Slashdot Mirror
Spam Volume Jumps 35% In November
gregleimbeck writes "Spam volume soared another 35% in November, an e-mail security vendor said Thursday, and the month saw spam tactics that reduced the efficiency of traditional anti-spam filters.
'There's been a huge increase in spam volume,' says David Mayer, a product manager at IronPort Systems, 'from 31 billion spams a day on average in October 2005 to 63 billion in October 2006. But in November, we saw two surges that averaged 85 billion messages a day, one from Nov. 13 to 22, the other from Nov. 26 to 28.'"
Maybe it's just me, but my spam volume seems to have jumped at least 200% in recent months.
Are we finally going to reach a point where only trusted addresses can email us? Seems the arms race is being severely lost. I've got a pretty good spamassassin config and I can't keep up anymore, I find myself having to manually delete literally hundreds of messages a day now.
http://www.babysmasher.com
http://www.openingbands.com
If Bush wants to regain some popularity he should consider nuking some of the spammers.
It's not going to stop. It's a multi-billion dollar industry.
It appears to me that the increase is almost all due to a small number of messages swamping us. One advertises the stock symbol PHYA and has no link. The scam is that if you Google for that symbol, there will be a full-width paid ad for a fake broker/analyst site. About 10% of my email for the last couple of weeks (i.e. over 100 of 1000 spams/day) advertises this stock symbol.
If it wasnt bad enough get 10 to 15 stock "tips" via spam a day, in mid-December, i started getting the same stock spam via SMS! Yes, SMS! I got a burst of 6 one morning, then another 5 later in the day. Theres $1.10 of SMS fees courtesy of Cingular. I cancelled my SMS service (which they enable automatically) immediately. Wonder how many people are unknowing getting charged for these messages. Starting January 07, Cingular will start charging 0.15/sms -- perahps a response to record SMS revenues :-) ?
I have noticed a decrease in the amount of spam lately. 5-6 months ago it was more than 50% of all my email, now its probably around 30% or less. Outlook 2003 catches about 95% of it.
It's really really annoying.
I remember when there was just one... http://groups.google.com/group/rec.autos.antique/b rowse_thread/thread/5a53273717099e12/c43de9e0b0e50 166?lnk=st&q=nike%40indirect.com&rnum=200&hl=en#c4 3de9e0b0e50166
Works great, even though some spams get through they do seem to identify and eliminate quite a bit of spam.
I'm still worried why so much spam recently though. Is there anyone out there who seriously READs this garbage and actually considers sending money to these people? Seems like the problem with spam is only going to get worse and worse until the big email providers can come up with some mechanism to prevent spam that still allows independent non-business email servers to still serve their purpose. I don't see this happening any time soon.
Meet new people, and kill them.
I use (amongst other thing) spamhilator. It's free, and its pretty reliable. The trouble I have is that I *have* to allow everyone to mail me. When you run a business, you *do* occasionally get people guessing your email address from your domain and sending you a potentially vital email. I just can't afford to block emails by default. And anything (like captchas or auto-response systems) that makes it hard for my customers to contact me is just BAD.
I don't see why we are always fighting this problem at the reception end, rather than the source. Spam filters can work quite well, but why are they mostly applied right at the very endpoint of the chain?
I'd be very happy for some basic filtering to take place on my outgoing mail at the ISP level. If it meant the odd automatic email with a captcha saying "are you sure you intended to send this mail?" before a spammy-looking email went out, thats fine with me, and wouldn't that approach cut down on all those twits whose PC's are part of a botnet without them realising it?
Bah, why is firefox suddenly getting me to spell check in American?
DRM-free indie games for the PC and Mac: Positech Games
For the low low price of 10 Bits you can have the comprehensive guide on how to get your submitted slashdot stories on the front page.
Does anyone know if this most recent rise in spam rates has anything to do with the availability of testing releases of Windows Vista? It would be most interesting to compare plots of the spam increase rate, relative to the dates of major Windows Vista prereleases.
Could it be a situation where Vista is being exploited to send all this spam, but in a way that is currently unknown or detected? Various versions of Windows in the past have had a horrible track record with respect to getting used as spam-sending zombies. Considering all of the new code in Vista, it's more probable that there will be serious flaws. That's just what happens when completely new code is widely used.
The increasingly widespread usage of Vista is the only thing I can think of, off hand, that may have caused such a dramatic increase in spam over the past year.
"Two years from now, spam will be solved" - Bill Gates
Did you ever notice that *nix doesn't even cover Linux?
I'm no MS fan, but I have to admit, a quick bit of maths show that Outlook gets over 95% of my spam. Gotta hand it to them.
Man wird am besten für seine Tugenden bestraft.
Spam has had a tendency to spike around election time for one reason or another.
Not to mention this is the 4th quarter, when everyone and his cousin is trying to
sell holiday gifts. How about some data for the past 6 months?
Non sequitur: Your facts are uncoordinated.
Well I'd just switch to a white list of e-mail addresses and everything else be damned! Captcha based filtering for application to join my white list if I wanted it too.
Shh.
The reason we get all this spam is because it apparently works. If it didn't, people wouldn't waste resources on it. Yes, people DO read this crap.
Fun game plug
I don't know of ANY reputable person or business that uses pictures to send email. For some reason email filters (either product or service) let this stuff through.
Why ?
I haven't emptied my spam box on gmail for the heck of seeing how many spams are in the box in the last 30 days. For most of last year it hovered around 2000-2400. Then over a week it doubled. Right now there's 5700+ unread spams in the spam box.
Pretty crazy seeing the growth first hand. It's an interesting metric to have right there to see how bad things are getting. Plus, I'd say there's 2-6 spams in the inbox each day. I guess that's alright, wouldn't mind none though.
J
The great irony of the spam arms race is that the better we get at filtering the spam, the more garbage the spammers send out just to get the same return. You can't stop filtering it, because the mail you want would be buried in a torrent of spam. But filtering more just raises the bar for the next round of spam.
Eventually it may get to the point where (a) email is unusable or (b) spammers have to send such a massive volume of cr@p that it no longer becomes a cheap business, and it ceases to be worth spamming. Until then, things will keep escalating.
#1. Aggressively whitelist - since I have the records of all the email received I can just send my users a list of all the email addresses that have sent mail to them and they can pick out the legitimate addresses.
#2. Block email during SMTP transmission - this is where the whitelists and blacklists come in. Everything else gets greylisted. I also use fake addresses to create my own blacklists.
If something is rejected, my phone number is included on the rejection notice. A person will see it and can call.
#3. Monitor the reject logs to see any names that may be useful (legit and fake). You'd be amazed at how many times the spammer's software trashes an address in a unique enough way that you can use it as a spam trap.
#4. Use anti-virus on anything that makes it this far.
#5. Use SpamAssassin on anything that makes it this far that is not on a whitelist.
These practices won't help so much with a personal account. But they've cut almost eliminated the spam where I work. But we don't sell over the Internet. 90%+ of our email is with the same people at the same mail servers and the same IP addresses every day.
Spam has become such a problem where I work that it has completely flooded the corporate Internet connection. I personally feel they should host an external mail server and spam filter off-site someplace. For my personal server I use various RBLs and country blacklists, like blocking all of China, Korea, Russia, Nigeria and a few other countries. Those seem to block most of the spam from even entering my mail server.
I know people talk about legal solutions not working, but I think if law enforcement made use of existing laws and went after these people it might make a difference. I'd love to see the FTC go after the pump and dump spammers and confiscate everything they own before locking them up, or the food and drug administration go after all the enhancement pill spammers. Also, perhaps a law to fine idiots who buy from these spammers.
Just change the federal law to let some of the state laws take effect, i.e. defeat the Can-spam act.
I think if law enforcement made a good effort to go after these spammers and lock them up then it might make a difference.
-Aaron
This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
If for example each spam message was around 1k of info, that's on average 63 tera bytes of info! Using the new Seimans 107gb speed record connection, that would take almost 10 minutes to transfer all that spam! I just wonder how much faster the internet would be without spam.
A better solution, one that does not involve the government in any way, would be for mail server administrators to basically do their job. In essence, that means using spam filters. This is something that most professional administrators do already. There's a wide range of both client-side and server-side spam filtering software that is open source and available for use today.
With a little effort, it's possible to prevent over 98% of all spam a server gets from ever reaching a user's inbox. And that's with absolutely no false positives. Many of these systems are self-learning, so they get better with time, and with the more mail they filter.
Yes, it does take some time to learn to use these filters, and it does take some time to set them up. But that's no excuse for any competent mail server admin to not learn about them. They're an essential part of such a person's job these days. Once they're in place, these filtering systems will make spam a non-issue for most users.
And that's why the US Treasury announced a surplus, from all the fines collected from all that spam violating the CAN-SPAM Act. We're funding free WiFi for every American, while exterminating all the spammers!
--
make install -not war
He's got 9 days left!
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
I know there's instant messaging, but I think the way of messaging by e-mail also has its place. Maybe it's time for a standardizing organization to pick up on this with a new "e-mail"-like standard and try get it backed by a lot of software company software. It could be with e.g. HTML, can it be done again, or do the current companies carry too big egos, only believing in their own solutions? There was some hope with both Google and Yahoo using the Domain Keys initiative, but since it's so little supported pretty much everywhere else, it's still a completely useless standard like so many others. :-(
Beware: In C++, your friends can see your privates!
If you don't do business outside the US, filtering by geographic registration for the subnet works wonders. A little hard to set up but once you use the geographically filtered email to train your Bayesian filter, you really get 99.9% or better. Currently getting approx 99.97% accuracy and very little false positives. Pleased as punch.
You can no longer assume that everyone sending you email is nice or a friend :-)
:-), you can only email someone if they provide you with a certificate or temporary token.
The next email must have encryption technologies (pgp,signatures,certificates,etc.), but email servers should only allow through email that is from an approved source. i.e. each email user will have to accept/allow each other user.
Failing that
That's an underestimate.
You have to wonder what drives these idiots sending so much junk?
I frequently get spam with these kinds of headers, changing slightly every few days -
Irvin Zimmerman Irvin wrote:
Vonda Hoskins Vonda wrote:
Donald Key Me again Key
Kimberly Slater Me again Slater
Marianne Whitney Marianne
Marlon Wilkinson Marlon
Lizzie Longoria it me Lizzie
Odis Lund it me Odis
Ismael Waters Waters message
Russel Huggins Huggins message
. . . you get the idea. there is so much of it that the pattern on your mail app stands right out.
where do these spammers get off thinking nobody would see through their tactics?
regards,
"sorry. no refunds"
Spammers are scum. Introduce the death penalty for them - I'll gladly throw the switch, however I would argue a new extra painful method of execution should be devised just for them.
Although there are many very effective antispam techniques, some common methods are worse than the problem they are attempting to solve.
Content filters are code that effectively say "I know spam when I see it." Given that people can't say exactly what spam is, why would they trust code written by humans to do the same. Likewise, blacklists are dangerous. We have a mail list machine that hosts hundreds of thousands of subscribers. A lot of people classify any email they don't want as spam, so we occasionally get blacklisted, because a handful of people weren't expecting something (though many ISP's have whitelisted us).
We deal constantly with people who lose email because they set antispam measures as paranoid as possible (alternatively, their mail admins do this for them without their knowledge). This inevitably intercepts a certain amount of legitimate email. Then they get upset because they presume email is 100% reliable and mission critical communications are getting lost.
Only accepting mail from trusted senders is hopeless unless you already know everyone you need to communicate with. Frankly, anyone who knows everyone who needs to be in touch lives in a pretty closed world......
someone enlighten me please!
i dont understand why there is so much spam! 90% of the spam i get, EVEN IF I WANTED TO READ IT, i dont understand it!! its just full of crappy stories, spelling mistakes and stupid stuff....
WHAT FOR??
is someone on the other side just getting pleasure in annoying people all over the world? (seems like a bofh story, or dilbert strip)
I'm not so sure what everyone is complaining about. I'm using SpamSieve as a plug in to Mail.app, and it catches just about everything without much in the way of training. Currently, my statistics as of 2006-11-01 say it's 97.1% accurate (with 71% of my total mail volume being spam, but that includes some legitimate marketing mail that I no longer really want, and I'm too lazy to track down the list maintainers), and that number gets higher every day.
On Windows, I'm using either Mozilla Thunderbird (usually), or SpamBayes as a plug-in to Outlook 2003 (when I have to), and I get similar results.
Of course, what we really need to do is rethink the way that the whole email system is designed, just in terms of MTAs that work separately from MDAs, etc. This kind of filtering really needs to take place at what we currently call the MTA level, with a configurable corpus for each user. The filtering should be done before the mail is permanently accepted, so that the impact on storage resources is as minimal as possible. Granted, it still takes a lot of processing power.
Another thing I need to spend some time thinking about is how RFC822 messages are structured in general. I'm just pulling this out of my ass right now, but the fact is that message envelopes are much to easy to spoof. Why have a separate message envelope to route the mail when the addressing information is already supposed to be contained in the headers? With the way spam is going, the message needs to be processed in its entirety in any case, so perhaps the envelope has outlived its usefulness?
I'm sure that it'll go back down to normal levels real soon now. Why heck, it may even withdraw from the Internets.
--
My God! It's full of tubes!
"You'll get nothing, and you'll like it!"
In october and november the volumes have rocketed. There was a weekend alone where I saw over 80000 messages being trashed. At some point procmail was too slow to digest the message as they arrived and I had to install a hook to "help".
Here are my monthly stats for over the last year on my own personal domain, that has the unfortunate privilege to be in every blasted spam file ever.. These are pre-rejected spams, some still pass to the "next level"...
http://oomz.net/spam-monthly.png
nt
The image spam is the one thing that gets through my (and gmails) spam filtering. I know people are working on OCR solutions, but spammers are already actively avoiding this with all the random dots and lines you see over their stock spam images.
So what I'm wondering, and I'd be interested if anyone on Slashdot knows about or is working on this - surely it wouldn't be too hard to detect the presence of these anti-OCR techniques? The standard way seems to be putting extra lines and edges, and a spotty background to throw OCR recognition off - why not look for those signs in an image, and add to the "Spam" score if this is present?
I got my first ever spam today in 12 years!!!
Content-Type contains "multipart"
or Content-Type contains "text/html"
and not in address book.
What those don't catch, along with a couple filters for non-english, Thunderbirds filters do. Haven't had a false positive yet. It gets all that image spam, and before that, it caught all that HTML. That same logic working in Mail.app.
- Adam L. Beberg - The Cosm Project - http://www.mithral.com/
Something worth pointing out to people who don't want to use gmail, is that you can use gmail as an enterprise grade anti-spam filter for your personal inbox.
Simply forward all of your mail on to gmail, and then either collect it from gmail using POP3, or set gmail to forward it back to a "clean" account on your server that you can pick mail up on. You can set gmail to delete the mail after it forwards it, so you essentially get one of the best anti-spam filters out there, for free.
Of course, what is annoying me is all of the penny stock image spam that gets through most spam filters. It's getting to the point where I really am considering stripping image attachments from messages. See this post further down for a bit more on my thoughts on image spam.
We use Postgrey to filter the spams out.
It works wonderfully even without additional filtering (blacklists, for example.. Which we do still use, though).
Postgrey is a grey-list system por Postfix (for a description on how it works, click here), and there are probably other good greylist filters around.
We've had (like everyone else has) massive amounts of spam going through Spamassassin, our server was down its knees all the time.
Now the machine is typically 95-98 percent idle and the spams we receive (remember I've said we use blacklists aswell) is only the ones which come from our intranet (from hijacked machines we quickly disable when discovered).
That tool saved the day.
Eventually those bastards will have a way around it, but for now it works very well.
In recent years I'd see a dramatic upswing in the amount of spam I got the week after Christmas and into January, as n00bs with new Windows boxes immediately got pwned.
I guess when retailers start putting out the Christmas stuff before Halloween, the spammers can get a jump on their post-Christmas bonanza.
He's got 9 days left!
Nine days ought to be enough for anybody.
I suggest that you use a statistical spam filter instead. Training its (few) errors is all-in-all less work and more effective than composing ad hoc rules. Even if you use Spamassassin, just turn the Bayes way up and forget the ad hoc rules. But there are better statistical filters. OSBF-Lua is the best (at least the best available) and Bogofilter is also very good, and more mature.
Automatically white-list any email address you send to?
Spam levels increase during the Holidays, just like the number of fliers that come in the Average persons Snailmail box.
The only difference is that one type comes from places like Toys R Us & the other comes from places like Canada.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
This is a really easy one. Get 2 email addresses. Make one private, and only give it to people you actually need to be in contact with, and make one public. Use it for posting, signing up, one for everyone else to email you, what not. Use GMail for said public address, and now your SPAM is almost completely redirected to a GMail spam box. Problem solved. It's what I do, I haven't gotten a junk mail in my Thunderbird's junk mail folder in weeks. And I use my public email address all over the place.
:(){
Just talk in Lojban, which is parsable like Perl.
ko catra lo se mabla mrilu
I constantly watch the server logs for the webhost I work for, and there was certainly not a 35% increase of spam traffic to our servers that I could see. Mind you, my logs don't speak for everyone else's, but this article reeks of "advertisement" itself. From the article...
IronPort's appliances, Mayer added, can close that gap: the company can update rules as often as 12 times an hour, and if necessary -- because of a completely unknown form of spam, for example -- update the core scanning engine remotely as well. "Anti-spam needs to be very responsive," he says."
Crucifixion
I couldnt be bothered setting up SpamAssassin on my server so just forwarded all 100+ emails a day to Gmail where it filters. It was a fast, 0-effort, way to get effective spam prevention. Plus with 2.7gb I dont think I'll run out of legit space anytime soon.
Content-based spam filters can be much more accurate than humans. In particular, they can have lower false positive rates. That is, a good spam filter is less likely to discard good email than a human is to overlook good email in a sea of spam.
I'm not exactly sure how the article supports the title "It's not worth worrying about spam." Does this mean you freely distribute your email address, and you simply sort through all your messages by hand, and you've never overlooked a good email, and you have some way of knowing whether or not this is the case?
If you want to test your own ability to separate spam from good email, visit www.spamorham.org
I use Thunderbird and after about a month of training the filters, it gets about 90% of my spam. The only thing is that if someone who hasn't e-mailed me before e-mails me, it goes to spam. :( It seems to be so strict that it only trusts people I e-mail. At least it figured out which e-mails are REALLY from eBay, PayPal, and Bank of America and which ones aren't. I've learned not to click any links from e-mail but to go straight to the address. Still, I check every single spam message I receive (400 a day or so), just to make sure. It's such a pain. If I ever get my hands on someone who writes the trojans that do all this, I'm going to have to beat their face into a pulp. It's caused me way too much trouble.
Parent does not understand grandparent. The Google ad points to a stock market manipulator, not PHYA.
It's not actually pump-and-dump in this case. It's using social engineering to trick people into looking at an ad they might otherwise not see. I'm sure the Google adword price for PHYA was very low.
Need a Python, C++, Unix, Linux develop
The real disease is: those vast botnets. Really, it's a scary thought. We are lucky that they only being used for spam and the usual phishing scams and the like - as far as we know! Imagine if the terrorists buy themselves some botnets for some nefarious purpose, or the Chinese or North Korea government corner the market on them to run millions of bots to steal corporate secrets or IDs or who knows what? What I'm saying here is that the large increase in spam should be triggering off alarm bells everywhere. The spam is not the problem - it's the botnets. Why in the world don't responsible world governments unite to put a swift end to this problem? Really - it could be dealt with swiftly and effectively in a hundred different ways that I will up to the imagination of the reader. I am just astonished this hasn't happened. I mean - couldn't our friend and champion of democracy George W. include this in his initiative against terrorism? He would probably have more luck tackling this problem then he is having in Iraq. What if he put that on his agenda - and set loose all his military might along with the help of some coalition of the willing? Perhaps he could salvage what's left of his image? Are you listening Mister Bush?
http://www.magma.ca/~gtaylor/AudioTestFileGen.htmBummer. That means I would have to hit it with a script instead of a mouse to cause them any pain. That would be really hard to do.
= CMeN9bSEpYkCFQdZYQodZiTxOA. I'd have to sleep for a few, possibly random, seconds. Then I'd have to rinse and repeat. Until I walked into the office tomorrow morning, and hit CRTL-C. If a few (hundred) people were to do that, for a few days, it might cost them some serious money.
I'd have to wget or curl http://www.stockmarketenews.com/s/PHYA.html?gclid
But that would be evil. I'd better not do that.
What you do with a computer does not constitute the whole of computing.
I was thinking of using some light side tech (hey, I can't turn to the dark side completely in just 3 months, right?) and setting up a home server with Debian/Sendmail using the guidelines of fighting spam (graylisting and others) laid out at acme dot com. Does anybody know if those work well outside acme? I mean, they obviously do work, but has anyone have any experience to share?
Some people value their privacy and giving away your e-mail contents, contact list, etc. to Google is a too high price in return for a convenient spam filter.
The existing laws are strong enough (once it is officially recognized that "spam tactics that reduce the efficiency of traditional anti-spam filters" are simply another version of computer cracking), if the government simply enforced them often enough to make spamming risky.
/. If the government wants us to respect the law, it should set a better example.
... why going vigilante on the zombie PCs that facilitate this torrent of spam is a bad idea?
I understand the whole "getting your hands dirty" bit. But, if millions of middle-manager's home PCs are getting destroyed in response to the volume of spam they send, won't that at least have a positive impact on the security of the average PC when they upgrade to XP/Vista/OSX ?
The FBI/Interpol ought to advertise spam services and then give out huge prison sentances to people who attempt to hire them. I think it would help people to think twice about hiring a spammer.
This, of course, would not stop the people who are using spam to send "stock tips" for pump and dump schemes or otherwise promoting their own shit, but it might help reduce some spam.
I use the spam filter in Apple's Mail client. It is basically worthless. It blocks many legitimate emails and lets lots of spam through. The filter we have at work on our Exchange server is worse, though. It has marked every legitimate email I have ever received from outside the company and let through about 50% of the spam.
Avoid Missing Ball for High Score
If the messages are the same (or very nearly), the amount of space used drops pretty quickly. In fact, it probably doesn't cost any extra space to the spammer because the only non unique part of the email is the name or the address, and he already had to store that list.
And unfortunately the tracking down idea I think wouldn't be too useful either, as spammers are just using zombie boxes anyway. Maybe a system could be built (with the help of ISPs) that would disconnect boxes that were spamming and in that sense making it easier to find them is a plus, but it will never catch the spammer.
It's a tough game.
Relax I just want some peanuts.
I manually block spammers. I use several RBLs, Spamassassin, and I also get my anti-spam list from a good friend at a major university who hates spam even more than I do. Still, I've seen a big jump in spam. I'm seriously paying attention to this discussion -- something's got to work.
Zhrodague.net - I do projects and stuff too.
Well the FDA can't really do anything because what's being sold are "supplements" that are of course "not designed to treat, diagnose or cure any disease." But... for those who are selling actual products, I would like to see more authorities purchasing the products and then giving american express a call to find out where that money went and then seizing whatever they find there. I don't know how to deal with the pump and dump spam (maybe the FTC) but if someone is accepting credit cards, they should just get hammered. And if we can force them to only use paypal, which would severely impact their bottom line, I think that's a step forward too.
Relax I just want some peanuts.
I'm writing this from my chateau in France. I flew here earlier today from my horse farm in Virginia in my new Gulfstream. Can't believe my good luck: couple of months ago, I discovered this unsolicited stock tip in my email. The stock was cheap and the tip seemed pretty solid, so I invested my life savings in it. And my grandmother's life savings, too; I have her power-of-attorney. The next day, I got nervous. Remembered the old line about if it seems to good to be true, it probably is. So I decided to unload the stock. Damned if the price hadn't gone up 6000 percent! In one day! Incredible! Anyway, I sold it all ... and here I am. Grandma's taking a round-the-world tour in her Gulfstream -- we bought a matched pair.
...that we can't get the IRS to audit the pump-n-dump scammers - I doubt they are reporting their income from these scams. The IRS has got to be good for something.
Remember, Al Capone was finally brought down for tax evasion.
This month's incoming spam is incredibly uniform. A very small number of spammers are generating most of the volume. There's the stock pump and dump guy with the noisy backgrounds. There's the text only stock spammer. There's the pill guy, with the same ad in different formats. Those three are probably generating half the spam on the Internet right now.
What we need is for some of the big mail operators, like Google and AOL, to put a million dollars or so into investigating each one of those annoyances. They may have to hire ex-FBI and ex-SAS people and fly them all over the world, and work the diplomatic circuit when some country needs to be leaned on to get cooperation. But it would be cheaper than adding whole buildings full of servers just to handle the spam.
Spam sucks, but a big part is giving out your email on webforms. My yahoo mail is interesting...it lets you create fake emails at will. But they're tedious to set up. the new firefox has TrashMail plugin which allows u to just right click in an email entry field and say 'Paste disposeable email address' then it puts a bullshit email, which you then get 2 emails from that address forwarded (in 48 hours) and then it deletes itself. It's all so automatic, and you get whatever password you want from the website but nothing else. It's fantastic.
..and that is for internet society to start treating email addresses as seriously as you do your home and business postal mail address and telephone numbers. In other words, it should not be trivial to get a professional clean effective and useful email address, it should cost you money in some form or another beyond one billionth of a cent or something. If email addresses were registered like domains were, it wouldn't be either possible nor economical enough for anyone to send spam, well, say it would knock it down past 99.9999 percent or something like that. You eliminate the profit potential, you eliminate people trying for it.
Want a bad car analogy? Sure you do! You know you love them!
If folks just *insist* on having a setup where you have roads with no speed limits, no one is required to drive to either side, cars have no inspections at all, any size shape or configuration of vehicle is legal including 20 feet wide, all windshields are tinted jet black so there's no recognition of who is who while driving, no licenses are required, and so on-what do you think would happen on said road?
And ya'all wonder why there is a spam problem? That's your only email problem right there, the entire idea of email as it is now is the worst engineering in the world. You start charging some cash and requiring registration for a year per email addy, you'll see spam stop or drop to extremly low levels as there will no longer be any sort of profit in it. The way you insist on having it now-you reap what you sow. And people who would still try to spam (why they would try not sure, but some fools would based on criminals just being so anti honest work) would be caught a lot easier.
Some times computer guys are really, really smart, other times they step on their wangs pretty hard,(the word nerd actually came about from..nerdishness) and allowing the practice of immediate unlimited email addresses to any fool on the planet then transmitting those important missives willy nilly is and always has been, pure utter insanity. email as it is now is like insisting everyone on the planet use a CB radio with one channel and they must change nicks every second. just ain't gonna work. The idea of electronic mail isn't a bad idea, on the contrary, it is a fantastic idea-so why was it allowed to be implemented so horridly? It isn't even remotely smart. No other communications medium that has been successfl is run like email, because it would be pure nuts.
I'm not sure what mastermind thunked this email scheme up,and what other masterminds went along with it to the point it just became some sort of standard, but anyone with a lick of sense who wasn't a stumbling geek with an IQ of 180 but not able to match socks or tie shoes would have seen the problem with that nutso idea coming a mile away, based on normal outside of artificial academic life reality.
So anyway, that's the solution. Make e-mail addresses registerable and non trivial to aquire and maintain. It isn't a perfect solution, but it would work. Now you wouldn't get rid of old broken email, but just switch to mature legal registered email for all your business. If your business "needs" a zillion addys, you should make enough money off of them to justify the cost. An individual addy, payup for how important you think you are or need to be per address because you'll need one to access the official business grownup honest people email world. Seems a winner for all parties then.
You can't have it both ways and no I don't want to see that email form solution debunker, because this one is actually possible if you can swallow your arrogance and pride and admit you were really wrong on that call and learn from your mistakes.. You worked hard for total email anarchy, and you GOT email anarchy. You are surprised and whining now? Why? You got what you wanted! The only solution is to STOP email anarchy if you are serious about stopping SPAM as easy as possible and not have to keep building the anti anti missile anti missile anti miss
I wish ISPs would cut off home users who send mail beyond some threshold, say 1000/hr. I've been fiddling with mail filters a lot the last couple months, and watching the logs scroll by, it's clearly dynamic IPs that send the bulk of the SPAM.
BTW. Greylisting still works pretty well. Now if only I could figure out how to compile milter-greylist with DNS block list support on my RHEL VPS...
K9 tells me that I get, on average, 227 spam messages a day - I always make a point of flitting through the junk just incase of a false positive. But one thing that immediately strikes me is that every spam message I get is trying to sell me something. Er... there's a pattern forming here. (Incidentally, are there any reliable statistics pertaining to actually sales attributed to spam?) Anyway, want a solution for spam? Sue the companies whose products spam advertises - they'll soon change their advertising associations. If spam fails to be a commercially viable means of advertising a product, the spammer will have nothing to, er, spam. Or is there an obvious flaw in my logic?
An important feature that is used by the spammers to verify that the email has been sent and read is external
images, if you completely block those they cannot use the servers statistics/unique session id to figure out
which mails worked or didnt.
2. Use those remote image location to flood their session stats and pollute their databases and tell their ISPs to drop them too.
Liberty freedom are no1, not dicks in suits.
Someone please make a virus that blocks port 25 outgoing that is different to the one that is configured in the
outlook/thunderbird / default route to ISP range.
Product Specs.
1. use every method possible
2. once in, update the firewall windows settings and/or other firewall products.
3. Delete self on next reboot.
Liberty freedom are no1, not dicks in suits.
Its one thing to do that, but theres a lot of stupid admins that have no clue
around the world. Yes, their upstream major ISP should terminate their pipe if spam is known to be coming from them
or drop their pipe to 64kbps so they will NOTICE the spam.
Liberty freedom are no1, not dicks in suits.
P&D operators always put out such statements on the web sites. It's done for two reasons:
SEC investigates because it has to. I don't think SEC really expects to catch anyone. If P&D is done right, SEC cannot prove anything and won't persecute.
No, that's not how the scam works. Some free trading stock can be bought on the market by the scam operators, but it's a minor portion of it. It's called "stock cleaning". The majority of FT stock is obtained through 504D, 144, SB-2, and S-8 (google it), then multiplied by a stock split. The management/principals of the company are almost always in the deal. There are usually three parties involved: (1) company proprietors (sometimes they are also the managers, but usually the management is totally bogus), (2) promoters who hire spammers to send out pump e-mail, (3) market makers. It's the case in like 95+% of P&D scams. Look at NAUC, WWEG, OCTL, BZCN.
Look at the dates of phya news releases. Only extremely naive people may believe that the flurry of press releases just coincided with the spam run.
I'll keep this short and to the point:
The problem isn't that we have too much spam. The solution isn't getting better filtering. The solution is finding an annihilating the problem.
The problem and source of probably 95% of all spam is sent directly from Windows zombies. Prevent Windows computers from turning into zombies. To do anything else is like taking Advil when you have cancer and expecting it to cure you just because it makes a symptom or two much less noticeable.
Either use Linux () or better yet... close the holes like MS has been trying to do for so long.
Lastly, ISPs should block outgoing connections on port 25 if they think that their customers should not be sending mail directly and give them a server to relay through instead. This is better than blindly dropping e-mail they think is spam and leaving sender+receiver to wonder whats going on. ISPs should also be more proactive in notifying their customers of infected computers by looking for port scanning and large volumes of traffic on port 25.
I have also, the last three to six months, seen a skyrocketing of spam (a few per week, to many dozens per day) despite a properly-configured spamassassin. It's almost forcing us to move to gMail, where Those in Power can more easily subpoena ad infinitum records of our our emails... <end theory>
The secret is that I reject all but a few hundred of those 11000 spams in SMTP envelope. Correspondents must have some form of id, currently one of:
- a valid rDNS
- a valid RFC 2822 HELO that resolves to connect IP
- an RFC 4408 sender policy (SPF) with a PASS
If you can't get one of the three right, you should fire your email admin.That gets 3/4 of the garbage. Next, SPF FAIL is rejected, including for HELO. You'd be surprised at how much spam has my own domain for the HELO! For SPF SOFTFAIL, since the sender is requesting debugging info, I send a DSN to the purported sender reporting the SOFTFAIL. For senders with no SPF, I match domains with HELO and rDNS, and look at MX to try to get a match - which is then treated like and SPF pass. For SPF neutral, I do a CBV, and blacklist the sender if it fails.
This reduces the spam from 11000 to several hundred. The content filter is auto trained. A honeypot mailbox provides spam training. Messages from (verified by SPF PASS) senders that users reply to provide ham training. Users have a web interface to the quarantine.
The false positive from content filtering is extrememly low. The biggest problem is VIP correspondents with clueless email admins who are unwilling to educate or fire them. (E.g. one admin insisted I didn't know what I was talking about and "JUPITER" was a valid HELO name...) In these cases, I have extensions to the sendmail access database to provide policy exceptions. I can also provide local SPF records for correspondents to get them a PASS.
One customer had to resort to spamsoap.com because they were getting 2 million spam connection attempts a day, and my python based filter could only process 80000 or so on his 400Mhz server.
Since we believe that spammers are targetting a very small section of society who actually reply to this crap, we could try to identify who those people are.
...well, we could hope.
A 'good guy' at the ISP could set up a deliberate fake-Spam-sending operation to his own customers intentionally bypassing the ISP's spam filters - and in a form that uses techniques similar to the ones the real spammers are using. The general community would be somewhat inconvenienced by this - but we don't intend to do it often - each customer would only get a handful of extra spams per month - they'd never notice. The plan is to use these 'white hat' spams as a honey pot for Spam-respondants. They want to take up these fake offers - so they reply to the email - or visit a fake web site set up by the ISP. Either way, the ISP now knows who the idiots are.
Because our 'White hat' spams bypass the ISP's spam filters - but they test the client's filters realistically, they reach a wider number of respondants than a real spammer could - but they don't reach people who are effectively filtering current spam techiques. The honeypot will therefore capture a wider number of gullible idiots than the real spammer ever could - the offers the white hat spam makes can be even more tempting than real spammers can afford to be.
Now the ISP has a list of his customers that are gullible idiots who are likely to respond to spam. He could just cancel those people's service - or send them notices pointing out that they are the cause of all the problems. There aren't many of them - so the ISP isn't going to make a big dent in his bottom-line. If all of the ISP's did this, it would have a long-term effect on Spammer's profit margins. The idiots would be kicked out and blacklisted by ISP after ISP getting more and more inconvenienced and spending less and less time online until they either find they can't get an email account anymore or they learn that what they are doing is antisocial - so they stop. Company email providers can use training and actual punishment of employees who abuse company email systems for these purposes.
Perhaps an even better solution is to offer to give this list of idiots to known spammers and offer not to filter email to those people - ON THE CONDITION THAT THE SPAMMER NOT SEND EMAIL TO ANY OTHER OF THE ISP's CUSTOMERS! The spammer would have a ready-made list of high-grade customers. That's gotta be more profitable than going through the hassle of blasting out millions of emails. By letting him do what he actually wants to do - we can avoid the anti-social consequences of the lengths he is normally forced to go.
The spammer gains because he can "go legit" and talk only to people who are very likely to respond. The ISP gains because they lose that big spam burden. People who don't respond to spam win because they don't get anywhere near so much spam anymore and the idiots who respond to spam are (presumably) happy because they are getting more "valuable stock tips" offers to buy "fake Rolexes" and more opportunities to deal with Nigerians with unlikely amounts of cash to transfer.
The ISP could actually deliver encrypted addresses to the spammer for the gullible idiots and decrypt them in the ISP's mail server. If the spammer is found to continue to spam addresses not on the list then the decryptor for those primo addresses could be turned off as punishment.
Ultimately, if this worked, we'd evolve into an opt-in advertising infrastructure that would allow ultra-cheap advertising rates with "no questions asked" - with ISP's, "busnessmen" and customers working together.
Steve
www.sjbaker.org
[sig]
In November I went from never getting a single spam to getting about 100 per day on my Blackberry. Roger's Wireless automatically gives you a blackberry email address (in addition to any others you may set up) and doesn't give you the option to disable it from being pushed to your phone. Their filter system is too simple and insufficient to do what I need it to, so I have been forced to turn off message notification and just check and delete every half hour or so throughout the day. Rogers has not been helpful on the phone or via email. They tell me they're working on it. I'm ready to chuck my $600 phone out the next open window I see.
Hell, Shrub and the old Nixon crowd are just waiting for somebody like you to talk loud enough. You think they like people being able to use the web to network information and grow beyond their ignorance? --That's how the world learned of all those U.S. secret prison camps, (oh, sorry, wrong century), detention facilities dotted all over the globe. (More specifically, the secret flights which service them. Discovering that was an internet job. We wouldn't know about it today if that story hadn't been broken by the people for the people, without the media.)
Knowledge about the Diebold voting scandal was also entirely thanks to the internet. (The last election was won by the Democrats, buy there were still about 3,000,000 votes which went snafu, which only means that they won because the number of people pissed off by Bush was greater than the number of planned votes to be stolen. And that only happens when people are informed!
The U.S. admin would positively orgasm if they could find an excuse to impose massive controls over the internet!
Can you imagine trying to learn something real about the world if we went back to the bullshit paper and television media? Man, we'd be like a bunch of ignorant twits living in the Eighties all over again.
Whose direction are those spammers working under, exactly?
-FL
I've been getting messages that I think are from within my company until I read them through a couple of times. We have six other branches and I don't know everyone's names. Some of these messages are like "Hi everyone, I just wanted to let you know that I can now be reached at ext. 233. Hope all is well at the Calgary office." Then it will give a full phone number and sometimes an address. I traced one of the addresses to a mortgage brokerage in Toronto. It's almost as if they've been reading my legitimate mail and then making crap up that fits the profile of a typical message to me. And they're spoofing the "to:" field too. I hate that.
Maybe it is time to simply shut down all email servers and invent some new ways of communication.
Patents Drive Free Software as Hurricanes Drive Construction Industry
"A spam-free world by 2006? That's what Microsoft Corp. chairman Bill Gates is promising."
i n595595.shtml
http://www.cbsnews.com/stories/2004/01/24/tech/ma
Microsoft could have solved Spam by leveraging their monopoly for good (instead of evil), but they didn't, and show no signs of doing so.
No sig today...
Its very hard on providers' side to fight spam, even more than the end user-side, with spamassasin and such.
First of all, it is very hard to discern legitimate email from spam with the recent tactics employed by spammers. an email with only a subject of "Re:" and 1.5 lines of text can be a reply from a friend, as well as viagra spam. Keyword rating, content examining (auto) can only take you so far, as you cant risk a client not receiving an important business related email.
Up to this botnet thing, we heavily relied on trustable blacklists to filter en masse instead, which did a very good job weeding out spam, due to defining the most-highest rated spammers. However with the advent of the botnet issue, blacklists are not much helping either. Incoming spam, (means spam that is able to bypass the rbl, and land in mail transfer agent) has really increased in dramatic rate in the last 1-2 months.
The solution to this lies on the botnet issue i believe - botnets are providing a means for spammers to unload much spam without the fear of getting blacklisted with their ips - like the old method of infected computers sending spam. If we can find a solution to botnet thing, we might be able to use the same method also in reducing the virus infected computer spam.
Read radical news here
Spam isn't effective and is the domain of bottom feeders. The big players like spam because it wears people down so they're more likely to spend money for other things. Every day, for years, you see -- sex enhancers, mortgage scams, credit scams, worthless herbal drugs, scams, gambling, etc etc etc -- it absolutely must wear people down. The next time they have to make a moral decision in life, the years of seeing this junk in their inboxes have to give it some sort of weight, even subconsciously. After years and years of daily seeing that the worth of men is solely based on their penis size, and that women are only sex objects, that has to make a certain percentage of people more susceptible to buying porn. The big players encourage spam because it essentially costs nothing - no reason not to have this fire-hose of desensitizing garbage being spewed into every inbox on the planet for years on end. No one makes money off of spam, I don't think, except the spammers themselves - it's just that bottom feeder frenzy for a few crumbs.
I assume you mean
How can you get this boolean setup working in Mail.app? As far as I can see it only lets me choose that "all" (A && B && C) or "any" (A || B || C) of the rules apply, neither of which result in the filter you're suggesting.
Yes, I agree that email in its current incarnation is pretty dead by now.
We need a new email. But we all know about the huge inertia surrouding email changes. To avoid being trapped in the email change inertia, we need a new system that:
- Can still use the current email infrastructure
- Does not require cooperation from everybody at once in order to be usable/useful
The protocol that can achieve this is EmailXT (http://www.emailxt.com/). It offers a seamless transition path from the current to the new system, even on the same mailbox. It adds new features to email, defeats most spam, viruses and phishing, and pretty much returns mailbox control to you.
However,
- Still in pre-alpha specification phase
- Bare-bones, buggy-prototype client application available
- No public protocol specification available, although claimed as a free, public protocol.
But I still see much promise in it, judging from my (rather limited) tests. We will have to wait and see if it reaches critical mass. For now it needs word-of-mouth. If you like it and want to make it grow tell your friends about it (actually that's what I am doing!)...
Sod it. Click them all. I know I did.
Merry Everybody!
This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
One way to reduce the spam is for all domain owners to publish spf records (http://www.openspf.org/), and for all mail filters to tag all email failing spf as spam (make it visible i.e. ad SPAM: to subject). This will top the botnets from bumping out spam and ISPs do will no longer need to block outbound smtp. And just maybe make spam filter check all headers and tag mail as spam if the dont match. I know this cant be done over night but lets say this will be implemented by 2009 we will have a lot less spam.
I recommend KnujOn http://knujon.com/ .
So far they've shut down over 13.000 spammer sites.
The increase in November of 35% is pretty accurate - but where the real story is is when you look at the 6 month trend.
In July of 2006, my enterprise was blocking approximately 20 million spam messages per week. Last week, we blocked 86 million spam messages - over 400% increase in 6 months.
Most of the growth occured in September & October. We're projecting to hit 100 million per week by the end of January.
The only good news here is that the amount of valid email that we're letting into our enterprise is remaining flat, indicating that pretty much the entire increase is successfully blocked by our anti-spam. *whew*.
-Lokatana
I get perhaps one or two spam per year. The solution is simple.
Get a bunch of disposable email addresses and give each friend his own unique address. Get extras for web sites and forums that need an address.
When an address is compromised, tell the friend you gave it to that he may have a virus. Discard the old address and give him another if you think he will take better care. Keep track of web sites that sell your addresses and make sure they understand they have been caught.
When you want to put an email address on a web page, encode it using a simple address encoder like http://www.addressmunger.com/
I have several sites using this techique. In over five years of continuous use, I have yet to get a single spam from any of these sites.
Mike Monett
I now scrub mail for friends and familly through my Postfix mail server using Fetchmail, Fetchyahoo and Gotmail. Amavisd-new, Clamav, Spamassassin, various DNS blacklists includung URIDNSBL and a sprinkle of bayesian filtering have pretty much solved the problem as far as I'm concerned. The only remaining annoyance was image spam, but that has even been solved thanks to FuzzyOCR that is now in Debian !
I you still have spam, it just means that you are not using the freely available tools to eradicate it. Just do it ! I found it is suprisingly easy and we have to thank Debian for that !
I use Cloudmark Desktop and it removes about 99.9% of the spam. I get one or two spam email each week, but thats about it. The best part is that it is virtually impossible for it for falsely hit on valid email (of course, anything is possible in certain situations though). The downside is that it runs on the client, not the server. And I'm not sure, it might be only for Outlook and Outlook Express. Not sure about support for other email clients. But, it works very well in my specific configuration.
All the image spam is gifs. I just toss anything incoming with a gif attached - which is easy to do with mimedefang-milter/spamassassin in front of sendmail. I have one relative who occassionally sends funny gifs so I should whitelist her, but what place is there for gifs in business correspondence?
Also, toss anything with "stocknews" as part of the sender e-mail - that's all from a huge botnet. Toss anything where the earliest received line claims it was received by one of my own domains - but without the machine name/subdomain that my actual mail servers list. And toss anything that includes machine names as domains in the To address (i.e. someone@sub.domain.com), since our "from" addresses never include the subdomain, but for some reason spammers like to include it. All that's done without notice. Stuff with high SpamAssassin scores gets bounced with notice. And everyone not on a whitelist gets greylisted.
The spam that gets by all this is only a couple a day.
"with their freedom lost all virtue lose" - Milton
Most proposed solutions attack at the wrong place. Spamming is not financed and made profitable by the providers or the spammers. The only way to stop it is to attack the source of the money paying for all this crap. One of the of big players (Google, yahoo Aol, MSN) who can withstand attacks and have the servers necessary needs to step up and offer to set up a database of the people paying the bills. Then the Internet community has to use frontier justice in the absence of real law to attack and destroy the sites owned by the spammers' clients. A million email responses for every one they send us; a million phoney orders for their product; 7/24 downloads of whatever they have on their site; DB hacking; DoS attacks, and anything else that will bring them to thier knees until they stop financing spam. Of course modt of that is illegal, and like passive societies throughout history we will continue to be beatup on by thugs and those who pay them until Marshall Google or Sheriff Yahoo goes into action. This thread is typical of what we see all over the web; spineless whining. All this because most of us are law-abiding and we continue to support general priciples of law or lack of law that protects the criminal but will put us in jail if we try to take effetive action agaisnst them.
Wouldn't this problem be completely solved once and for all if everyone had to pay $0.001 to send an email? I'd gladly pay it. And if someone who wants to send me an email doesn't think that his or her message is worth paying $0.001, I don't want to read it.
So why isn't this happening?
What I wonder is, how vast are the botnets? If there are 1000 botted machines in one spammers botnet, how long would it take to build up a list of IPs for said machines?
... --to-ports 1234 ) to a secondary local SMTP server on an alternate port that will actually accept the message (once it finally gets through), and analyse it to update the spam filters of the primary SMTP server.
What I would like to do is keep a running list of dates + IP's. Any IP that's been in the list for the last 30 days should get the following rule in my firewall:
iptables -A INPUT -p tcp -s ${SPAMMY_IP} --dport 25 -j DROP
or if you want to be a little less friendly, set a rule that rate-limits your packets to about 8 to 32 bits/sec (1-3 bytes). The spammer's machine is going to waste a *LOT* of time sending it's data through. If you wanted to go further with this, a co-worker has suggested you could re-route these connections (iptables -A REDIRECT
Perhaps when I've some extra time I'll add some postfix+iptables fun to accomplish this.
I'm seriously considering setting my server to reject anything that isn't plain text. With OpenBSD you can also filter packets by OS type so dropping anything that comes from a Windows box on port 25 might work.
Greylisting works better with Nolisting. Install both and your users might just forget all about spam.
A jump in spam volume and Christmas is just around the corner. And some dismiss it as coincidence!
There are several major blacklist providers, like Spamassassin. I think it would be very worthwhile to publish a monthly list of the names and ADDRESSES of the top 10 spammers. Get it in one of those colorful charts the put in USA Today and other major dailys. This would publicize the problem, put a face on the problem, and put real fear into the hearts of the perpetrators. Another thought... Hasn't anyone tried setting a few honeypots and then sue for the per spam fines? If you got damages from suits like that you could really make some $$ (until the spammers sent their thugs with baseball bats after you!).
-- QED
It's hard for countries other than the US to threaten the US into getting their chickenboners under control.
-- To dream a dream is grand, but to live it is divine. -- Leto ][
even yahoo bounces e-mail from itself. the increase in volume is probably true that yahoo groups marked my yahoo e-mail as bouncing!
i would welcome a new better messaging system to replace the quite outdated e-mail system. i suspect, we cannot keep the cycle of upgrading bandwidth and server capacity just to filter all the spam. someone has gotta give (like a recent article where an isp just drops the e-mail.)
Live your life each day as if it was your last.
The spam-storm is picking up again as I type...