Slashdot Mirror
Where Has All My Spam Gone?
An anonymous reader writes "I have my own domain, which has its own email server, where I receive all my personal email. I've been getting about 800 emails a day, of which perhaps 20 are real. Suddenly, Sunday or Monday evening, the spam pretty much stopped. My volume of mail has plummeted to less than 100 a day, and as far as I can tell, I'm not missing any real mail — I'm still getting the email list subscriptions I'm expecting, and every time I ask someone to send me a test message, it gets through. My domain host insists that it doesn't do any spam filtering before mail gets to my inbox, and that they've changed nothing about their configuration. I run SpamAssassin on my server to mark, but not delete, spam, and download the whole mess to my home client, and I'm still seeing the occasional message tagged by SpamAssassin. But it's virtually all gone. And I haven't changed anything about my own mail configuration, or the harvestability of my site (my personal email has been harvestable for almost a decade). So what's going on? I can't believe that several major botnets would have vanished overnight. Any ideas?"
*Checks mail logs*
Yeh, you need to ask the ISP again. No sign of slowing here.
My spam has tripled over the past few days. So I'm not getting all of it, but I'm getting a chunk of it.
Cynical Idealist
And you're complaining because .... ?
My blog
It must be a sign of the Apocalypse.
Did you install Skynet 1.0?
Hey, what's that siren going off for....
And you're complaining because .... ?
No kidding. I work as a sysadmin, and as far as I'm concerned, a spam-free day is an occasion to praise my patron demon and bring Him an offering of hookers and blow, not an excuse for an "Ask Slashdot" posting.
I write sci-fi for metalheads
... just in case you desperately need to buy some cheap "medicine" :-)
The spamming botnets are now being used to generate profit by aiming themselves at the government of Georgia.
When spammers took over your box, they didn't want to flood it with their own mail.
There are no loopholes. It's either legal or it's not.
Per Ars, a 100,000 machine bot net was shut down recently. http://arstechnica.com/news.ars/post/20080814-police-nab-shadow-creators-force-botnet-to-commit-suicide.html
??
Sorry, we've been down for maintenance and it's taking a lot longer than we originally planned. You can expect normal service to resume by next monday.
Perhaps the ISP installed an IronPort system.
http://arstechnica.com/news.ars/post/20080814-police-nab-shadow-creators-force-botnet-to-commit-suicide.html
That may account for some of it.
Hail Eris, full of mischief...
E pluribus sanguinem
Spam Assassin is actually assassinating spam.
On another note, has anyone heard from cousin who is a Nigerian prince? He hasn't called in days and we're beginning to get worried.....
import system.cool.Sig;
It was probably all coming from one botnet. Maybe the spammers renting it didn't pay their bill.
China imploded?
I'm still seeing 1000-1100 per day, mostly bounced mail where spammers have used my domain as the sender - tossers!
The FBI took down a large botnet not too long ago.
... to save the health of the athletes.
...and the Chinese are busy watching 13-year olds win gold metals. Bob
We're happy to help you solve this mystery.
What is your email address?
Okay, here's the thing: nobody but you ever got spam. We all just thought it would be funny to fool you into thinking there was some kind of worldwide scamming epidemic. You don't seriously think people would be stupid enough to buy pills off strangers who email them out of the blue, do you? I thought we'd gone a bit too far and stretched the limits of credibility when we came up with the idea for the Nigerian scams, but I was wrong, you even fell for that! Nobody is stupid enough to send all their money to a "Nigerian prince".
Anyway, enough's enough. The joke's stale now, so we decided to stop sending it all to you.
Bogtha Bogtha Bogtha
That's my only suggestion
A large chunk of spam comes from a very small group of spammers. It may just be that you are only targeted by one of them, and he took a break recently.
Hang in there... he'll come back from vacation soon, and you'll be able to mortgage your penis to Nigeria again.
I'm holding it for ransom. You can have it back for $1,000,000.
Were the missing spam-mails mostly in Dutch?
http://arstechnica.com/news.ars/post/20080814-police-nab-shadow-creators-force-botnet-to-commit-suicide.html
"Shadow appears to have been mostly confined to the Netherlands, as the messages and phishing hooks were all sent in Dutch, but had apparently infected some US systems as well, as the FBI is credited for assisting on the case."
...
"Once Shadow was secured, the police contacted Kaspersky Labs about providing a means to neutralize the malware."
Post your email address here, I'm sure you'll start getting tons of spam again in no time. :-)
"I drank what?" -Socrates
I, for one, welcome our spam-eating overlords.
Dutch police have busted Shadow botnet: http://news.zdnet.com/2424-9595_22-216237.html
I run a web hosting company and over the past couple weeks I've had a few customers report that the amount of spam has dropped. Of course, they thought that this was something wrong, but I couldn't find any evidence of increased failures, it was just that there was slightly less mail coming in.
It's the calm before the storm.
I'll forward you some of my spam. Wouldn't want you to feel lonely.
You see? You see? Your stupid minds! Stupid! Stupid!
I'm not sure what's causing your lack of spam. What's your email address?
they need the botnet resources for ddosing georgia
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
We provide a spam filtering service, and our volume hasn't really changed much in the past week or two so perhaps whichever botnet was sending you all the trash went offline or just... stopped sending to you.
ImagePut - Free, Simple, Fast Image Hosting
http://it.slashdot.org/article.pl?sid=08/08/12/191255&from=rss
http://bits.blogs.nytimes.com/2008/08/11/georgia-takes-a-beating-in-the-cyberwar-with-russia/
When the crisis abates, I expect the botnets will be returned to their regularly scheduled duties. Quite a versatile tool those botnets -- pimping V!agr4, collapsing government sites, enhancing the male doodad, distributing pr0n, bullying your neighbors (http://news.bbc.co.uk/2/hi/europe/6665145.stm). For the cost of one M1A1 tank tread, Putin bought himself a whole lot of firepower.
Advantage: Putin.
This happened to me too about a week ago, and I was as surprised as you. I am from Italy, and I got about 200 mails a day, about 5 of them not spam. Now I get about 80/day. They are not vanished, but the volume of Spam mails dropped significantly the last week or so.
I just don't trust anything that bleeds for five days and doesn't die.
Without seeing your logs, most folks would be guessing. They symptoms you provide are not enough to make an educated guess. I would say to bump up the verbosity of your email server, SpamAssassin, and the system itself and then go from there.
There are no loopholes. It's either legal or it's not.
China suspended spamming operations during the Olympics. Back next week!
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
The spammers are busy attacking Georgia with their botnets, turns out all the spam comes from Russia.
with several webmails such as yahoo and hotmail, but rather I've noticed this in the past 2 weeks. I'm not winning foreign lotteries anymore or being asked to transfer millions of dollars. Bill Gates no longer wants to give me 500k pounds for being a random windows user . . . What gives?
Fake news alerts seem to be the new thing for my inbox.
http://www.youtube.com/watch?v=ODshB09FQ8w
When Slashdot has a real slow news day
Tell me where my spam's gone
When Nigeria no longer needs me
Tell me where my spam's gone
When trojan horse avoid my inbox
Tell me where my spam's gone
When penis pumps cease their pumping
Tell me where my spam's gone
When free porn streaming doesn't bug me
Tell me where my spam's gone
When people install virus checkers
Tell me where my spam's gone
I'm eating your spam, having it forwarded to me.
BTW, there's a lot of people in Nigeria who have money for you.
Every time you call tech support, a little kitten dies.
We've been seeing botnets changing desktop background to an image alerting people that they are infected with a virus. Obviously a real spam botnet operator would not alert people like that.
My theory is that some grayhat wrested control of a major botnet, and is shutting it down from the source (and alerting the victims in the process).
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Maybe the bot nets and the spammers are doing DoS attacks on Georgia right now?
dude, have you bought any v14gr4 lately or enlarged your wilson? if not you're a lost cause to all online "retailers", there's no point of wasting good spam on you if you're not going to buy any stuff anyway...
Well, if all the allegations of national origins for many spammers are true, those botnets may be busy taking down the Georgian government's internet presence.
Dear Sir,
We humbly apologize for the interruption in service. Please reply with your email address and our technical staff will get back to you.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
The spammer's mom caught wind of his naughty deeds and kicked him out of her basement? The parasite will find it's new host soon enough, don't worry.
The usual lot of Cyrillic text, along with .ua and .ru domains names has been conspicuously absent from my spam folder the past day or so.
The Russian created botnets, that spammers use, are busy attacking Georgia. The good news, is that you'll never see spam again. These guys have nukes, and after WWIII, you'll actually be happy to find canned spam in the rubble. Sadly, If "W" was not in office, and our Army wasn't bogged down in a quagmire, those clowns would not have dared trying to stir up sh... er stuff. They're doing it now, because they won't be able to do it later, when we get a real president. And Yes, either Obama or McCain will probably be a real president. There is nowhere to go but up.
our spam seems to be climbing.
# of spams / date (m/d)
16,037 8/15
17,385 8/14
17,287 8/13
16,352 8/12
15,171 8/11
16,505 8/10
14,344 8/9
12,157 8/8
12,465 8/7
11,942 8/6
12,265 8/5
10,124 8/4
11,437 8/3
13,417 8/2
12,858 8/1
-= Why can't I add 'Anonymous Coward' to my list of Foes? =-
Finally, Bill Gates got tired of all the spam, and took care of it as promised.
If you don't know what AltaVista is (was), get off my lawn.
Here's a crazy theory to explain it: Russian-controlled botnets were the source of a huge amount of spam volume. These botnets are now hard at work DDOSing the government websites of Georgia and its friends.
I'm not seeing any significant decline in spam. Here are my spam log statistics, which combine mail received by about ten e-mail addresses at five domains:
Must've been some glitch in the system.
Good news is I saved them for you!
Just post your Email and I will forward them to you.
.sigh
...That you're a deadbeat and your credit card is no good and your identity isn't worth stealing and your erectile dysfunction is cured and you have hair.
I have a private domain email address that I have been very careful never to put on the web or give out on sites/signups etc. I got my first spam in almost 2 years today.
So something is up.
Clearly, all of the Spam King's loyal subjects are in mourning over his death.
So I guess the key question here is: were most of the porn sites you visit frequently Dutch porn sites?
If so, I think we have you answer.
The Russians are busy right now ddosing GA websites. When they are free you will be back in business.
The Chinese spammers are too busy with the Olympics right now...
.. soaking it up at the local caravan/trailer park due to all that money they're making from their get rich schemes.
Some newsgroup I regularly read got a lot of spam over the last month or so, but a couple days ago it just stopped. Possibly related...
Not just the womens', the mens, while not as obvious, seemed really off to me as well.
In greco-roman wrestling one guy thought it was so blatant he threw away his Bronze Medal.
The American girls who won the gold and silver? Those American girls?
Haida Manga
I usually leave them on the counter when I come home from work at night, but now they are gone. I think I'll blog about it.
Turns out that the bulk of spam has actually been sent by bigfoot creatures in Georgia (US). They recently lost one of their own, and the rest are a bit busy right now.
I remember when Scott Richter was interviewed on the Daily Show, he said so many people craved the unsolicited email he sent. He said people would email asking him "Where are my offers?"
You never expect irony, do you?
Want to be a professional wrestler? Visit www.iyfwrestling.com
@iyfwrestling
I stopped getting e-mails from my public library system.
This continued for several weeks, until I complained to my domain host.
My domain host support representative claimed the same thing. (They "did not filter".)
Two days after switching domain hosts, I started getting library system e-mails.
The support people don't know what is going on "behind the scenes". (Plausible deny-ability?)
(Maybe they did it to cut down on bot propagation? I now call that domain host an "enthusiastic father".)
Maybe you could forward some spam from, say, a gmail account to your address in question. If it doesn't make it through to your server then you have a definitive record to confront your ISP with. Or, if they do get through, maybe you should buy a lottery ticket because your the luckiest admin on slashdot!
Yesterday, we were receiving more than twice the usual volumes of spam. Botnets with huge runs of "Auto Identification Card" and "Your Flight Ticket Online Nxxxxxxx" bearing trojans in attached .zip files.
Still, what's an extra 100,000 spams between friends?
In a 24 hour period we've gone from a peak of about 75,000 messages at 9pm CST last night to a low of 40,000 messages incoming today, 97.3% of which are spam. Total for the last 24 hours on that single Ironport (we have 4 in production and one in the lab) is 1.4 Million attempted messages, of which 36.1 thousand were clean.
So all things taken into consideration, consider yourself fortunate. We're still seeing a trend that indicates that over 97% of all incoming mail is garbage.
-Phil
To avoid corruption, one must remain dishonest.
It's not too-well publicized, but the Russian Business Network (AKA spammer filth) have been using (renting?) a large chunk of their botnet space to attack Georgia. Here's a bit of detail.
Maybe they just didn't have enough bandwidth to spam the planet AND take down Georgia's systems through a DOS.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
My personal server gets a few more mails than the poster.
# of SPAM Week Ending
172709 Aug ** (only 5-day stats)
198878 Aug 10
217882 Aug 3
207318 Jul 27
230533 Jul 20
265463 Jul 13
311635 Jul 6
450349 Jun 29
311850 Jun 22
225500 Jun 15
317484 Jun 8
Make of those stats what you will ...
I've had a few dips in Spam traffic in the past. Same thing as the OP: own domain, own filtering options. Oddly, Spam has become a continous stream of noise that we notice if it's absent. Like someone living in a big city, accustomed to sounds, if it went silent, you'd run to a window to look out to make sure you're not the Omega Man.
"I like these calm little moments before the storm."
To story submitter: Watch out. The communication disruption can only mean one thing: ----- no carrier
A World in a Grain of Sand / Heaven in a Wild Flower,
Infinity in the Palm of your Hand / And Eternity in an Hour.
Post your email address here and I'll make sure things get back to normal for you.
The Pr0nitor Erotic Picture Viewer Software from Pr0nware Inc promises to
"Bring YOUR Erotica to Life with the Power of Pr0nimation!"
The Power of Pr0nimation in the Palm of Your Hand! Pr0nitor by Pr0nware
I'm getting it all. Please stop.
WTF did you do?
Thanks for nothing. My spam volume went up 20% from 7/9 - 7/11 and stayed at that level. My missed spam want from about 5% of total to about 10% of total. I now get about 600 messages a day, with about 450-500 trapped as spam, and about 40 as ham. I used to get about 25 spam a day that leaked through, most the same thing I'm too lazy to write a rule for. Now I get 50-60 missed spam a day, somewhat annoying. A bad hit rate.
I also get a lot of newsletters marked as spam via DCC. Don't get me started on the l@m0rs who forget they subscribed to something and mark it spam in their inbox... Sheesh.
ps- Don't let the government get too involved in this. They make it worse.
deleting the extra space after periods so i can stay relevant, yeah.
Maybe a ton of spam has been coming from parts of Russia and Georgia that are now under fire? Or spammers are too busy fighting?
That's strange behavior. Well, if you send over your email address to me, I'll see if there's anything strange going with it.
sounds like the workings of SPF - check www.openspf.org If everyone got rid of all their spam filters and used SPF we would be rid of 90%+ of all SPAM as the SPF check will weed out all impersonations which is the bulk of all spam. The filters all work of faulty logic anyhow - an email with a picture and or link is not spam by definition if the sender is authentic. 90%+ of the spam I receive has no images or more than one link but it's pretty much all impersonations.
The Russians are too busy with Georgian cyberwar.
They all just got back from Black Hat / Defcon, and they're still hung over.
Although the most likely scenario is botnet shutdowns, here's some steps you can try if you still suspect some new filtering in place:
I'm out of my mind right now, but feel free to leave a message.....
Maybe your ISP is a victim of the recent DNS vulnerabilities, and someone spoofing their domain is now getting all your spam ;-).
Well, some of the botnets may be down. This is from the Inq. MANAGED SERVICES PROVIDER Easynet is currently suffering a 'major outage', meaning that many customers are unable to browse or connect to some sites. LJJ
Still at 250,000 a day for us. Would you like some of it to make up for your lack?
Publish your email address right here on Slashdot. Within a few days I guarantee your spam levels will be right back to normal!
Could the configuration of the catchall address have changed? Is it possible that emails sent to unconfigured mailboxes were previously delivered but are now be being dropped? I'm not seeing any decrease in the spam received by domains where I host the email with Google.
I've been getting a whole bunch of CNN top ten news stories spam (seriously, they are NOT from CNN but they look convincing at first glance), a bunch of fake news story spam, and an increase in "you have a greeting card" spam. The funny thing is the uptick also coincides with the whole Russia-Georgia conflict.
"All great wisdom is contained in .signature files"
My usual 6500/day has dropped to about 5000 just recently. By far the greatest number (est. 20%) coming through are the recent News Feed spam (evolving: CNN > BBC > MSNBC) and if those are discounted, the drop is even more spectacular.
I wonder if someone found a way to deactivate a set of spam zombies, or if putting spammers in jail is helping.
If you really think it's being blocked, just send a bunch of spam to yourself and see if it gets through.
... can mean only one thing: INVASION.
I have a similar setup, but got tired of content filters at the MTA level. My solution was to configure Postfix (my MTA) to abide more closely by RFCs (specifically for ELO|HELO commands) and install postgrey (`aptitude install postgrey`). Of course ensure you're not an open relay.
These measures decreased the number of spam arriving at my inbox by 90%. The spam that reaches my mailbox is handled by my MUA (Mail.app currently). The volume is low enough for me to check if its working. It does! As it was already commented read your mail logs... they make a fun read!
As for your sudden decrease of mostly spam incoming emails, some theories:
1. Some big telco closed port 25 for residential customers?
2. The recent DNS saga called sysadmins around the globe to check their servers and apply security patches and perhaps close open relays.
I had the same thing happen to me about 2 years ago. However, it just so happened to coincide with my brother searching for a new gun, my dad researching explosive tip bullets that his brother told him about, and me looking at satellite photos of site R (google it). Since we were already sending out a boatload of encrypted traffic (e-mails, tor, etc), I'm sure that the NSA was already watching our internet connection. All the sudden they see from one IP address unencrypted web traffic consisting of site R, bullets, guns, exploding, all within about 5 hours of each other. The next day, no spam.
I didn't see any spam until my dad was talking to his brother on the phone about it, and an hour later I got 4 pieces of spam. That was about 6 months ago, and I still haven't seen any since.
I would like to thank the government for filtering my spam for me, top notch job they're doing.
Somebody, please, mod this up. The parent just solved the problem, now he can know if someone else is dropping his spam.
Rethinking email
Google changed access to their smtp.google.com server. It it now no longer possible to authenticate directly to smtp.gmail.com (port 25) from many Comcast, and other ISP accounts, to send email.
This change was made last Friday, which explains why you're receiving less spam. Now, spammers may have signed up for Google apps - registering their own domain name, hence spam would not come from gmail accounts.
So, with this port blocked, how does one send email via MTA (Mail Transport Agent) to a Google hosted account? They have to authenticate smtp.gmail.com:587 Note the port change 587.
You'll get some spam in a few weeks, when spammers figure this change out.
Regards,
Mike
I've a copy of all of them in my mailbox
Where it's coming from is usually a significant clue to whether it's spammy, e.g. whether the sender is reverse DNS-able, SPF checks, etc.
A piece of spam forwarded by a legit server will look less like spam than the same block of content sent from an infected PC in a botnet.
Most spam is sent by bot-nets, mostly composed by infected pc of workplaces, school and private homes. In many countries during the second and third week of August many schools and workplaces are closed so their pc are just turned off, this mean that the bot-nets have less active nodes and so are less effective. I do receive less spam too but I think that it will be back to the sad old amount at the end of the summer :(
Unluckily Murphy was right.
My spam box in gmail usually has over ten thousand emails. I recently checked my email, and noticed that I had 15 spam messages in the box. I assumed that gmail must have accidentally deleted all of them after 30 days or something like that (I'd been getting error messages before that, so I assumed something had happened to my account), but I've been checking it every day, and the number keeps going down. I have 5 right now. Usually when I click on it, the entire first page is from that day, sometimes that hour, but now they're all from weeks ago.
You are actually a spammer, trying to convince people that it is once again safe to visit indiscriminate websites and give out your email address to everybody and their dog. I am not falling for your tricks!
I help administer this domain:
http://www.anus.com/
It has been around since 1995, had addresses posted to newsgroups, thousands of fake addresses, etc.
We have experienced a 56% drop in spam volume since last Thursday.
Anti-Globalism, Traditionalism, and FreeBSD.
The Russian government has probably just temporarily pointed their botnets at Georgia.
They could be alerting people that someone in their household is addicted to pr0n, with an appropriate example.
Probably, which is why awards shouldn't given out in these judged "sports". Its just too open to corruption.
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
I agree, the Russians are at war so they have redeployed every botnet's at their disposal to the Georgians and Chinese are busy winning medals! So, Netizens -- i say enjoy it while it lasts!!
When a lack of spam makes people worry that something is wrong!
Not all life is cyber. Extra Income
My mailbox just got 5 CNN updates about it.
Don't ask, don't tell.
All the CNN spam stopped for me. Was getting nailed that last few days and now not one.
Remember that the judges have in their minds a picture of what is perfect. It just happens to be that for women's gymnastics, perfections is a small little girls doing the routine. They are lighter, more flexible, and less effected by what is going on around them (younger minds they worry less).
Ontopic:
Maybe the spam servers in China are turned off or being put to other uses? And as others have said, the Russian server are attacking Georgia.
I've just checked my work's logs (an ISP). The number of hits in the spam taggers fell from 12/sec to 3/sec earlier this week.
So either we're identifying less spam, or there is in fact less of it.
That is the explanation the comes to mind. The spambots that are normally feeding you spam have been retasked. They'll be back soon enough.
Our e-mail British Telecom was unavailable for about 18 hours until about 0600 this morning.
It's the calm before the storm.
1 (short ton / firkin) = 89.1432354 slugs / keg
I finally had enough of all this Spam on my Yahoo account as many as 300 per day, I switched about 30 days ago to mail.enterto.com and have still not received 1 Spam.
I work at (and partly own) a domain registrar... even my latest address gets lots of spam. In fact, my latest address, which ISN'T harvestable (the others appear as tech contacts in whois) has been getting increasing amounts of spam, despite being relatively secret.
It's annoying, because it's a "private" domain name. As much as I hate spam, I can deal with it... but I'd rather not explain to my 70yo parents why they are receiving email about people having sex with animals :(
PS: This is a serious problem - please don't mod this funny.
Maybe if we didn't try to make every neighbor of Russia a member of NATO (It isn't aimed at Russia, really! Relax!) they wouldn't have gotten nervous to the point of doing this. The definition of "North Atlantic" has been stretched to the limit of reason. Between NATO and that bullshit missile defense system in Eastern Europe (Iran, yah, right) I don't blame them for being pissed, we would've done the same thing.
I guess keeping the Cold War alive is better than having voters pay attention to the fact that they can't pay for gas or their homes.
All of us Spam kings got together and decided that you just weren't buying enough from us.
Why should we waste our time on you?
I personally just figure it would be all the comprimised boxes that were sending you spam got the CNN Alert message which took away the spammers control of the box and instead gave it to another spammer who didn't have your email address yet.
Sounds good on paper anyway!
It could be that you have auto-learning turned on in SpamAssassin and it has started scoring spam higher. This resulting scores could be over your auto-discard threshold. If this is the case and you still want to get everything turn the threshold way up.
My spam gateways process about 250,000 emails a day and I don't see any significant change over the past 30 days in spam volume (our "good" rate is about 5-6%). My guess is that your ISP is now doing some basic RBL connection filtering that they didn't tell you about. Either that, or they have always been doing the filtering but it was broken until this week.
ÕÕ
Yeah, sounds like the normal spambots have been redirected to the war with Georgia. Once Russia blows them back into the Stone Age, the spam flow will be back up to its normal levels.
Zooperman
just kidding ;)
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
If you're worried about it just post your email address here and we'll do our best to get normal service resumed for you.
Comcast has started to block port 25 usage on its residential customers.
...The earth will just be a bunch of servers spamming one another until the power goes out.
Are you sure your server didn't switch to spam, egg, sausage and spam mode? That's not got much spam in it.
Of course I didn't RTFA... why would I do that? You really are new here aren't you? Don't let my UID fool you.
The spammers are quite reasonable. Once your male has been enhanced, they don't bother trying to sell you any more.
Whatever you do though, don't confuse them by buying the bust enhancement cream as well...
Seriously though ... if spammers started turning up dead where would the police even begin their investigation? There's only a pool of what, half a billion suspects?
Spammers and virus writers employed by spammers to create their zombie pools have been turning up dead for almost two years now.
They can't get out those DVD's cuz of all the spam.
PS: This is a serious problem - please don't mod this funny.
They won't let me mod it up "Serious".
So Russian invades Georgia. Cyber-war ensues. Big problems with hosting and internet access in Georgia. And your spam mysteriously slows right down. ... huh
I can fix this for you! Whats the affected email addresses? ;-)
When will they ever learn?
When will they ever learn?
When will they evver learn?
Where have all the filters gone?
On to Microsoft Servers everyone...
When will they ever learn?
When will they ever learn?
When will they evver learn?
Users missing their spam. Can't live with it, can't live without it, eh?
While I blast mail that is CAN-SPAM compliant most people would consider my drops SPAM. I haven't stopped sending or even slowed. Quite possibly you clicked an unsub link for a marketer that had you subbed on a bunch of lists and you are now seeded on the suppression list. Contrary to what blackmailholes will tell you, if you unsub from a legit sender we will stop sending to you. We don't want to waste resources on people smart enough to unsub. They probably won't buy any snake oil. The only reason the blackmailholes tell you to just forward them mail and not unsub is so that they can blacklist marketers and charge them to be removed. And while most of them allow you to be removed from the blacklist for free, if you pay attention you will notice most offer expedited removal for a donation.
n/t
Yep, I'm still getting my standard quota of spam.
Another day closer to redwood heaven
You are eaither dreaming or its the eye of the storm
It was early alpha back in 2005: http://www.theregister.co.uk/2005/07/26/russian_spammer_killed/
Always put off dealing with time-wasting morons. If you would like to know how... I'll get back to you
My spam filer scanned about 300,000 messages less than it normally does yesterday. It's really possible some botnets got disabled or are otherwise occupied, because that's a 20% drop.
_this is not a signature_
Netflix went dark. Maybe your spammers are all using their servers. They claim to be up now so maybe your spam will be back.
Nothing radical here although we are in a somewhat low volume period. At worst, our domain sees ~70,000/day. At the moment we're getting ~/22,000/day. It isn't uncommon to see any point between those two extremes.
Check with whoever is directly upstream of your server, they are likely filtering and dumping by RBL. Almost EVERY shared hosting service does this now whether they deny it or not, most will gladly lie if you ask and in some cases mom an pop hosting that has their servers in larger data centers get filtered by the larger data center.
Today's Totals
Processed: 5,230 20.6Mb
Clean: 149 2.8%
Viruses: 0 0.0%
Top Virus: None
Blocked files: 0 0.0%
Others: 0 0.0%
Spam: 64 1.2%
High Scoring Spam: 5,017 95.9%
Totals from my domains for the day.
Sick of stupidity? http://www.patentlystupid.com
>1100 in the past 36 hours. Running a small business, here, as well.
Yeah, those two. You'll have to admit though that the judges were rather overly judgemental of those same two young women, and that they really did do a much better job than they were given credit for.
I mean, here's the thing. When the chinese girl almost fell off the beam, and she scored higher than most of the other girls, how did they come up with that score?
2^3 * 31 * 647
i'm using a gmail account as my primary email. And my spam count has dropped down to less than 10 a day... But they're getting past googles spam checker now.
...damn you!!!
According to this Slashdot article, women get less spam than men, maybe you should check for internal changes rather than external changes? Or was there a bad side effect from an enlargement offer you responded to?
someone has hacked your dns server and is now getting all of your spam
I feel a great disturbance in the Force, as if millions of voices cried out in terror and were suddenly silenced. My v1agra pills , i cannot sell.
~~"Of course, that's just my opinion. I could be wrong." ~~Dennis Miller
My primary domain used to be a catchall and I'd create a new username with each new contact I dealt with. (I still get spam resulting from registering with 321studios, and participating in a caucus now is getting me regular Hallmark Trojans.)
Until one day when suddenly my spam filters became complete ineffective and I was deluged with over 3000 messages in one day. Turned out my ISP disabled my procmail filters because they were using too many system resources. I decided to switch that domain to a non-catchall and only let through the usernames I'd already defined. (The aforementioned two are going to be cut off.)
Until today, root still owned my ~/.procmailrc file and denied me write permissions on it. Good thing I own my user directory so I could remove it. If they had set it as immutable, I could still run procmail with an alternate rc file. 'Cause even without a catch-all, I still need to filter the spam sent to my ISP username@domain.
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
Hey don't knock it till you've tried it. I ordered some of that penis enlargement cream, and rubbed it on. The next day I was huge... I mean HUGE.
The only problem is the hand I rubbed it on with is now twice as large as the other hand :(
I had the same thing happen to me a while back. One day I happened to notice that the spam had slowed way down - just a couple a day, down from dozens - and never really picked up again.
Sir, can you give us some details about how it happenned? where were at that time? Which porn site were you browsing? have you noticed anything suspicious in the subnet recently? my god!!! it could be the terrorists!!! hurry give us your email address....
... someone dragged an anchor.
Seriously, I've never really had a problem with spam. Maybe two or three a day. But this Tuesday, I got a batch of about 60 bogus bounced e-mails. Most appear to have binaries or other suspect materials attached (Damn! This Linux system just refuses to run any of them.). Now its back to two or three a day.
I'm guessing that this is in some way asociated with the Russia v Georgia cyber war. But I can't figure why your volume would go down. Unless your spam was coming from Georgia.
Have gnu, will travel.
It seems spam is likely a service. Someone pays the botnet to spam for X months, once they stop paying, they stop spamming for you.
I've seen this on/off behavior many times to my mailbox. It's very eerie, but sure enough, the spam comes back after someone contracts them out again.
The real reason is that there are no more bald men suffering from ED. Spammers have thrown in the towel.
Maybe they realized I don't need a penal enlargement and don't want to meet women (I'm married)?
So you're saying, basically, that having married a woman, you've realized you don't like them, and that this situation has been punishing enough that onlookers take pity on you rather than giving you a hard time?
I'm happy to say my marriage hasn't had that effect...
Bow-ties are cool.
Post your email address here and we will test it for ya :)
From >150-200/day to 5-15/day. This includes Yahoo, Gmail and Hotmail (two accounts in each). I found interesting the China and Russia botnets idea. Meanwhile, where I found a do-it-yourself-ready-kit to create my own worldwide botnet?
Information technology means all information.
Still filtering 95% of the messages I receive out as spam here, no let down. Others have noted a large Dutch operation was shut down but it's not affecting me!
I turned all my machines off for 35 days recently during a house move. I was hoping one positive would be it'd get my damn e-mail off of some of the lists. Alas, no. The very first thing that connected to my machine when I turned it back on was a spammer. Typical. I still bounce spam sent to an address I've not used in 10 years so I really shouldn't be surprised.
Lucky you, yesterday I received about 45000 "Undelivered message" emails. Seems a spammer put my email address in the From: of his spam.
I got a lot fewer spam messages on my Yahoo and Gmail accounts.
Maybe the spammers made enough money and stopped.
Following is a sampling of my mail filter results.
We haven't noticed any decrease in mail, other than normal fluctuation. Possibly your ISP has done something to slow your spam rate. They may be intercepting and filtering port 25 traffic, or even just monitoring that traffic and dropping the spam traffic at the edge router(s). It's even possible that there's something wrong with your mail server, and it's just not delivering everything for some reason.
Date Mail Spam
Aug 14 2008 55179 52529 (95%)
Aug 13 2008 53440 51097 (95%)
Aug 12 2008 55059 52028 (94%)
Aug 11 2008 50009 47292 (94%)
Aug 10 2008 35192 33796 (96%)
Jul 31 2008 42680 40146(94%)
Jul 30 2008 46390 43471 (93%)
Jul 29 2008 42933 40344 (93%)
Jun 23 2008 40326 37888 (93%)
Jun 22 2008 29717 28882 (96%)
May 31 2008 13938 13391 (96%)
May 30 2008 56695 53343 (94%)
Serious? Seriousness is well above my pay grade.
This is like getting worried because your stalker has found someone else to follow.
You never buy anything.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
You've got your own domain, and you get 780 pieces of trash a day? Why bother with the domain, just use hotmail. I've got my own domain, and I almost never get spam. First, I don't give out my "real" email except to trusted friends. Vendors I order stuff from, mailing lists, political organizations, etc. all get their very own special email address. So if I start getting spam directed to vendorname@myaddress, then I know who sold my address. I also revoke that address. I maintain an easy-to-remember series of throwaway addresses for casual purchases or communication with people I don't trust. Those just get changed on a monthly basis. Oh yeah, I also have the domain run through an anonymization service, so they can't even get my information by looking up the domain name. Problem solved.
Great men are almost always bad men--Lord Acton's Corollary
I have a different hosting provider that offered a catch-all address for a long time, which I used for my email. I started receiving huge quantities of dictionary spam, and after a while the provider decided there would be no more catch-all addresses, and my spam was greatly reduced. (I wasn't really using the functionality anyhow.)
I'd be willing to bet they are being used in a military campaign currently.
During the week I emailed a link to my own blog to my dad at work. I'd blogged about some errand I ran for his friend and he wanted to show them. After three attempts we gave up trying to transmit the message, the message would send, but never arrive, and I received no notification that it had failed to transmit. My dad even checked with his technician to see if it was in the spam-trap at his work, it was not. I tried sending it again to various e-mail addresses I own (such as my Yahoo one) and on to my mother. The message was never received. I rang my ever-so-helpful ISP tech support department and asked if they could trace the message as it went through the SMTP server "No we cannot" was their reply. Anyway, after a few more experiments I found that if I removed the URL the message got transmitted fine. So I suspect there is some sort of increased effort by ISP's to filter spam, that might actually be filtering legitimate messages too. Then again I am with Virgin Media, who have a broken network anyway (I have proven that several of their routers are faulty but they still insist it's my anti-virus or firewall).
I mean I'm not getting my mail so the internet must be broken. I get a lot of mail all spam but that spam shows my internet is working!
(haha thats what's its like to talk with parents or workin Customer Support, when people who are clueless call and wonder why they aren't getting spam)
hmm sounds like this fellow.
I was getting 2000 a month. For the last few days I've been getting maybe 5-7 a day. Big drop. I noticed it too.
The Spam King is dead, long live the Spam King.
slashdot rocks
They've created a new Section that's giving a new meaning to the term 'SpamAssassin'. They aren't having to recruit operatives from death row, however, as there is a waiting list of mail admins wanting to join up. It's odd, though, how many of them are volunteering for the 'Torture Twins' position.
Not that I'm doubting the word of the government authorities, mind you.
They *could* be being honest for a change.
I think we've pushed this "anyone can grow up to be president" thing too far.
I'm not saying the Qmail way is better - but your way has a significant flaw. It gives immediate notification of valid and invalid accounts, without any server ownership verification whatsoever (the qmail way at least verifies a valid return-mail-path)
Now, what WOULD be great would be if MTAs did SPF-checking and all (including systems using qmail as an MTA) did immediate failure on an SPF-failure (since that has nothing to do with the local accounts and everything to do with the sender.)
Then no one with a valid SPF record would ever get inappropriate bounces from such a server, and the qmail-security-delay would only be relevant to people without SPF records. (Heck, you could add text in the bounce that said 'if this bounce isn't from a message you sent, get SPF!')
Looking for freelance Actionscript (Flash/Flex) or ColdFusion work and/or freelance developers. Email me, put Slashdot
This is your ISP. To investigate this issue we need you to send your login id, password, and domain name to anonymous.coward@slashdot.org, along with a paypal payment of $100 in service fees.
To protect your privacy, you should not send this information to anyone other than us.
What are you talking about?
Beam scores:
Liukin - 16.125
Johnson - 16.050
Yang - 15.750
I swear, I've never heard anybody but Americans complain about judging in an event that they WON.
Haida Manga
spams per day, first 15 days of august:
http://208.69.42.194/scpfiles/1218826175.jpg
last few days do not look much different
I have my own domain also, and last couple of weeks my spam has gone from ~400/day to ~20/day. I have not changed any filtering, either. I have SpamAssasin running on the server side with some mild blacklist and white list filtering. All legit email seems to be getting through.
-- my sig got
IP ranges change, and there's nothing worse than getting assigned an IP that was previously in a dial-up pool.
Some people are obsessed with getting rid of all spam -- I'm personally willing to accept a little bit of spam through, so long as that I don't trash any legitimate mail. Everyone has a different acceptable range for false positives or false negatives. Blocking those addresses will result in lost mail. Maybe not much for the average person ... but enough that I wouldn't outright block it ...
Build it, and they will come^Hplain.
The botnets are too busy attacking Georgia to keep sending you spam too.
Why is it always all about you?
Because I'm a selfish asshole, and proud of it.
I write sci-fi for metalheads
. . . to apply more "active" measures to the spam problem.
. . . . Hey: I can dream, can't I?
];)
Regards;
Just went through the company's logs on the spam filter appliance to check the traffic, and we're still consistently filtering 3000 messages a day, Same as last month.
Consider yourself lucky, I suppose... There doesn't seem to be any systemic reduction in spam volume. I'd recommend having another word with your ISP.
Whooo! All the spam is gone! Bill Gates was right!! He did it!
Sounds like an appropriate time for him to do a photo op on an aircraft carrier if you ask me!
You just got troll'd!
I'ma only seeing two dated 20th August. This is down from 10 on the day before. Alan
msnbc.com - BREAKING NEWS: Obama wins Olympic gold medal, drops out of Presidential race
Just a guess, but it seems fairly logical that some or even all of the resources normally directed against us (or not normally directed) are now in use in the "cyber war" between Georgia and Russia and so now are being directed at each other. At least I'd say the dent that cyber war is causing in the net's available bandwidth is to blame.
Obviously I'm considering (assuming actually) that somewhere between "a lot" and "most" spam comes (or is controlled) from that geographic region.
I guess if we're still paying attention when that war is played out, we can check our spam filters again.
-Matt
I, too, have noticed a decline in the overall amount of spam. My mail server runs SpamAssassin, but it's configured to dump spam into a quarantine box, rather than reject it outright. That makes it easy to count the amount that I get. I've never received tons and tons, but it's gone down from 100+ per day to maybe 20 or so. Still too many, but a significant drop.
Breakfast served all day!
Here, in Germany, I've noticed this also: On my private mail server, the SPAM is almost gone (only 1-3 messages per day, instead of 20-30), at work I have similar experience: the amount of continuous SPAM per day is down to 1/10, but, every Thursday or Friday (since three weeks now), we get a huge wave of SMTP connections at ca. 4 pm CEST (from bot nets), which almost breaks down our internet connection. Both systems are using postfix+postgrey+amavis(spamassassin, dcc, razor, etc.). My suspicion: I am assuming my brothers are busy now with Georgia servers, so as long as the conflict in Caucasus is not over... :-P
Kind regards,
Denis
I swear, I've never heard anybody but Americans complain about judging in an event that they WON.
Hunh. You make it sound like they're actually more concerned about fairness in judging than who wins.
I can't imagine somebody doing something so damaging to the spirit of the Olympic games.
well the first thing that scully would ask is ?
where is the scientific evidence....
so the serious question its nice that your spam level dropped but where/ip was it all coming from in the first place ?
regards
John Jones
http://www.johnjones.me.uk
Your host may not consider RBL's to be "filtering". Maybe the hooked up to Spamhaus all the sudden. That'll cause a dramatic decrease in spam, but I can see why they might not call it "filtering" in the sense you're thinking.
"That which does not kill us makes us stranger." -Trevor Goodchild
All your spam are belong to us.
calm before the storm.
Prepare to have the night skies filled with UFOs of many different species, having a battle royale 6 miles above Detroit. The spam has stopped because even the demons that send most spam have scurried away to hide before the big one hits.
Part of is Yahoo, Google and Hotmail cracking down on their spam and UCE policies. It's forcing ISPs and web hosts and email providers to crack down on their email policies so their server don't get blacklisted by, mainly, Yahoo.
Perhaps nobody likes you. Not even spammers. Did you recently contract some sort of virus? ;)
Spam on my mail server has not waned.
1. If you've made no configuration changes or patches in the past week, that pretty much lets out program error.
2. If your ISP is saying they don't do spam filtering, then that pretty much lets that out too, unless your ISP is given to lying to you.
3. Others point to the cyber war between Georga and Russia. I'd think that those folks would have their own bots not associated with spamming, but I can't prove that.
4. It surpasses hope that all the sudden people cleaned up their pwon3d systems.
5. My spam levels have not dropped appreciably, and I not only have my own domain, but allocations as well.
6. I have noticed at times in the past that my spam levels do drop by 60, 70, even 80%. They always pick back up before too long. Enjoy a breif respite.
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
I ate it.
And I have it all right here for you. If you'll just supply your email address as a reply to this post, I will send it along.
... independent helpers ... have programs that you can download that do most of the work with minimal hassle.
Hi. I'm a spammer working for the Patriotic Russian effort to defend South Ossetia from the imperialists of Georgia. If you want to help this patriotic effort I have written for you a tool to let you participate in our DDoS attack on Georgia's network. Just click THIS LINK to download the tool, then enter the decryption password to unpack and install it. The password is "ImASucker"
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
What was your domain name again? ;)
Using VMWare ESX server? ;)
Somewhere down the line someone implemented OpenBSD's spamd on a large scale. That'll teach the spammers but good.
For the last month or so I seen a double or more increase of spam on my mail server. According to my mail server stats my total incoming mail messages remained the same but spam increased 10% per week in the last four weeks. 50% of that spam is bad enough to be deleted outright but I scan it before it is deleted, 40% is in quarantine, and 10% is questionable for the user to view and provide me tune spam filter for spam/ham.
We only have 24 people here since we are scientific research organization we have email address in many places like scientific publications so this is were most of our spam comes from.
Hopefully, someone has hunted down, shut down and locked up everyone responsible. F- spammers.
I have 30+ domains, and I have some catch-all's.... whatever@domain.com gets to me. Last week I had 12.000+ spam messages that is twelve thousand!
So I guess you what you are missing is in my mail box. BTW I am using spamassassin, which misses around 100 a day, and occassionally puts one legit mails into my SPAM mail or SPAM-MAYBE mail ....
well.... I hate email now ... I really do.
"Spam, spam, spam, spam, spam, spam, baked beans, spam, spam, spam and spam."
I guess it must have been one of those baked beans kind of days.
I've been wondering too. Getting maybe 5 percent of the spam I used to get. By the way, my ISP is BSNL-DataOne (that's in India).
Second - salesfolk and management are expecting instant communication from email now. If you implement greylisting it is only a matter of time before you have to explain why you are deliberately delaying communications. If you have a good relationship with the CEO or have the foresight to warn people that there will be some lag go ahead - otherwise expect angry reactions when people find out because THEIR email did not arrive until up to twenty minutes after a phone conversation asking for it. With some people five minutes would be long enough for them to storm in looking for the delay.
It's annoying enough being at the sending end and having clients coming to you to complain about another organisations spam filtering system. There have been a few occasions where somebodies choice of twenty minute greylisting has resulted in angry phone calls between the sender, recipient and the poor sysadmin at the site sending the mail which can't get in. It's only when four people are wasting time that those that set broken policies get to notice.
...I've still been getting one or two messages a week to 'slashdot@', 'freshmeat@' and 'filezilla@'. Interestingly enough I haven't received messages to other addresses (e.g. 'sales@', 'marketing@') for quite some time. Also, my Gmail accounts still gets about 50 junk messages a day and my personal (alumni) forwarding address still gets one just about every day.
Rishi Chopra
www.rishichopra.org
Maybe their spam email servers were running 3.5p2? The fixed ISO just got released, so they'll be back up soon.
My spam has gone too yesterday... I don't know if this will last, but it really vanished.
Chances are those botnets are being used against Georgia (or other targets) in the current Russian conflict. The Russian Business Network is currently busy... please hold the line.
I have seen the same thing with my spam load down 75% this week but I had trouble with a DNS change for a few days so I assumed they were being efficient and responding to the accidental mail rejection notices ?
I had the same "problem" around half a year ago (give or take a year), suddenly the amount of spam dropped significantly to almost zero and I immediately suspected someone had activated a spam filter without my knowledge. Which is something I would not want because I have a pretty good spam filter that still allows me to double-check to avoid false positives.
I checked and double-checked all my e-mail providers, but spam filtering is off everywhere. Which still did not quite put my mind at ease, I was still afraid I was missing real e-mails.
But since you have the same situation, I guess we were both just lucky to be listed on only a few major botnets that were suddenly killed.
Probable Reason: The spam you were getting dropped off because it was probably coming from one spammer who just got shut down.
Knowing Google's lust for data collection, the Soviet Union is still alive and well inside the psyche of Sergey Brin....
I didn't have the energy to maintain the strength of your approach. I settled for a smaller suite of addresses, and when I suspected some vendor would be a Newsletter-Offender, then I parked them into the catchall acct.
I had to decide a while ago to separate companies' mainline product/service divisions with their marketing gnomes in the basement.
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
"Thank you for your subscription!".
Oh. Sorry. I renewed my subscription to Slashdot. Was I supposed to send it to you?
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
First the bees now spam next year the humans.
Your provider likely runs an rbl check at the smtp server level which is not always the same scanning mechanism - rbl's are continually updated and can be far more accurate at blocking spam if a host or set of hosts are blocked - it can very much seem like a sudden turn around in the amount of email you're getting because known spam sources are eventually blacklisted. So while your isp may not have actually changed anything at their server level the 3rd party rbl filters (spamcop, spamhaus, etc) are continually updating their own lists which directly affect your email.h
When a man's spam count drops suddenly and unexpectedly, it's cause for concern!!
I have it - drop me your email address and I'll forward it to you.
Once I was a four stone apology. Now I am two separate gorillas.
I love it - I'm having spam spam spam spam spam spam spam false positive spam spam spam and spam!
Post your email and I'll fix that...
Semi-automatic amateur armchair Australian philosopher; conjecture ready at any moment...
I'm not saying the Qmail way is better - but your way has a significant flaw. It gives immediate notification of valid and invalid accounts, without any server ownership verification whatsoever (the qmail way at least verifies a valid return-mail-path)
I don't see how letting spammers know that I'm not going to accept e-mail for "name.removethis@example.com" is a problem. If that means they stop beating on my mail server, great! But, believe me, no spammer is looking at the SMTP result messages they get.
As for letting them know it's a valid e-mail address, you're assuming I accept the e-mail. If I reject it ('cause maybe it's spam?), then because of the fact that no spammer is looking at the SMTP result messages they get, they don't know whether the address is valid or not.
Last, there is no way to "verify a valid return-mail-path". It's not possible. Sending an e-mail to the envelope-from address accomplishes no kind of verification...it merely pisses off somebody who might not have been involved in the sending of the e-mail. Think about it...if spam claims to be from "valid-address@example.com", then any check you make says "yes, that's a real address that accepts delivery". The problem is that it isn't the right address.
By responding only in the SMTP error code, you really do solve pretty much all the problems. If the server talking to you really is trying to send legitimate e-mail from an e-mail address that it is supposed to be a relay for, then the error will eventually get back to the true sender. If the server is an open relay and the message is spam, then the error ends up going nowhere, which is good.
Then, by shutting down all open relays, spam levels would drop to nothing. The problem is that most of the "open relays" are actually infected PCs. This problem is solved by turning off the ability of the average customer to connect outside the ISP on port 25. I know that people are going to scream about that, but as long as ISPs offer a simple "opt-in" (via telephone, preferably, for obvious reasons) for the ability to send, there really won't be anybody blocked if they don't want to be.
You are making a grave error in assuming the olympics is about sports. It's politics disguised as sports.
The same goes for the Eurovision Song Festival.
MP3 Search Engine