A Welcome Shift: Spam Now Constitutes Less Than Half of All Email

An anonymous reader writes: According to Symantec's latest Intelligence Report, spam has fallen to less than 50% of all email in June – a number we haven't seen in over a decade. Of all emails received by Symantec clients in June, junk emails only accounts for 49.7% down from 52.1% in April which shows a huge drop. Year over year, spam has decreased as well due to internet providers doing a better job at filtering and shutting down spam bots.

Spam stems from lack of negative feedback

[Morgaine]

Control Theory is applied mainly to electronic systems, but it's equally applicable to all systems everywhere, with no exception. That includes networking, and it even governs human systems.

It's a truism in Control Theory that a system without negative feedback is a system that is out of control. All non-trivial systems without negative feedback head towards an uncontrolled state on the slightest perturbation of initial conditions.

Email is one such system. It was designed without negative feedback back in the early days of the academic Internet before malicious actors appeared on the scene. Because there is no "cost" associated with sending an email, the system went out of control --- the primary effect of that is spam. (This "cost" has nothing to do with money.)

In Control Theory terms, "cost" is any control metric that tracks an undesired effect and reduces that effect when applied to its cause. One of the most universal undesired effects is resource consumption, and that's directly applicable to the email problem because many kinds of resources are used up by spam when it arrives at MTAs and at end-user mailboxes --- examples are CPU time, storage space, network bandwidth, end-user time, and many other things. They're all resources, and spam is the direct result of the spammer feeling no "cost" when he consumes other people's resources. There is no negative feedback being applied to his posting of spam.

"Cost" in the control theoretical sense could be many things when applied to email, for example a slowdown in the spammer's ability to post his next email proportional to the rate of sending and to the number of recipients. There are dozens of possible ways to make a spammer feel a "cost" as negative feedback for his actions, many of them leaving normal mail users entirely undisturbed by the negative feedback. Unfortunately email has none of these control methods available, and it probably never will because it's too late in the day.

One day however, a new asynchronous communication protocol will be designed to replace SMTP. It must be designed with a mechanism for negative feedback integral to the protocol and non-optional, or else the spam problem will appear again, sure as night follows day.

Note that we have many other systems out of control in computer networking, it's not just email. For example, there is no negative feedback applied to rampant abuse of user-side scripting by web pages. Web developers feel no cost regardless of how much end-user CPU, storage, or network bandwidth they employ, and since there is no negative feedback applied to their over-use, browsers typically have their CPUs pegged at 100% and the Web has turned to molasses. As techies we try to control the Web excesses with NoScript (for example) just as we try to control spam with SpamAssassin, but these are just fighting symptoms. You can't cure a disease by fighting symptoms.

This is a universal truth. No negative feedback spells trouble ahead.

Re:XP

[Demonoid-Penguin]

There are still a couple of hundred million XP machines running. As that number declines so does the amount of spam, but there's a long way to go.

The number of XP boxes on the internet has little to do with spam. It did when cheap VPS, cloud and broadband was uncommon. Blame their owners for a lot of things - but blame for spam is misplaced (the main exception being Michael Lindsay's "customers"). It's far cheaper, and easier to either rent a host or pay a mailing service than it is to rent (or build) a bot-net of sufficient size to produce a measurable amount of the worlds spam. SPF, DKIM and DMARC has also considerably reduced the viability of bot-nets for spamming as the major email providers reject their unauthenticated headers, or quickly identify them as spam.

The majority of those services provided by a small number of companies (in order of volume):- softbank.co.jp, unicom-bj, unicom-sc, drpeng.com.cn, webexxpurts.com, gmo.jp, kddi.ne.jp, kyivstar.net, uplus.co.kr, softcom.com.

The majority of spam is commissioned by a small number of arseholes (a significant number of them are bases in North America since China cleaned up it's act). In order of volume:-

• Canadian Pharmacy - Ukraine. A long time running pharmacy spam operation. They send tens of millions of spams per day using botnet techniques. Probably based in Eastern Europe, Ukraine/Russia. Host spammed web sites on botnets and on bulletproof Chinese web hosting.
• Dante Jimenez / Aiming Invest - United States. Spamwarez, lists, "bulletproof" hosting in the finest South Florida tradition. Working with worst cybercriminal botnet spammers. Now mostly involved in massive botnet spamming with hosting on hacked servers and Eastern European hosters.
• Yair Shalev / Kobeni Solutions - United States. High volume snowshoe spammer from Florida, (former?) partner-in-spam of ROKSO spammer Darrin Wohl. Son-in-law of ROKSO listed spammer Dan Abramovich. Sued by FTC in 2014 due to fraud.
• Yambo Financials - Ukraine. Huge spamhaus tied into distribution and billing for child, animal, and incest-porn, pirated software, and pharmaceuticals. Run their own merchant services (credit-card "collection" sites) set up as a fake "bank."
• Mike Boehm and Associates - United States. Snowshoe spam organization that uses large numbers of inexpensive, automated VPS hosting IPs and domains in whatever TLD is currently cheapest to send high volumes of spam to extremely dirty, scraped lists. Operates under many business and individual names.
• Michael Persaud - United States. Long time snowshoe type spammer.
• Michael Lindsay - United States. Lindsay's iMedia Networks is a full-fledged spam-hosting operation serving bulletproof hosting at high premiums to well known ROKSO-listed spammers. His customers spam via botnet zombies with spam payloads hosted offshore, tunneled back to his servers. He and the gang have been hijacking (stealing) IP address space from companies for years to spam from. Illegal in the USA.
• Jagger Babuin / BHSI - Canada. Romanian spammer now living in Vancouver BC. Also known as the "Dr Oz" spammer.
• First Place SEO & financial fraud spam gang - United States. Seem to be either Northern New Jersey or San Diego, California based scammers. They rent endless numbers of servers and buy endless domains to then pump out "SEO", search-engine-rankings and financial fraud scam spams.
• Josh Henderson or Nicholson - bulletproofvps.com - Canada. Offshore Bulletproof Hosting is his thing.

Top 10 countries that produce and export spam, in order of significance:- United States, China, Russian Federation, Ukraine, Japan, United Kingdom, India, Germany, Brazil, Turkey

Sources

Lawsuits

[www.sorehands.com]

Lawsuits against companies for illegal spam also reduces spam.

in 2003, I filed a spam lawsuit against a drug spammer in Florida. Shortly after I settled, the amount of spam I received went down by about 50%.

I filed several spam lawsuits between 2013 and 2014. The e-mail load on my mail server went down by 75%.

Between May 27 2013 and Sat Jul 18 2015 (782 days) my server processed 4,801,196 e-mails (6,1397/day).

In 2012, my server typically processed between 20k-22k e-mails per day.

Between Aug 11 2008 and Nov 29 2008 (110 days) my served processed 1,419,128 e-mails. (12,901/day) But In 2011 I more than doubled the number of e-mail users.

When you sue the advertisers, they may terminate some of the spammer and the advertisers get some of the money from the spam networks that they use. At the very least, spam lawsuits get you on the spammer's suppression lists.