Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Volume Jumps 35% In November

Posted by ryuzaki0 on from the crazy-email-subject-lines dept.

gregleimbeck writes "Spam volume soared another 35% in November, an e-mail security vendor said Thursday, and the month saw spam tactics that reduced the efficiency of traditional anti-spam filters. 'There's been a huge increase in spam volume,' says David Mayer, a product manager at IronPort Systems, 'from 31 billion spams a day on average in October 2005 to 63 billion in October 2006. But in November, we saw two surges that averaged 85 billion messages a day, one from Nov. 13 to 22, the other from Nov. 26 to 28.'"

12 of 371 comments (clear)

  1. I'd say more than 35% by twiggy · · Score: 5, Insightful

    Maybe it's just me, but my spam volume seems to have jumped at least 200% in recent months.

    Are we finally going to reach a point where only trusted addresses can email us? Seems the arms race is being severely lost. I've got a pretty good spamassassin config and I can't keep up anymore, I find myself having to manually delete literally hundreds of messages a day now.

    --
    http://www.babysmasher.com
    http://www.openingbands.com
    1. Re:I'd say more than 35% by tacocat · · Score: 3, Insightful

      Even that can be spoofed. And people will complain that they can't engage the customers and that's hurting the economy.

      There was a guy who proposed something called RSS-mail a few years back. It was the same guy who came up with SPF I think.

      Anyways the idea was that I would send you a notification that there was an email waiting for you to pick up on my server. Similar to how RSS passes data. If I was interested in reading that message I could call upon your server to deliver the email to me and then I could read it.

      The key is that now the sender has to own the email. He can't just shoot off 20 million random messages. He now has to store all of them on his server for some period of time so that you can pick them up. Cheap for you, expensive for him. It also means that he has to be honest about his RSS feed otherwise you'll never be able to pick up the email and read it. This also makes it easier to track them down.

      Personally, I think spammers won't go away easily. They make a lot of money off pathetic fucktards who think they can get a bigger dick with a pill. The real damage is done by the people who purchase via spam making spam a viable marketing tool.

    2. Re:I'd say more than 35% by nuzak · · Score: 3, Insightful

      I could analyze your FUSSP point-for-point, but let me just whack at the most flawed point:

      All ISPs should take reasonable care not to reinstate mail sending privileges until they are sure that the user's computer is clean.

      Any ISP that actually gives enough of a shit to care what is coming out of their network and manage their users like this has already managed the spam problem. How much spam do you see coming from AOL IPs? Yeah, it's because they got people like Carl Hutzler who actually took the problem seriously and they gave him real power to implement solutions.

      I see armchair admins come up with these oh-so-clever solutions every day, but the reality is that solutions exist now, and what stands in the way of their implementation is nothing more than incompetence and greed. Comcast, Brazil Telecom, Orange/TPnet, all of them could stop their massive armies of zombies overnight, but it's just too expensive. Their cost-benefit analysis lets them keep polluting our mailboxes with direct-to-MX zombie connections rather than deal with the support costs of the 0.01% of users that will ACTUALLY have a problem with port-25 blocking.

      We have to make it expensive for ISP's to continue letting their zombies send us spam. That is my FUSSP.

      --
      Done with slashdot, done with nerds, getting a life.
    3. Re:I'd say more than 35% by MobyDisk · · Score: 3, Insightful

      Yes, but at least they couldn't send the spams without exposing what domain the generated the keys from. Then someone could notify the registrar and have the person's credit card pulled.

    4. Re:I'd say more than 35% by heinousjay · · Score: 5, Insightful

      That's because you've been trained by Hollywood and Slashdot and all the other happy lefty bullshitters to believe anyone in business must be a liar and a thief. It's a generalization that isn't even close to true, but that doesn't stop it from being propagated in the name of populism. Unfortunately, the idea of the noble poor is just as much a myth.

      Everyone has equal potential to be scum. It's just easier to make people hate successful scum.

      --
      Slashdot - where whining about luck is the new way to make the world you want.
  2. Why do we fight this at the end? by cliffski · · Score: 5, Insightful

    I use (amongst other thing) spamhilator. It's free, and its pretty reliable. The trouble I have is that I *have* to allow everyone to mail me. When you run a business, you *do* occasionally get people guessing your email address from your domain and sending you a potentially vital email. I just can't afford to block emails by default. And anything (like captchas or auto-response systems) that makes it hard for my customers to contact me is just BAD.

    I don't see why we are always fighting this problem at the reception end, rather than the source. Spam filters can work quite well, but why are they mostly applied right at the very endpoint of the chain?
    I'd be very happy for some basic filtering to take place on my outgoing mail at the ISP level. If it meant the odd automatic email with a captcha saying "are you sure you intended to send this mail?" before a spammy-looking email went out, thats fine with me, and wouldn't that approach cut down on all those twits whose PC's are part of a botnet without them realising it?

    Bah, why is firefox suddenly getting me to spell check in American?

    --
    DRM-free indie games for the PC and Mac: Positech Games
  3. Re:It's that damn picture spam by gvc · · Score: 3, Insightful

    Apparently, image spam beats a number of spam filters. But not all. Try another filter. I haven't done an extensive test in the post-image-spam era but OSBF-Lua is the best available filter I know of, and I haven't noticed that it is compromised by image spam. It is free.

  4. Who reads it? by Kelson · · Score: 5, Insightful
    Is there anyone out there who seriously READs this garbage and actually considers sending money to these people?

    The great irony of the spam arms race is that the better we get at filtering the spam, the more garbage the spammers send out just to get the same return. You can't stop filtering it, because the mail you want would be buried in a torrent of spam. But filtering more just raises the bar for the next round of spam.

    Eventually it may get to the point where (a) email is unusable or (b) spammers have to send such a massive volume of cr@p that it no longer becomes a cheap business, and it ceases to be worth spamming. Until then, things will keep escalating.

  5. Filled corporate Internet pipe by AaronW · · Score: 3, Insightful

    Spam has become such a problem where I work that it has completely flooded the corporate Internet connection. I personally feel they should host an external mail server and spam filter off-site someplace. For my personal server I use various RBLs and country blacklists, like blocking all of China, Korea, Russia, Nigeria and a few other countries. Those seem to block most of the spam from even entering my mail server.

    I know people talk about legal solutions not working, but I think if law enforcement made use of existing laws and went after these people it might make a difference. I'd love to see the FTC go after the pump and dump spammers and confiscate everything they own before locking them up, or the food and drug administration go after all the enhancement pill spammers. Also, perhaps a law to fine idiots who buy from these spammers.

    Just change the federal law to let some of the state laws take effect, i.e. defeat the Can-spam act.

    I think if law enforcement made a good effort to go after these spammers and lock them up then it might make a difference.

    -Aaron

    --
    This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
  6. Geographic filter is great by caller9 · · Score: 3, Insightful

    If you don't do business outside the US, filtering by geographic registration for the subnet works wonders. A little hard to set up but once you use the geographically filtered email to train your Bayesian filter, you really get 99.9% or better. Currently getting approx 99.97% accuracy and very little false positives. Pleased as punch.

  7. Re:Anyone can use gmail's anti-spam too! by gknoy · · Score: 3, Insightful

    Can you REALLY trust GMail to Really Truly Delete the contents of your mail? I don't.

  8. Spam is just the symptom... by TropicalCoder · · Score: 4, Insightful

    The real disease is: those vast botnets. Really, it's a scary thought. We are lucky that they only being used for spam and the usual phishing scams and the like - as far as we know! Imagine if the terrorists buy themselves some botnets for some nefarious purpose, or the Chinese or North Korea government corner the market on them to run millions of bots to steal corporate secrets or IDs or who knows what? What I'm saying here is that the large increase in spam should be triggering off alarm bells everywhere. The spam is not the problem - it's the botnets. Why in the world don't responsible world governments unite to put a swift end to this problem? Really - it could be dealt with swiftly and effectively in a hundred different ways that I will up to the imagination of the reader. I am just astonished this hasn't happened. I mean - couldn't our friend and champion of democracy George W. include this in his initiative against terrorism? He would probably have more luck tackling this problem then he is having in Iraq. What if he put that on his agenda - and set loose all his military might along with the help of some coalition of the willing? Perhaps he could salvage what's left of his image? Are you listening Mister Bush?

    http://www.magma.ca/~gtaylor/AudioTestFileGen.htm