Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Volume Jumps 35% In November

Posted by ryuzaki0 on from the crazy-email-subject-lines dept.

gregleimbeck writes "Spam volume soared another 35% in November, an e-mail security vendor said Thursday, and the month saw spam tactics that reduced the efficiency of traditional anti-spam filters. 'There's been a huge increase in spam volume,' says David Mayer, a product manager at IronPort Systems, 'from 31 billion spams a day on average in October 2005 to 63 billion in October 2006. But in November, we saw two surges that averaged 85 billion messages a day, one from Nov. 13 to 22, the other from Nov. 26 to 28.'"

22 of 371 comments (clear)

  1. I'd say more than 35% by twiggy · · Score: 5, Insightful

    Maybe it's just me, but my spam volume seems to have jumped at least 200% in recent months.

    Are we finally going to reach a point where only trusted addresses can email us? Seems the arms race is being severely lost. I've got a pretty good spamassassin config and I can't keep up anymore, I find myself having to manually delete literally hundreds of messages a day now.

    --
    http://www.babysmasher.com
    http://www.openingbands.com
    1. Re:I'd say more than 35% by sam_paris · · Score: 5, Informative

      i'd say try a different webmail provider. I get a LOT of spam per day, (about 100+) and 99.9% is categorised at spam by gmail. In the last month i would estimate i've had 2 spam messages hit my actual inbox. The rest were filtered out by gmail.

    2. Re:I'd say more than 35% by epiphani · · Score: 4, Informative

      You're missing the point - the spam rate is BEFORE filtering, not after.

      I got around 100 per day back a few years ago. When i started forwarding to gmail, I average a spam folder of 4000 (it deletes spam after 30 days).

      In the past two months, its gone from between 5000 and 6000 to over 15,000. I would agree, hella higher than 35% though. At my place of employment, we have a million mailboxes. We started running into a lot more problems with spam than usual about 6 weeks ago as well.

      --
      .
    3. Re:I'd say more than 35% by dgatwood · · Score: 4, Interesting

      That's definitely one approach. Unfortunately, it means that my mail would then be at the mercy of a thousand servers' bandwidth, and that reading my mail would take a lot longer on the average as a result.

      What we really need is E2EASMTP: End-to-end Authenticated SMTP. The design is basically just the existing SMTP. The only changes are as follows:

      1. All mail servers require an SSL key. This is assigned by the registrar when you purchase a domain. This key may be shared among multiple hosts within the same domain.
      2. All mail servers must require SMTP-Auth for outbound traffic.
      3. All mail servers must sign each piece of mail as it passes through their systems. This signature must sign the complete message, including the signatures of previous servers in the path.
      4. All mail servers must support an automated abuse handling mailbox, autoabuse@domain for responses to spam messages.
      5. All mail servers must forward automated abuse messages appropriately by verifying its own email signature (sending an abuse bounce-back if it does not match) and then forwarding the abuse report to the mail server that send the message to it in the first place.
      6. Upon receipt of a certain number (determined as a site policy) of reports of spam or other junk emails from a given user, the mail server should automatically email that user to notify him/her that his computer is compromised and block any and all emails from that user until it is reset.
      7. All ISPs should take reasonable care not to reinstate mail sending privileges until they are sure that the user's computer is clean.
      8. ISPs are encouraged to manually look at any blocked accounts as soon as they become blocked to make sure that the messages really are spam/phishing.

      The key is that the entire abuse reporting process should be automated and that no email messages without an initial host signature should be delivered. This will make it impossible for continued operation of spam zombies in two ways:

      1. It will prevent them from sending mail directly by running an SMTP server on the compromised computer.
      2. It will prevent them from continuing to send mail through an ISP's mail server by ensuring that the mail messages can be traced back to a single individual user of the originating ISP, where the messages will be automatically blocked in a timely fashion.

      In effect, by ensuring a trusted (albeit not necessarily encrypted) path for all email messages, you make spamming orders of magnitude harder with minimal performance impact. Best of all, I think that this could be implemented with relatively minor additions to the SMTP protocol and phased in over a period of time, ensuring a smooth transition from the spam nightmare we have now to a more modern, usable email infrastructure.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    4. Re:I'd say more than 35% by shadowmas · · Score: 4, Interesting

      this is an excellent idea. but rather than having the registrar generate the SSL keys why not add them to the dns like in spf. this would allow the admins to generate the keys the way they want and if somehow a key is compromised (one of the mail servers gets stolen/hacked) they can quickly and easily generate a new key. also it would be valuable if you could have different keys for different servers.

    5. Re:I'd say more than 35% by heinousjay · · Score: 5, Insightful

      That's because you've been trained by Hollywood and Slashdot and all the other happy lefty bullshitters to believe anyone in business must be a liar and a thief. It's a generalization that isn't even close to true, but that doesn't stop it from being propagated in the name of populism. Unfortunately, the idea of the noble poor is just as much a myth.

      Everyone has equal potential to be scum. It's just easier to make people hate successful scum.

      --
      Slashdot - where whining about luck is the new way to make the world you want.
  2. Pump & dump for PHYA by gvc · · Score: 4, Informative

    It appears to me that the increase is almost all due to a small number of messages swamping us. One advertises the stock symbol PHYA and has no link. The scam is that if you Google for that symbol, there will be a full-width paid ad for a fake broker/analyst site. About 10% of my email for the last couple of weeks (i.e. over 100 of 1000 spams/day) advertises this stock symbol.

    1. Re:Pump & dump for PHYA by gvc · · Score: 5, Informative

      P.S. Feel free to Google PHYA and click the ad. It costs them money.

    2. Re:Pump & dump for PHYA by cashman73 · · Score: 5, Informative
      Stock ticker PHYA belongs to Physicians Adult Daycare, Inc. They recently put out this announcement saying that they have nothing to do with the email spammers, and are trying to catch them.

      Basically, the way this scam works is that the scammers buy a bunch of worthless stock (as in a few cents/share), then email fake stockbroker advice websites and fake advice emails to people, trying to get them to buy the stock. When the stock is worth a decent amount of money, the scammers sell and leave everyone else that bought into their so-called, "advice," with worthless stock.

  3. Plus, SMS Spam by SRA8 · · Score: 4, Interesting

    If it wasnt bad enough get 10 to 15 stock "tips" via spam a day, in mid-December, i started getting the same stock spam via SMS! Yes, SMS! I got a burst of 6 one morning, then another 5 later in the day. Theres $1.10 of SMS fees courtesy of Cingular. I cancelled my SMS service (which they enable automatically) immediately. Wonder how many people are unknowing getting charged for these messages. Starting January 07, Cingular will start charging 0.15/sms -- perahps a response to record SMS revenues :-) ?

  4. Why do we fight this at the end? by cliffski · · Score: 5, Insightful

    I use (amongst other thing) spamhilator. It's free, and its pretty reliable. The trouble I have is that I *have* to allow everyone to mail me. When you run a business, you *do* occasionally get people guessing your email address from your domain and sending you a potentially vital email. I just can't afford to block emails by default. And anything (like captchas or auto-response systems) that makes it hard for my customers to contact me is just BAD.

    I don't see why we are always fighting this problem at the reception end, rather than the source. Spam filters can work quite well, but why are they mostly applied right at the very endpoint of the chain?
    I'd be very happy for some basic filtering to take place on my outgoing mail at the ISP level. If it meant the odd automatic email with a captcha saying "are you sure you intended to send this mail?" before a spammy-looking email went out, thats fine with me, and wouldn't that approach cut down on all those twits whose PC's are part of a botnet without them realising it?

    Bah, why is firefox suddenly getting me to spell check in American?

    --
    DRM-free indie games for the PC and Mac: Positech Games
  5. The NEW 640k quote... by illuminatedwax · · Score: 5, Funny

    "Two years from now, spam will be solved" - Bill Gates

    --
    Did you ever notice that *nix doesn't even cover Linux?
  6. Who reads it? by Kelson · · Score: 5, Insightful
    Is there anyone out there who seriously READs this garbage and actually considers sending money to these people?

    The great irony of the spam arms race is that the better we get at filtering the spam, the more garbage the spammers send out just to get the same return. You can't stop filtering it, because the mail you want would be buried in a torrent of spam. But filtering more just raises the bar for the next round of spam.

    Eventually it may get to the point where (a) email is unusable or (b) spammers have to send such a massive volume of cr@p that it no longer becomes a cheap business, and it ceases to be worth spamming. Until then, things will keep escalating.

    1. Re:Who reads it? by SQL+Error · · Score: 4, Informative

      Most spam is sent out using hijacked Windows PCs - zombie networks - and costs the spammers nothing. So they ain't gonna stop.

      Having said that, the level of obfuscation they have to use even now makes their ads almost unreadable. You want me to 3nl@rg3 my what?

  7. Bandwidth by tef · · Score: 5, Interesting

    If for example each spam message was around 1k of info, that's on average 63 tera bytes of info! Using the new Seimans 107gb speed record connection, that would take almost 10 minutes to transfer all that spam! I just wonder how much faster the internet would be without spam.

  8. Re:Outlook by drinkypoo · · Score: 4, Funny

    I don't know, but it looks like you get more than 100% spam... over 198%. How did you manage that?

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  9. Re:Outlook by tb3 · · Score: 4, Funny

    That seems only fair. According to a random sample of spam headers, Outlook Express has sent an average of 100% of the spam I've received.

    --

    www.lucernesys.comHorizon: Calendar-based personal finance

  10. Anyone can use gmail's anti-spam too! by a16 · · Score: 4, Interesting

    Something worth pointing out to people who don't want to use gmail, is that you can use gmail as an enterprise grade anti-spam filter for your personal inbox.

    Simply forward all of your mail on to gmail, and then either collect it from gmail using POP3, or set gmail to forward it back to a "clean" account on your server that you can pick mail up on. You can set gmail to delete the mail after it forwards it, so you essentially get one of the best anti-spam filters out there, for free.

    Of course, what is annoying me is all of the penny stock image spam that gets through most spam filters. It's getting to the point where I really am considering stripping image attachments from messages. See this post further down for a bit more on my thoughts on image spam.

  11. Re:I use a different approach. by Nogami_Saeko · · Score: 4, Interesting

    I'm running my own mail server and using a system I read about which delays the initial SMTP "HELO" for 20-30 seconds before acknowledging the incoming connection.

    If someone is sending spam, they're not going to wait that long before starting a new connection (it would slow them down something fierce, to maybe only sending 1 or 2 emails a minute).

    This catches about 75% or more of the spam coming in - anything left is mopped-up by either spam assassin at the mail server level, or POPFile before my email client.

    Sort of a 3-tiered approach. Very little (maybe 1 or 2) spams per-week get through.

    N.

    --
    "Nothing strengthens authority so much as silence." - Charles de Gaulle
  12. Re:Don't be hasty! by Sponge+Bath · · Score: 4, Funny

    He's got 9 days left!

    Nine days ought to be enough for anybody.

  13. Spam is just the symptom... by TropicalCoder · · Score: 4, Insightful

    The real disease is: those vast botnets. Really, it's a scary thought. We are lucky that they only being used for spam and the usual phishing scams and the like - as far as we know! Imagine if the terrorists buy themselves some botnets for some nefarious purpose, or the Chinese or North Korea government corner the market on them to run millions of bots to steal corporate secrets or IDs or who knows what? What I'm saying here is that the large increase in spam should be triggering off alarm bells everywhere. The spam is not the problem - it's the botnets. Why in the world don't responsible world governments unite to put a swift end to this problem? Really - it could be dealt with swiftly and effectively in a hundred different ways that I will up to the imagination of the reader. I am just astonished this hasn't happened. I mean - couldn't our friend and champion of democracy George W. include this in his initiative against terrorism? He would probably have more luck tackling this problem then he is having in Iraq. What if he put that on his agenda - and set loose all his military might along with the help of some coalition of the willing? Perhaps he could salvage what's left of his image? Are you listening Mister Bush?

    http://www.magma.ca/~gtaylor/AudioTestFileGen.htm
  14. Real status from a Financial Institution by Lokatana · · Score: 4, Interesting
    I run an enterprise level messaging department for a large financial institution.

    The increase in November of 35% is pretty accurate - but where the real story is is when you look at the 6 month trend.

    In July of 2006, my enterprise was blocking approximately 20 million spam messages per week. Last week, we blocked 86 million spam messages - over 400% increase in 6 months.

    Most of the growth occured in September & October. We're projecting to hit 100 million per week by the end of January.

    The only good news here is that the amount of valid email that we're letting into our enterprise is remaining flat, indicating that pretty much the entire increase is successfully blocked by our anti-spam. *whew*.

    -Lokatana