Slashdot Mirror


One Third of Email Now Spam

Himanshu writes "The volume of spam received by business has doubled over the last two years and it's going to get worse. Analysts IDC reckons that spam represented 32 per cent of all email sent on an average day in North America in 2003, doubling from 2001. That figure is less than the 50 per cent or more junk mail statistic commonly cited by email-filtering firms like MessageLabs and Brightmail but it still represents a serious problem,"

12 of 431 comments (clear)

  1. Only 32%? ? ? by David+E.+Smith · · Score: 5, Informative
    Only a third? Gosh, I wish I had that little spam...

    From the logs of our anti-spam appliance, over the last six weeks or so:

    Total emails received 27900189
    Blocked (Spamhaus lists) 22450665
    Quarantined (probably spam) 4449044
    Viruses 117518
    Allowed 882962
    That's right, about 96% of our email is spam, viruses, or otherwise ungood.

    I'd be delighted if the spam dropped off so it were only 32% of our mail. Think of all the things I could do with that extra bandwidth...

    In fairness, the study says they were looking at businesses, and this is at a small ISP, mostly residential customers. But it's a good number to chew on nonetheless.

  2. Even more by ChaserPnk · · Score: 3, Informative

    According to this article the problem is worse

    --

    "A diplomat is a man who always remembers a woman's birthday but never remembers her age." -Robert Frost
  3. Comment removed by account_deleted · · Score: 4, Informative

    Comment removed based on user account deletion

  4. Thanks to previous raves about Mozilla by JohnnyComeLately · · Score: 5, Informative
    For those who, like me, thought they would have a hard time replacing Outlook Express (*puke*), check out Mozilla Thunderbird.

    I heard about it here on /. and installed it the same day. At first it marked ALL my mail as spam because I'm on a few list servers, but the adaptive learning function of it is getting much better. After I "unlearned" my list mails as spam, it'd still let about 60% of spam through. Now it gets about 40 out of the 42 spams I get a day. I don't mind deleting two (or hitting "j" for junk), and recent searches through the junk folder show no false positives.

    Check it out...

  5. Re:For Our CEO it's more like 98 out of 100... by stevey · · Score: 5, Informative

    Stick a mail proxy between the internet and Exchange, that way he still gets to keep using Exchange, and you have a simple proxying machine that can do arbitary scanning and filtering.

    You can scan all incoming mail with spamassissin and clamav before it reaches exchange, bounce or drop bad mail and forward "passed" mail into the Exchange server

    You could also hookup a challenge response script there too.

    I do the same thing for a company mail server running Lotus Notes.

  6. Re:Bah. by Animats · · Score: 5, Informative
    Me too. I'm getting about a thousand spams a day to the default inbox for four domains.

    Filtering is removing about 97% of the spam, but even after filtering, I'm getting more spam than real mail.

    Most of the spam seems to be selling prescription drugs. It's clear the Bush Administration doesn't want to do anything about this; there's plenty of authority for stopping illegal sales of prescription drugs on-line. Prescription drugs are traceable, after all.

  7. Re:For Our CEO it's more like 98 out of 100... by Nephilium · · Score: 4, Informative

    Ran into this same problem at my company... Tested two different things out:

    Mailwasher - Not a challenge/response like you asked for, but allows you to send bounces back to spam, and delete them off of the server before you donwload them. Can tie into SpamHaus and such.

    ChoiceMail - Challenge response, both single user and enterprise are available. Single user sits on local machine, enterprise ties into Exchange. Can quickly add anyone in your Outlook contact list to the whitelist, and anyone you send an e-mail to can be set to be whitelisted. The challenge message can be customized. Biggest problem with the bounce (at least in my testing) is that the challenge gets rated as spam by my filters. I'm sure if the challenge was tuned up it wouldn't be that big of a problem. And they have a free trial so you can test it for 14 days

    Nephilium

  8. What %? by krray · · Score: 3, Informative

    Their stats don't line up with mine -- the only thing I do agree with is that it is getting worse. It continuously has since March of last year it seems. Back then my base was about 500 a day THEN. Today it's much different, but let's digest some numbers.

    Forgetting work -- let's just look at my home domain. Hosting my wife and myself I'll look at my email alone. In the last week we've sent/received 42 legit emails. That's about 6 a day between the two of us. In the same week the average _daily_ traffic looks like this:

    I'll start by saying that actual junk mail that may make it to the Inbox in front of me is maybe 1 a week. I find even that annoying. Yesterday, an average day -- there were 109 messages harvested by spam sucking address'. Our daily average [last typical week] at home was 6 emails (sometimes less, sometimes more :).

    By my numbers that is almost 95% of my email traffic which is simply not wanted, nor allowed. :)

    There were also a total of 291 subnets blocked (for various other noticeable offenses :) yesterday alone (a typical day). This includes the harvested messages -- which now puts the email traffic at almost 98% being generated by spam.

    Of course, once blocked there's a URL sent back (-0- lookups in the same time frame) which tells you what to do (email a unblocking address or pickup the phone and call me ... you do know me, right? :). Yesterday's already blocked address' attempting to send even MORE spam in was 2,251 for a total of 2 email address' which may send/get 6 emails in the same time frame. Now we're at 99.7% of the potential email traffic was all generated by spam. .3% was real.

    They're numbers, well -- just don't jive with my real life experiences.

  9. Re:Oh no! by MoonBuggy · · Score: 5, Informative

    Why has nobody realised yet that it doesn't say 1/3 of email recieved is spam, but that 1/3 of email sent in the US is spam. I'm not suprised at that in the slightest - most spammers don't want to bother with the legal risks involved in sending spam inside the US. Just send it through some open relay wherever you find one or operate from Russia, it's far easier.

  10. I Was 5 Minutes from Shutting Down my Mail Server by Greyfox · · Score: 3, Informative
    When I installed tmda as a last-ditch effort to keep it going. So far it's worked pretty well -- had about 4 spams get though in the past 6 months or so.

    I doubt it'll keep spammers at bay forever, so I really should start looking into some more spammer hostile things I can do to my mail server. Worst case, I can always shut the damned thing down. I was ready to do that anyway. If the service is useless to me (Because filtering spam takes so long that I don't have time for anything else) why should I bother running it?

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  11. Re:Oh no! by interiot · · Score: 4, Informative
    I don't know how many times people need to post this link to slashdot before it becomes boring and common-knowledge, but MOST SPAMMERS OPERATE FROM THE US.

    • (as far as open relays go, I'm sure that spammers have an equal-opportunity policy regarding countries of origin.
    • Statistics show that about 33% of the world's users are in the US, so that might be more likely)

  12. Re:what about server solutions? by mabu · · Score: 4, Informative

    Can anyone suggest a decent, doesn't have to be perfect, server side anti-spam filter?

    Don't waste your time implementing a content-based filter. The best solution is to incorporate a real-time spam relay blacklist. I recommend bl.spamcop.net. It's very effective and accurate with an extremely low legit mail blocking rate.

    RBLs are great because they refuse spammer connections before the mail even gets delivered, so you don't waste bandwidth and system resources downloading spam crap and trying to interpret the contents. RBLs respect the sanctity of the e-mail message as a private communication medium and penalize those ISPs which allow spammers to operate.

    If you're using Sendmail, you can also hard-code some of the IP regions where tons of spam is originating (signal-to-noise ratio for most people on the Chinese IP blocks is 0% so why allow them to hit your server in the first place? A few lines in your /etc/access file such as: "connect:218 REJECT" will knock off about 200-5000 spams per day utilizing minimal system resources).

    Personally, if you want to get aggressive, block the following Class As: 61,80,81,82,83,142,164,193,194,195,196,200,201,202 ,210,211,213,217,218,219,220,221 and you'll stop a TON of spam from a lot of foreign countries you likely never communicate with.

    Set up a web-based e-mail form and put a link to it in your Sendmail access configuration so that if any legit mail gets bounced, they can redirect to a web page to contact you in the [unlikely] event they were inappropriately blocked.