Slashdot Mirror
Forty Percent of All Email is Spam
PCOL writes "There's an interesting article on spam in today's Washington Post which includes an inside look at AOL's spam control center in Northern Virginia. The story reports that roughly 40 percent of all e-mail traffic in the US is now spam, up from 8 percent in late 2001 and nearly doubling in the past six months; that AOL's spam filters now block 1 billion messages a day; and that spam will cost U.S. organizations more than $10 billion this year from lost productivity and the equipment, software and manpower needed to combat the problem."
I administer a Spam filter for a state University in Tennessee. Since I began filtering, I have trapped about 42% of all email bound for faculty and staff. Some spam still gets through, but the impact on our pop and imap servers has been greatly reduced.
550 Spammer Go Away!
So, we all agree that Spam is a problem. We all agree that legislating Spam out of existance isn't going to work, due to the international design of the Internet. So what needs to be developed is a backwards-compatible mail transfer protocol that authenticates the user to the sending server and forwards the message to the recieving server, who contacts the sending server back and verifies the user's identity.
I'm no software designer, but surely we could find some concept for migrating off of SMTP and POP and to a better, more secure protocol.
Other thoughts?
-cheezus_es_lard
The real problem with spam is the economics: it costs next to nothing to send a message, the only real cost (time) is borne by the recipient. Fix that problem and spam will go away. It doesn't need legislation, which in any case could apply in just one jurisdiction.
A system like Hash Cash could solve the problem. The most popular free mail clients could start including hash-cash postage with each sent message, and then in a couple of years' time start to drop incoming messages that don't have postage paid. AOL could include hash cash in their mail client easily. *Easily*. That spam-detection centre they run is not cheap. Even Microsoft would add hash cash to Outlook, Outlook Express and Hotmail, since it's another encouragement to upgrade to a new Outlook release (which of course requires a new Windows version).
Getting the whole world to upgrade its mail clients is a hard task, but getting every government in the world to pass anti-spam laws and enforce them is much harder. Goodness knows it's bad enough trying to get _one_ legislature to take a sane view on anything technology-related.
-- Ed Avis ed@membled.com
According to POPFile only 18% of my email messages are spam, but it's 46% when you take the file sizes into account. The total memory fraction would seem to be a more relevant measurement if you're an ISP concerned about spam's costs.
So, when they say 40%, is that by number of messages or total size?
Liberal (adj.): Free from bigotry; open to progress; tolerant of others.
i run a small isp's mail server system (~30k accounts) and just our dnsbl blocks about 60% of all incoming e-mail. spamassassin and various other techniques pick out about 5-10% more of the overall.
Blocking spam before it gets to our main mail server has extended the life of our mail server indefinately. The less we have to spend on hardware, the more time and energy we can spend on building quality of service for our customers. That keeps the customers happy, and keeps the business people doubly happy, since they don't lose customers and don't have to buy new hardware every year for a mail system.
Why read the article when I can just make up a snap judgement?
AOL does no filtering on the content only on the header information. It does nothing with the content of the email messages. It forwards every mail that is accepted by its mail servers to the users. Thats why AOL only blocks about 50% of the stuff. Even if they accepted the mail, they should be deleting or giving me the option of deleting without seeing every mail that wants to increase my unit's size or my wife's boobs and the pharmacy come ons and the Norton junk. But AOL continues to act like a single lost email is the end of the world. Well give the users some tools and let them decide. No wonder they are losing subcribers, they don't know how to deal with the number one annoyance on the internet today.
And then what do we do what a company hires an untraceable spammer to send out a million messages with its competitors names?
I know as a youth, one of my hometowns stores fliered the city with a competitors name and fake coupons for a rediclous amount off to give them a bad name when their competition was at its worst.
It finally came out the other guys had done this, but the other store decided to make a promo out of it and honor the coupons anyways...backfiring on the others.
In a smaller town, this sort of thing can be traced back to the source rather easily. On the internet, how are you going to police the fact that PacificMed's greatest competitor (would that be AtlanticMeds) by doing the same sort of thing? Find a spammer in Asia (or one that works for your local college that will simply use Asian relays) and pay them $1000 to send out a million spams either to get them in legal action or simply to give them a black eye in the public's mind.
clif
On the server I administer, I have a nightly cronjob set to parse the spamassassin logs, and email me the stats.
Since the logs were cycled on Sunday morning, there have been 8332 messages, 5824 of which were spam, for a percentage of 69.89%.
This number has increased substantially over the last 3 weeks. This time last month we were below 50%.
"The guide is definitive, reality is frequently inaccurate."