Slashdot Mirror
U.S. is World Leader in Spam
adept256 writes "Sophos outs 'dirty dozen' spam producing countries. And the USA is in the lead by a country mile. 'The United States is far and away the worst offender, accounting for nearly 60 percent of the world's spam. Even though European countries are responsible for less spam, they are still generating millions of junk emails a day,' said Graham Cluley, senior technology consultant at Sophos."
...and its spamming leader.
Surely Nigeria should be on that list, with all its bank account spams?
SpamNet - a spam blocker that really works
That way, Sophos themselves might produce a little less spam...
Roving Web-Teleoperated Robot
So many broadband & other high-speed connections left wide open that can relay data.
thelikesofwhich.com
Spamming computers may appear to be foreign, but in the end, it's nearly always an American source. Or from the Netherlands for some reason in those stupid 419s.
If you're not blacklisting from Spamhaus's SBL+XBL of spam outfits & open relays, and dialup pools, those ones are natural things to start blocking on connect.
Doing the Right Thing should not be preempted by making a buck.
While you Americans are spamming the world, we Canucks are gulping down herbal viagra, slathering growth cream on our willies and Making Money Fast.. Laugh at us, will you?!
Trolling is a art,
Reading the article, a more interesting point is that at least 30% - which probably accounts for a large slice of the US end European contribution - is from compromised machines. They believe most of those are directed from Russia.
Aside from the absence of Russia, the only thing I find surprising about the list is the high position of Canada - second, 6.8%. Given Canad's relatively small population, that must make them the leader in spam-per-capita - an unpleasant distinction.
Consciousness is an illusion caused by an excess of self consciousness.
Most European countries spam can be dealt with by blocking all the Top-Level Domains except the ones you deal with (Turkey, Germany and Italy in my case)
.com TLD as to make blocking it impossible due to the amount of essential email that would be stopped.
However so many European companies use the
I wish that the USA had a TLD that was only used there - it would make things so much easier...
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
at least we're the leader in something these days; seems we suck at everything else anymore...
I wonder if the recently passes Federal Anti-Spam legislation has had any effect on these numbers. Obviously not a big enough one, since according to these figures, so much spam still comes from the U.S. If these numbers can be tabulated, can they not also report the offenders to the police?
I also wonder if there is any way to bring the issue of unprotected computers to the public. Perhaps negligence penalties of some sort? I don't want to punish the wrong people, but it would be a lot harder to hack into all of these systems if they were administered properly.
Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
Could be that most spam is coming from US servers is because the US owns most of the IP addresses.
I guess I haven't bothered to track back much of my incoming spam lately. A couple of years ago, I tried to find the origin for each spam I received and, at the time, they mostly came from China, Korea, and S. American countries from ill configured computers running as open relays.
I guess, with the 'spam mafia' installing these zombies on Grandma's computer, the countries with the largest population of lusers online will be the larger sources of spam.
Without having some idea of what fraction of a country's email traffic is spam, these numbers just tell you which countries have a bigger internet presence, and absolutely nothing more.
*No one* spells English as badly as we Americans do.
...for average US penis size.
:-)
Luckily, I'm British and we're only number 9 on the list
John.
The article indicates that the 'researchers' spent two days collecting information.
Only two days of research is a lame attempt at a research project.
For all we know, those responsible could alternate source every other week, thus invalidating this 'insightful' conclusion.
Also, the article fails to mention how they are so positive of the origin. Who knows how many open relays the spammers use.
I'd believe an article that indicates that the US has more open relays than any other country, as I would venture a guess that it's relative to total number of computers wired to the net.
my 2c
Well the article also points out that much of the spam may orriginate in Russia from the hackers there. Who then subsequently take advantage of zombie machines in countries like the USA.
Well just dont let GWB learn of this, just what we need him to do, start a new cold war over spam. It be his newest attempt to revitalize the economy.
30% Troll, 50% Underrated, 10% Interesting
Score:5, Troll
U.S.A.U.S.A.U.S.A. Yeah! We're number one, baby! Whooo!
For example, a Nigerian email sent from a hotmail/yahoo account (they almost all are) would seemingly, by this standard, come from the US.
And then there's the thing they themselves point out; their methods of determining origin only go so far, hijacked machines / email routers configured to "wash" the headers of relayed stuff also go a long way to making the numbers invalid.
I still say the ultimate revenge is to paper-spam the big spammers. Sign them up for hundreds of thousands of magazines and all the rest.
The coup de grace would be then to package and mail a spammer the contents of my cats' litterbox the day after feeding them beef 'n' bean leftovers.
Of course the US is the leading producer of SPAM. It was invented here. And according to the SPAM Museum, Hormel produces 435 cans of spam PER MINUTE in Austin, Minnesota.
Are you Corn Fed?
Wow... when I see my next ad for "enlargment pills" I'll smile with delight that the ad I'm looking at was made in America...
Did I mention that by smile I mean Be menacingly overcome... and by delight I actually mean rage... sweet glorious rage.
Another reason for my heart to swell with pride for my country
The original generic sig.
Since so many USian companies block all email from the brazilian IPs should I now block all email from USian IPs?
This isn't a troll (despite sounding like one).
I'm very upset that my mail server, a very well maintained with a plethora of spam and virus filters, is blocked by asshat american sysadmins "just because we're spammers".
Ash nazg durbatuluk, ash nazg gimbatul Ash nazg thrakatuluk agh burzum-ishi krimpatul
So, when are we going to start seeing the complaints about how spam company owners are outsourcing to lower cost foreign providers and taking jobs away from good, hard working US spammers?
...We're the richest, most powerful, most prosperous country in the history of mankind...Leading in spam is a small price to pay...
Dream on sunshine. Ever heard of the Roman Empire? Greeks? British? Germans? Even the French were more powerful in their day. You have some of North America, a little in the Middle East, and not a lot more. The greatest spammer in the history of mankind is not really an accolade to stand in the history books. In time, people will look back and say 'So they were number 1 in a well contended field for a short time... so what?'. You got a way to go yet sunshine. Don't think that one half-assed victory in the middle will make the emperors of old start saying 'Fuck me, wish we'd had that 'e-mail spam' thing to go along with our might legions'.
Damn I just realised I got trolled properly there.
"Those who cast the votes decide nothing; those who count the votes decide everything." (attrib. Joseph Stalin)
Canada's population is 31.6 million (2003).
I looked at it as I wondered whether the Netherlands (16 million) would win in the spam/capita contest. Nah, canada wins. 3x the spam, 2x the population.
Reinout
Reinout van Rees
Obviously the "war on spam" needs to be fought on legally as well as technologically (and thanks to the fucked-up CAN-SPAM act some spammers are being given the green-light to annoy the hell out of us legally).
Assuming we ever have laws in place which state that genuine opt-in lists are the only valid way to advertise products then we still cannot sue the spammers who send junk to harvested addresses because of the problems involved with tracing them.
Tracing spammers is difficult/sometimes impossible because any computer on the internet can runs its own SMTP server to send mail to anywhere on the net. 10 years ago when the net was more innocent and less commercially corrup, this was fine, but nowadays this is just too powerful.
The problem is, if some clueless person (which probably accounts for 80% of net users) has their machine compromised by a virus or trojan than their computers are used to send out the spam, and as there are no log files the spammers are virutally impossible to trace.
Now imagine if the only way to send spam was via an approved mail server. For most of us this will be our ISPs, for the rest we will simply subscribe to one of the many official trusted ones.
Now the problem of reporting spam is a lot easier - complaints will be dealt with by the trusted mail servers who keep detailed logs of which customers have logged in to send mail, what IP address they used and at what time.
It doesn't matter if the customer deliberately sent out the spam or if they had been compromised by a trojan - the trusted mail servers can deny their customers the right to send more email until they have had an assurance from their customers that the problem has been fixed.
I'm not saying this is going to end spam altogether, but it should go a long way to curbing it.
What about all the spam which originates from, say, Nigeria or Amsterdam? Simple - unless the trusted mail server takes active steps to eradicating the spam they will no longer be trusted.
Sorry, but my karma just ran over your dogma.
The spamhaus website has been listing the USA for a loooong time now as the #1 spam source. It's got the names of the top spammers there too...
Simon
Physicists get Hadrons!
stats are so easy to manipulate or misinterpret.
let's assume the article is correct and 60% of the world's spam is US-based. in and of itself this is meaningless. if > 60% of the net's total content originated in the US, that would make the US better than average for its spam production.
La via sola al paradiso incommincia nel inferno
A lot comes from Asian computers, but if you look into the spam itself (what it sells -> who is actually selling it), most comes in fact from the US.
Florida! Thanks to its weak spam laws.
This guy is way out there
Having read the articles regarding the percentage rates of conversion (ie: replies to spam that turn in to orders) it obviously makes regrettable sense that sending out a gazillion junk messages will bring a financial return, yet I can't help wondering WHY the spammers think sending around 50 variants of the same message to the same inbox are likely to enhance their sales prospects? Unless of course there's 50 different spamming companies all trying to sell the same product using the same junk mail list? In my case, spambayes crushes what mailwasher hasn't caught anyway!
Di'e s'p'a'mm--'ers --d-1e.
infinite cabbage droll bearing science foot kingdom allow new rock garden trying gracefully space engine.
AT&ROFLMAO
One of the most effective means of dealing with Spam & when being required to hand out an email address is Spamgourmet (http://www.spamgourmet.com). You create an account and can then use unique email addresses of the form ..@spamgourmet.com . The cool thing about this is that for each email received on this account the counter is decreased and once it reaches zero all further emails will be discarded. This is great to hand out if you're ordering something from an online store and only want to receive 1-3 emails for order confirmation/shipment but not get any future spams.
The service is free and offers a couple of other neat features. I've been using it for about a year and it's been very reliable.
Highly recommended.
Heiko
This has not been my experience, maybe because my ISP more effectively blocks spam freom the U.S., but far and away the most persistent spammers I've seen for at least the last six months have been for Chinese phramacies. (Korea used to be far and away the worst, but now they're way back in second.) American ISPs (at least all the decent ones) kick spammers and spamvertised sites off their system, but the ones in China keep going and going and going.
If anyone knows a contact at chinanet.net where you can actually reach an administrator (or, better yet, one that speaks English), that would be a very useful thing to have...
Lawrence Person (lawrencepersonh@gmailh.com (remove all "h"s to mail)
http://www.lawrenceperson.com/
...in a lot of crappy things.
Unfortunately, I can't afford to leave this damned country. If I could... I would. But, I have a duty to others of my kind who also feel trapped here. That duty is to try an get people who are on the fence to see the light and join our side in changing the direction that things have gone in. Trust me people, I'm willing to fight to get my country back if need be.
Un-news
Your own explanation demonstrates perfectly that you are the one who doesn't know what the national debt is.
Simply stated, the national debt is what taxpayers owe the treasury for purchases made by the government. When the amount of money spent by the government exceeds the amount of tax money collected, you have a budget deficit. The national debt is the total amount, plus interest, owed to the treasury.
It has nothing to do with international trade. I believe what you are refering to is called a "trade deficit".
"Ask not what your country can do for you." --John F. Kennedy
This is a good statistic, as far as it goes. What I'd really like to see summarized is the breakdown of non-spam email on a global basis as well as a S:N ratio for each country.
.tld, counting non country code TLDs as US-ian: About 60 are legitimate, business-related emails, and 40 are spam. Of the spam, 20 seem to come from the US or Canada, 8 from Europe, 2 from South America, and 10 from Asia. I also have about 40 valid messages from the US or Canada, 15 valid messages from Europe, and 5 from South America. So my S:N on messages from North America and Europe remains high, it's lower from South America, and 0 from Asia.
For example, on a typical mail day lately, I seem to be getting around 100 messages in one of my mailboxes, not counting Windows worms and related crap. Here's my breakdown, based only on
I'd be curious to see these numbers for a more global sampling of email. It seems unlikely that anyone would be in a position to provide them, though.
.sig: file not found
I'd probably base the "power" and "greatness" of a nation on more than just the land the occupied, but thats just me.
The United States is far and away the worst offender, accounting for nearly 60 percent of the world's spam.
Wait, so all of us are responsible for the actions of these spammers? The "United States" itself doesn't spam, spammers do. Perhaps it should have been:
60 percent of the world's spam comes from spammers in the Unitied States.
I believe the guilt would lay correctly with the spammers in this phrasing.
The next remark is false. The previous remark is true.
Read the response by the second guy to respond to me. Both legitimate and illegitimate email are going to track with the number of total servers (scaled by how many are unprotected) and number of internet-connected citizens (scaled by how many are internet-connected) among other variables he mentioned.
I mean, actually think about what you're saying. You would congratulate Antarctica for generating 0 spam. If you want to look at this without considering "ham" emails, look at the spam difference - (spam sent = spam received). I would argue that even this difference should be fractioned by how many total emails are sent received which really is a decent measure of internet presence, but even without it, you at least separate net spam "donors" from "recipients"
Honestly, if you don't normalize variables in comparing large sample sets with small, you absolutely cannot compare raw numbers. I could recommend statistical reference texts if you like.
we're number 1!!!!!!!!!!!!!
When punk rock is outlawed, only outlaws will have punk rock.
The spam issue is such a large scale issue that the rules governing statistics should hold quite nicely (when you've got a sample size in the millions...).
The probability of a statistically significant number of spammers just happening to have said, "Let's use all our *US* zombies!" this particular day and then deciding the day after the study, "You know what, let's all go back to our Salmnonian zombies!" is so preposterous as to be humorous. It would be like having a majority of US voters wake up and decide for two days to vote for the Green Party candidate, then all of them switch back right after the primary. (If it were a small sample size, this could happen, but for a large sample size, it is *far* less likely.)
...but wait. Before ya know it, sending spam will be offshored to India too.
If you normalize by population Sophos's reported national spam percentages things look pretty different. The scores are no longer so lopsided, and the winner is ... Canada?
COUNTRY.....PERC...........POP....PERC./POP.Canada.......6.80......32207113...2.1113e-07
US..........56.74.....290342554...1.9542e-07
Netherlands..2.13......16150511...1.3188e-07
South_Korea..5.77......48289037...1.1949e-07
Australia....1.21......19731984...6.1322e-08
Spain........1.05......40217413...2.6108e-08
France.......1.50......60180529...2.4925e-08
Germany......1.83......82398326...2.2209e-08
UK...........1.31......60094648...2.1799e-08
Mexico.......1.19.....104907991...1.1343e-08
Brazil.......2.00.....182032604...1.0987e-08
China........6.24....1286975468...4.8486e-09
What?! The home of capitalism is also the home of spam?! How could this be? /sarcasm
WURD!!
Nah, it's just because we have so many more computers for the bad guys to zombify.
I agree. Just looking at the horribly butchered English that is in 95% of the spam that I get tells me that it not written by someone who's first language is English.
...not written by someone who's first language is English.
Like you, say?
Haida Manga
You didn't refute any of part of my statement you quoted. We ARE the richest, most powerful, and most prosperous. There's really no debate there.
SIG:Slashdot: indymedia for nerds.
That said, hopefully this study (not my little humor below, the sophos study) begin to, ever so slightly, shut up those people who claim that spam laws are useless because they will just drive spammers from one locale to the next. while this is true at the margins, the fact is that spam, like all business, is foremost local.
Much spam is made also by virusses...
I would like to know how much spam is coming from Windows users...:P
Spam is a serious issue in Sweden too. Our biggest ISP, Telia, have been hit so hard the last couple of weeks that delivering a mail from Telia to Sunet (the univerisity net) is taking up to 10 minutes. That's a HUGE delay compared to the milliseconds it used to take.
What is the Slashdotters' opinion on anonynous proxies?
I personally find the web variety very useful to browse Slashdot, since Slashdot banned a large IP range in which I belong, due to some a-hole using scripts targetting this site.
I equate Anonymous Cowards with Anonymous proxies in that they enable trolls, offtopics and first-posters.
I find irony in that for all the anti-spam stance promoted by the slashdot editors and slashdotters in general, this site cant seem to find an uber-geek technical solution to thread-spamming here.
Does anyone know what metric was used to determine these rankings? Was it "country where the first SMTP transfer originated"? Was it "office address of the dude typing in the text of the spam"?
I hate it when dudes publish 'findings' and don't explain how they got them. So much for the scientific method and reproducibility -- they could have made the whole thing up!
[**NOTE** I am not saying they did make the numbers up, but as a matter of journalistic and scientific integrity, when you publish the results and don't publish the method used to determine those results, your cannot be evaluated as anything other than opinion. We're after facts, here, people, not truth.
"Lawyers are for sucks."
- Doug McKenzie
I think it is time that ISPs block, by default, all outbound port 25 traffic. Customers can either:
- Use the ISPs mail server (this accomodates 90% right away)
- Use a VPN or SMTP+AUTH(+SSL) on an alternate port to connect to their SMTP server of choice (this accomodates another 9%)
- For the remaining few that just have to run their own SMTP server, let them have a static IP and open up the ports
Of course, some consumer ISPs won't be willing to deal with the headaches of option #3, or perhaps might charge a bit more for it, which is entirely fair. Businesses need to block all egress port 25 period, there is rarely a legitamate need for an employee to run their own SMTP server (unless they work in the IT department, but then they can probably open the port up themselves).additionally, they do not try to find out where the spammers are but only where the messages originate from. as they say, 30% of spam comming from compromised machines is attributed to the location of said machines, not to the spammer's location.
and chant "We're number 1!"
This is a bit too restrictive though - remember, we don't want to penalise ordinary internet users, most days I might only send 10 but some days I could quite happily send more than 50... why shouldnt I be allowed to send more? What if one of my emails was urgent and I wasn't allowed to send?
I also don't like the idea of reviewing people's email traffic (time-consuming for the ISP and a clear violation of privacy), and cutting someone's email off for 24 hours for sending a virus sounds like a Police State. What if I'm emailing a new virus to Sophos to analyse?
Far better we keep the net free as far as possible...
Sorry, but my karma just ran over your dogma.
I'm wondering. As an ISP, could there be a program that scans customer's computers for problems and blocks them until the customer fixes them? This way we could slow the spread of viruses, spam, and other nasty things.
The above is not worth reading.
Its always inches or pounds.
I've never received anything promising to add centimeters or lose kilograms.
must...resist...dubya.....jokes.
Free as in mason.
Here's a partial spam I received from silver star internet information company (wewe@hotmail.com), showing total (spammed) e-mail addresses by country, and associated industry categories. (These sums are likely valid only for the lists that this spammer sells...).
And they spew:
"We offer...e-mail addresses databases for advertisement mailing; we...also carry out mailing and hosting for the advertising projects . Their validity and originality are verified. please go to our web. There are some sample download."
Country or area, total email addresses (in millions, typos left in):
Category Name, total email addresses
Just remember without the good old USA there would be no INTERNET. (know your history)
. I love the sound of burning women and screaming rubber....
I run some Linux boxes for a cable ISP here in Canada, each headend goes through a Squid proxy which also doubles as a handy firewall.
Once a week or so we turn on ntop for a few minutes and have a quick peek at who is moving what, if we notice any clients doing any outgoing scans on known virus ports we block them at the routers until they call in and clean the PC.
Once a month we'll scan the network with nmap to see what ports people are listening on.
Our mail servers scan incoming mail for viruses, if we see a cable client spewing viruses at it we block their SMTP access and block port 25 for them at the routers.
After about a year of this, we have a very low infection rate when new viruses hit. We also block worm ports at the routers so those don't effect us as bad (still possible if some idiot with an infected laptop gets on the wrong side of the firewall).
Our next step will likely be egress port 25 blocking entirely.
To me he's English looks just fine. Just like my's.
Could you please learn basic economic terminology before posting? The national debt is the money owed by the US treasury to holders of US bonds, some of whom are foreign and many of whom are not.
Now, please to close mouth and open books. Thank you
Whence? Hence. Whither? Thither.
Most SPAM is trying to sell us something. Why not go after the business itself using local and state laws and IRS audits.? If the local fire department finds a coffee pot on a frayed extension cord, shut the building down for a month. That sort of thing. At the end of the month, let the IRS step in with a detailed audit, then the state labor practices agency for worker safety issues. Give those bureaucrats some raw meat to chew on and maybe they'll leave the rest of us alone.
Word will soon go out that spamming makes life very unpleasant.
Which is why SPEWS increases the listing to encompass nearby IPs once the ISP has shows they are willing to tolerate spam. If an ISP is spam-friendly, then any email from their network has an increased probablity of being spam. SPEWS is essentially a quarantine of spam-infected areas of the 'Net.
Stop with the hysterical overreaction and namecalling. No damage is being done to anyone. If you choose to do business with a spam friendly ISP, some of your emails might get rejected. If you choose to live in a crack house, the pizza joint might choose not to deliver to you, too.
To use your mosquito analogy, if those mosquitos were infected with the Ebola virus, it would be a good idea to fumigate not only that village, but the neighboring ones too, just to be on the safe side. That's what SPEWS is; a quarantine.
One of the greatest problems with spam is not the spammer himself, but the spam-friendly networks that are happy to take spammers' money and refuse to kick them off their servers. SPEWS attacks the spam problem at the ISP level, not the individual IP level. It is as much a boycott of those businesses as it is a DNSBL.
No one is forcing you to use SPEWS. If you don't like it, don't use it. In my experience, it helps stem the flood of spam I get, and has no downside, so I'm going to keep using it.
Sky Is Discovered To Be Blue.
In other news... Hell Is Apparently Very Hot, Occupants Now Requesting Ice Water.
"I either want less corruption, or more chance to participate in it." - Oscar Wilde
While I don't doubt the US has just as large (if not larger) spam problem then the rest of the world, these statistics are useless. They dont explain anything you need to make use of the data. What counts as a spam message? All unsoliticited emails ? What about "legitimate" spam with a working opt-out link, or all that crap people willingly sign-up for. How is the country of origin determined? Most spam tries it's hardest to conceal it's origins. It can be difficult to determine the country of origin of legitimate traffic. Finally, how was the spam collected? I can't think of a way to quickly collect a lot of spam without introducing a bias. Finally, do comprimised machines count? Does the location of the person causing them to send spam count, or the comprimised machine? If they want their data to be taken seriously, they need to be open about the process they used to get it. Also it seems a little convenient a company that sells anti-spam software in the American and European market claims those countries produce the most spam.
We keep hearing a lot about spam and most people know exactly how the things are propagated. There was a story of that Connecticut spammer who got something like 45000 mails (snailmail)per day after his home address was published on the net. Why doesn't the fed wake up and close the loopholes? 70% of emails are junk and that's a big loss to the nation's economy..