything we do is wrong.

Save those bits!

[smartin]

If this is true, can you imagine how much bandwidth and disk space is wasted by spam. I'd be willing to bet that the money lost to spam exceeds the money lost to pirate software and mp3's combined.

S.O.L?

[coday]

Does this mean I'm gonna get screwed on my mortgage and have to settle for an average sized penis?

Good

[aiyo]

Now my penis enlagrement products won't be drowned out by useless spam.

Don't exagurate.

[stefanlasiewski]

Don't exaggerate.

When you compare spam-blocking with Nazi atrocities, you're belittling the horror that Nazi victims experienced.

Many of those Communists, Jews, trade unionists, Catholics were often killed in all manner of horrific ways.

By contrast, AOL isn't killing anybody. If AOL blocks spam, somebody looses some money, and an AOL user gains some time, money & sanity.

There can be no fair comparison of these two activities.

Some are configured to reject ALL outside email

[Kakurenbo+Shogun]

Apparently AOL users can set up their accounts to reject ALL email originating outside AOL (as if the rest of the internet were worse SPAMmers than AOL folks). Amazingly, this setting is turned on on some accounts (many, I suspect) without them even knowing it. I run a webserver for a few businesses, and we get LOTS of mail bounced back from AOL account for this reason. It's a real pain when, for example, an AOL customer is trying to sign up on our site, and their account activation key gets bounced back to us because of this stupid setting. I bet they're counting all these messages in their total.

Re:How?

[StarOwl]

My spam counts tend to get run up because of how my eight-year-old domain is set up (all incoming mail, regardless of the to address gets directed to the same inbox) and because I've made use of tagged addresses.

Having all email routed to my inbox means that my figures above include dictionary attacks.

Using tagged addresses also runs up the total a lot. Every time I give out my email address, either on a registration form or in a public posting, I use a different tag.

I started tagging addresses in the early days of spam. Remember when we foolishly thought we could attach a disclaimer to usenet posts along the lines of "send me spam, and I'll bill you $50 under the anti-fax laws"? Well, I was dumb. I figured that in order to "prove" that unsolicited email was unsolicited, I had to have some proof of how the spammer got my email address, and that I had a clear disclaimer.

The good news: I have a pretty good idea of which of my online activities generate spam (e.g., posts to control.cancel and *.test, my NIC registrations, and usenet group-creation votes all seem to be popular for the spam-database trollers)

The bad news: I can easily get hit 30, 40, or 50 times for any one mass-spewing a spammer decides to do.

The totals above contain NO false positives -- they're all tied to tagged addresses which only produce spam. Not included are the 50 or so false negatives I get a day, which get tackled through other means.

Re:wow that's expensive or is it cheap.

wow, this is some voodoo math if I've ever seen some...
your assumptions are pretty poor, for example:

how can you possibly assume that the cost of a spam is only in 1) the bandwidth required to receive the spam and 2) the amount of processor time spent to score and delete the messages?

The most costly aspect of spam for AOL is the damage to its image, and the consequent loss of its user base. That in turn, has a consequent loss in stock price.

also, i like how you relate the "despamination" costs of the salaries of the engineers with the costs of spam to the ISP.

here's your logic:
"it would of course not make sense to spend more on de spamination than the harm it costs"

well, this is true, but what can you logically conclude from this? only that the harm it costs is AT LEAST as much as the cost of "de spamination"

this DOES NOT mean that:
(harm done by spam) == (cost of de spamination)
as you imply in your post.
in fact, quite the opposite, if I were company, would I embark on an endeavor if I only expected to breakeven? HELL NO. a company would only try to do something like despamification or new features in a piece of software if it expected to come out ahead. This means that:
(harm done by spam) >> (cost of engineers to de spaminate)

also, I think you severely lowballed the cost of the engineers doing the despamification. a third of a million gets you ~5-6 engineers? If they are sucessfully filtering 1 billion spam a day, they need more than that just for the IT personnel keeping the processing power running.

Also, you are confusing the costs to the ISP. don't forget that AOL will still incur the costs of deleting the spam, the costs of the bandwidth to receive the spam, and ON TOP OF THAT the costs of the engineers.

so instead of:
(harm done by spam) == (cost of engineers to despam)
it is much more accurately depicted by the following:
(harm done by spam) >> (cost of engineers to despam) + (cost of bandwidth to receive spam) + (cost of processing power to score and delete spam)

An efficient anti-spam weapon

[SysKoll]

So your old email accounts are spammed to death, huh?

If you want to get rid of spam, do this:

1. Create a "secret" email account from a reputable provider. Make it unguessable. Add some digits or weird long strings. Don't give it to anyone.

2.Go to spamgourmet.com and create an account. It's free and open source. In the "forward emails to" field, enter your secret email.

3. Give spamgourmet addresses to your friends. If your account name is Joe6Pack, give your pal Jack Daniels an address Jack.Daniels.Joe6Pack at spamgourmet dot com. To greatdeal.com, give greatdeal.com.Joe6Pack at spamgourmet dot com. This way you know who has what address. Those spamgourmet addresses are disposable.

All the emails sent to your various spamgourmet addresses are forwarded to your secret account.

4. If Jack, who is a friggin' idiot running XP and Outlook, gets yet another Kletz-like virus, the content of his Outlook address book will be compromized and all these addresses harvested by spammers. Just go to spamgourmet.com and disable the compromized address. Tell Jack he's a fool. Give him another disposable address if needed... Until next time.

If greatdeal.com turns out to be a spammer, just disable their address.

5. After a couple of months, disable your old email accounts, the ones that are spammed to death right now.

6. No more spam. Or if you get spam, just disable the spammed address and report the spammer to spamhaus.org. You'll never be spammed more than once.

Works for me.

-- SysKoll