Slashdot Mirror
Spammers Choose GMail
EdwardLAN writes "A study by Roaring Penguin has discovered that during the past three weeks, the amount of spam originating from Gmail has risen sharply." My spam has been pretty ridiculously high for the last few weeks, although I have no idea if this is part of it. It really does seem like gmail's spam filters are declining these days.
Maybe they should have just kept the system invite-only, instead of opening it up to everyone -- that would help, the way I see it.
How does spammers creating gmail accounts to send spam from imply that gmail's spam filters for inbound mail are declining? (if that is indeed what the summary is supposed to say).
Half of the spam I get on my gmail account that actually gets past the filter is in some language other than English... in fact its almost always in Cyrillic as well.
Give me a damn drop down that says "I speak English, anything not in English is not to me".
Won't solve their outgoing problem, but adding "this is my language" support would be a big help on the incoming, at least with my spam patterns.
The IT staff at my dad's company blocked all communication with Gmail servers a few months ago, on the grounds that it was 'insecure'. Locking down an MS shop (XP/Exchange/etc) from the 'insecurity' of Google (while still accepting hotmail.com emails) still strikes me as a bit odd, but I've been hearing more reports of lax Google security with respect to spam/spammers. Perhaps they (dad's company) were on to something?
Anyone else having issues with people blocking Gmail?
creation science book
I've got maybe 3 a week, which is up from the normal of 1 per month, but it's not really too big of a deal.
IIRC, marking an email as spam or moving the message to the spam folder (if you're using Gmail's IMAP function as I am) helps to train the filter.
Gmail used to be touted as the best spam filtering service. Certainly it's good, but apparently they only feel the need to filtering incoming messages. Why not filter outgoing messages as well? Can't quite be a CPU problem, because outgoing has be be just a small fraction of incoming, right?
Is it just tradition? People never expect anything they send to ever have anything done to it? Google could set another precedent in webmail by introducing outgoing filters which would block or slow down mail appearing to be 'spammy'.
creation science book
Yeah I've thought the same thing, too. It wouldn't be that hard to filter. You could just select a charset (like Latin-1) and if less than 90% of the characters in a given message aren't representable in your chosen charset, automatically kill it. That wouldn't require figuring out the actual human language it was written in; it's a pretty trivial automatic test.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
It's the outgoing spam from Gmail that's the problem, not the incoming spam, and there's been messages on the Gmail forums about Gmail servers being blocked for spam. If Google doesn't do something about it, then Gmail accounts will end up "read only".
And having Google themselves impose outgoing spam filtering is something else to worry about, if you're a Gmail user.
They'll close the holes when it is out of beta.
Except for ending slavery, the Nazis, communism, & securing American independence, war has never solved anything.
I haven't noticed any particular trouble with spam originating from Gmail, and Gmail has still been pretty good at filtering most of my spam.
But if you really want Google to do something about spam, go after them for their negligence on google groups. They've allowed the service to become almost unusable due to the amount of spam they allow through. For actual Google Groups it's not a big problem, but for USENET groups it is. Most people on USENET are just dropping anything coming from Google Groups outright. Any legitimate posts from Google Groups are considered an "acceptable loss" given the amount of godawful spam they allow through. It really cheeses me off that Google won't do something about it.
In Wednesday's article, it was revealed that through a bug in Gmails software is was possible to send personalized spam. I guess it's true.
The summary implies that there's something wrong with the GMail spam filters. Actually, the problem is with the GMail spammer filters... the CAPTCHA.
Also, both Google and spammers are being overly complacent about people blocking GMail:
Actually, several sites have blocked Google SMTP hosts that show large spam outflow (it seems to be specific hosts, as if specific accounts are allocated to specific servers or clusters of servers). Including, and I know the irony is thick enough to cut with a knife, MSN Hotmail. There have even been a number of posts to Google's help forums complaining about mail not being sent because Google servers are being blacklisted.
The fact that more spam is originating from Gmail is not indicative of Gmails spam filters being less effective, I think they only scam mail sent to Gmail accounts.
We know that the Gmail Captcha was broken a few months back. It's more likely that a variant of that tool has become more widely distributed and/or cheaper and has found it's way into the hands of script-kiddies.
Most of the comments on this page are about *incoming* spam to google, when the article itself is about *outgoing* spam from google.
Yeah thats why I mentioned the Cyrillic thing.
In reality doing it via language matching should be pretty trivial. I'd hazard a guess if you had a list of 30 languages and you pulled out the top 50 most common words in each language you'd probably have near 100% success in detecting the primary language in an e-mail. I'm sure an algorithm either purely based on that word set or based on a larger dictionary choosen based on that matching could be done to determine with a very high confidence what language an e-mail is in and if there's more than one or two languages in it.
They also know my white list of contacts. In my case I'd bet 90% of my e-mail comes from them so those can be immediately put in the inbox, reducing the number that need to be scanned at all.
Good I'm safe... It just asked for my credit card number.
CAPTCHA is broken: it's not just various implementations that are compromised, but the entire theory.
If you haven't been down-modded lately, you aren't trying.
Sacred cows make the best hamburger.
Perhaps the GMail mailadmins will try to stop some, but they probably won't get it all. And they too will rely on GMail being "too big to block" for most mail recepients.
This just highlights how the burden of anti-spam efforts often gets transferred to legitimate email senders by simplistic blocking. The unacknowledged false-positive problem. I have seen these come to a sudden stop when the company loses an important order because it false-positived the prospect.
Google already does that for their ads. I'm an American living in Germany who also has friends in Japan that I coorespond with in Japanese. I get ads in English, German, and Japanese(in fact I get ads in Japanese offering to teach me English and/or German....) so if they can determine the language for the ads, then they should be able to use it for spam.... at least if you get an email in a language that isn't in your outbox it should trigger something..
Monstar L
Here's a quick way to solve the problem: require digital signatures for "important" emails. Want to sign up for Facebook? Digitally sign your reply to the "verify" email. It is quick, effective, and people who don't know what signing is will catch on really fast.
Palm trees and 8
When has that ever been true? From what I can tell from reading the comments to most Google stories, certainly in the past six months, the groupthink seems to be more along the lines of cynicism and criticism. I can't recall any company that gets unanimous praise regardless of its actions. The opposite used to be true, that scorn was heaped onto some companies regardless of their actions (Microsoft is probably the most obvious target of that group-disgust), but even that seems to be waning, there's still the hard-bitten MS-haters, but the view seems to be more balanced and critical these days.
Even the Mac fanboys aren't quite so unfettered any more.
Start assassinating some of these fucking degenerate spammer asshole motherfuckers and watch the junk disappear. Seriously, these cocksuckers need to be burned at the stake. Blackwater would prally do it.
"I disapprove of what you say, but I will defend to the death your right to say it." - Evelyn Beatrice Hall, re Voltaire
I just wanted to add something interesting, I forwarded an account to my gmail in order to use gmail's filters to rid me of most of the "sorting" work, periodically I log into the original account to clean it up.
After about 6 months of doing this, I notice when I log into the original account there is almost no spam in it these days.
I guess they lost interest in that email since I never actually look at anything in it.
"If any question why we died, Tell them because our fathers lied."
Well, I did this study and our results are here.
We in no way imply that Gmail's inbound spam filtering is bad. It's probably excellent. It's just difficult or impractical for Google to filter outbound mail without either human review or complaints because of false-positives.
What we're saying is that spammers are trying to evade IP reputation systems by hijacking organizations with good reputations or which would be impractical to block. There will be a CAPTCHA-cracking arms-race, but unfortunately I think the system will reach equilibrium with spammers quickly breaking CAPTCHAs and continuing to abuse free e-mail systems.
With most big name email players like gmail, yahoo, etc, now using DomainKeys, the value of having an email address on any such system has skyrocketed. Gmail addresses are also usually even more respectable addresses. So being on gmail and a getting through because DomainKeys work makes it is a privileged domain.
What the proper response should be:
What should really happen is SenderKeys, which augments DomainKeys. You will get your own domain key when you can become "verified" like at Ebay and elsewhere. SenderKeys is implied by DomainKeys.
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
That would just be an unplanned bonus.
Well, as you increase the level of intelligence meeded to go through the CAPTCHA, you start to leave humans out. And this only gets worst as CAPTCHA breakers get better and better, so in that sense, the CAPTCHA is broken, and also in that sense, we have artificial intelligence that is at least as good as the worst humans.
When his defense asked, "Which computer has Jon Johansen trespassed upon?" the answer was: "His own."
I have mail accounts which are filtered by SpamAssassin, which does a fairly good job, and it looks like the actual text content of the email can only contribute so much to the spam score. I tried sending myself emails from a different account with text like "president nigeria $8,000,000 viagra penis enlargement rolex' and it stayed below the spam threshold: each spammy subject gives one point, so that is only 4 points while the spam cutoff is at 5. Blacklisted IP addresses have much more weight, and in addition there are plenty of technical issues that are are spam indicators, such as dynamic IP addresses, forged header lines, HTML-only mail with inline images, and so on.
I don't know what Gmail exactly uses for spam filtering, but the above message sent to my gmail account made it to the inbox with no problem.
Avantslash: low-bandwidth mobile slashdot.
Spelling checkers is not the compete salutation.
Nerd rage is the funniest rage.
I don't think CAPTCHA's are being machine broken. I've seen ads outsourcing the typing in of CAPTCHA bidding $1 per 1,000. Try looking at http://www.getafreelancer.com/projects/Data-Entry/Captcha-PROJECT.html to get an idea of what is going on.
You linked to the usual "time to pwn" stories, but the reality is that botnets grow nowadays by means of email attachments. Very few (that I know of) trojan attacks are over remotely-exploited vulnerabilities, with patches or not. You are implying that botnets are created when unsuspecting Windows users install nine-year old copies of an unpatched operating system. That's not true, is it?
The previous wave of trojan attacks (with those "admirer has send you a message" subjects) grew botnets dramatically, I think. How do you account for that? Sobig is the fastest spreading trojan ever, and it requires user interaction to infect a machines. It's a proven fact that infections are spread thanks to vulnerabilities with available patches. How do you account for that?
How is that a "continued failure" of "M$" to protected their customers again?
If your Windows machine is in a botnet herd, you probably did something you shouldn't have, or failed to patch your machine. Even the actual remotely-exploitable vulnerabilities like Blaster have had patches available a month before the exploits were seen in wild.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
This. [/.]
Absurdity: A statement or belief manifestly inconsistent with one's own opinion. -- Ambrose Bierce
To create your new Gmail account, please translate the following equation into a limerick:
(12 + 144 + 20 + 3 * sqrt(4))/7 + 5 * 11 = 9^2 + 0
Answer:
A Dozen, a Gross, and a Score,
plus three times the square root of four,
divided by seven,
plus five times eleven,
equals nine squared and not a bit more.
via: http://www.trottermath.net/humor/limricks.html
Please be so kind as to reply with the account you originally posted the comment with, not the name troll you created for me, or any of your other 12 accounts.
Also, ad hominems are not particularly useful, they merely tell everyone that your argument was invalid to begin with.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo