Slashdot Mirror
Spammers Choose GMail
EdwardLAN writes "A study by Roaring Penguin has discovered that during the past three weeks, the amount of spam originating from Gmail has risen sharply." My spam has been pretty ridiculously high for the last few weeks, although I have no idea if this is part of it. It really does seem like gmail's spam filters are declining these days.
I've got maybe 3 a week, which is up from the normal of 1 per month, but it's not really too big of a deal.
IIRC, marking an email as spam or moving the message to the spam folder (if you're using Gmail's IMAP function as I am) helps to train the filter.
I haven't noticed any particular trouble with spam originating from Gmail, and Gmail has still been pretty good at filtering most of my spam.
But if you really want Google to do something about spam, go after them for their negligence on google groups. They've allowed the service to become almost unusable due to the amount of spam they allow through. For actual Google Groups it's not a big problem, but for USENET groups it is. Most people on USENET are just dropping anything coming from Google Groups outright. Any legitimate posts from Google Groups are considered an "acceptable loss" given the amount of godawful spam they allow through. It really cheeses me off that Google won't do something about it.
The summary implies that there's something wrong with the GMail spam filters. Actually, the problem is with the GMail spammer filters... the CAPTCHA.
Also, both Google and spammers are being overly complacent about people blocking GMail:
Actually, several sites have blocked Google SMTP hosts that show large spam outflow (it seems to be specific hosts, as if specific accounts are allocated to specific servers or clusters of servers). Including, and I know the irony is thick enough to cut with a knife, MSN Hotmail. There have even been a number of posts to Google's help forums complaining about mail not being sent because Google servers are being blacklisted.
Yeah thats why I mentioned the Cyrillic thing.
In reality doing it via language matching should be pretty trivial. I'd hazard a guess if you had a list of 30 languages and you pulled out the top 50 most common words in each language you'd probably have near 100% success in detecting the primary language in an e-mail. I'm sure an algorithm either purely based on that word set or based on a larger dictionary choosen based on that matching could be done to determine with a very high confidence what language an e-mail is in and if there's more than one or two languages in it.
They also know my white list of contacts. In my case I'd bet 90% of my e-mail comes from them so those can be immediately put in the inbox, reducing the number that need to be scanned at all.
CAPTCHA is broken: it's not just various implementations that are compromised, but the entire theory.
If you haven't been down-modded lately, you aren't trying.
Sacred cows make the best hamburger.
MS takes security seriously? Perhaps nowadays, but that's a relatively recent trend (last few years), and they've got a lot of mindshare to win back on that score.
If you're going to adopt a policy re: mail, blocking all webmail accounts would make more sense than *just* gmail, especially making that policy months ago. There was more evidence to point to spam originating from compromised Windows boxes than from Gmail.
What the heck does Google Docs have to do with this conversation? But I'll bite anyway... You really think *security* has anything to do with why Google Docs hasn't taken off in the corporate world? Nothing to do with requiring people to be connected (increasing bandwidth costs) and having to use browsers to do work they weren't meant to do (document editing)? No, Google Docs simply can't replicate the functionality corporate workers need right now. Maybe some day it will, but I'd say it's far more likely functionality is keeping it out of business rather than security.
creation science book
Well, I did this study and our results are here.
We in no way imply that Gmail's inbound spam filtering is bad. It's probably excellent. It's just difficult or impractical for Google to filter outbound mail without either human review or complaints because of false-positives.
What we're saying is that spammers are trying to evade IP reputation systems by hijacking organizations with good reputations or which would be impractical to block. There will be a CAPTCHA-cracking arms-race, but unfortunately I think the system will reach equilibrium with spammers quickly breaking CAPTCHAs and continuing to abuse free e-mail systems.
I definately agree. I have had no issue with increased spam in my inbox, and as I never check the spam box, I cannot say one way or the other. Me getting one or two spam messages in my inbox every couple of weeks does not say to me that there is an issue with their spam filter.
You linked to the usual "time to pwn" stories, but the reality is that botnets grow nowadays by means of email attachments. Very few (that I know of) trojan attacks are over remotely-exploited vulnerabilities, with patches or not. You are implying that botnets are created when unsuspecting Windows users install nine-year old copies of an unpatched operating system. That's not true, is it?
The previous wave of trojan attacks (with those "admirer has send you a message" subjects) grew botnets dramatically, I think. How do you account for that? Sobig is the fastest spreading trojan ever, and it requires user interaction to infect a machines. It's a proven fact that infections are spread thanks to vulnerabilities with available patches. How do you account for that?
How is that a "continued failure" of "M$" to protected their customers again?
If your Windows machine is in a botnet herd, you probably did something you shouldn't have, or failed to patch your machine. Even the actual remotely-exploitable vulnerabilities like Blaster have had patches available a month before the exploits were seen in wild.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo