Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Welcome Shift: Spam Now Constitutes Less Than Half of All Email

Posted by timothy on from the millions-could-starve-film-at-11 dept.

An anonymous reader writes: According to Symantec's latest Intelligence Report, spam has fallen to less than 50% of all email in June – a number we haven't seen in over a decade. Of all emails received by Symantec clients in June, junk emails only accounts for 49.7% down from 52.1% in April which shows a huge drop. Year over year, spam has decreased as well due to internet providers doing a better job at filtering and shutting down spam bots.

1 of 114 comments (clear)

  1. SPF, DKIM, and DMARC by Demonoid-Penguin · · Score: 5, Informative

    The Symantec report quotes numbers - not reasons. The referenced "story" just quotes a summary of figures from the Report.

    The biggest changes to email in the last year have not been arrests or deaths of spammers - but the implementation of SPF, DKIM and DMARC by email providers.

    Especially in my experience, has greatly increased the amount of email rejected for delivery (so sorry, the claimed source is clearly spoofed, now filed in the big round grey folder). The "direct"/email marketing forums are full of "entrepreneurs" complaining about it (boo-fucking-hoo).

    Primarily it stops forged From headers with providers that reject failures or missing authentication (e.g. Yahoo), Secondly it (DMARC) increases spam reports by providers that use the data, resulting in faster and more accurate spam filters from the suppliers.

    Next year will be hell on spammers as many email providers follow Yahoo's lead and change their DMARC policy to "p=reject". Maybe then we'll see mailing list providers stop whining about the policy and work-around it (instead of continuing to do things the way they've always done things in a changing world), and they'll see a reduction in the amount of spam they are resending. Anecdotal evidence is that they've all seen an increase in spam as spammers target mail providers that don't enforce SPF, DKIM and DMARC.

    Sure the full implementation will piss off some that aren't actually spammers (*cough*MailChimp*cough) but it'll also make phishing a lot harder. Eventually it may even shut up those who don't understand it, well, maybe. It isn't perfect, though it's not a bad as clueless Seltzer claims. In a perfect world people would deploy DNSSEC on their email servers so better sender authentication methods could be used - and all email senders and recipients would use and understand PGP (fat chance of that happening).