Weekly Edition
Return to the Security page
| |||||||||||||
Victory against spam?
The August 20 edition of The Economist includes an
article (restricted to Economist subscribers as of this writing) makes
an interesting claim:
But "spam", unsolicited e-mail, seems to be in retreat. The
amount of spam that swishes through the internet is holding steady
or declining, according to most studies. And of the stuff that
still exists, the vast majority is blocked by filters before it
gets to an inbox.
The core of the article is based on a MessageLabs report stating that spam, which constituted 83% of all email traffic in January, fell to "only" 67% in June. 67% remains a horrifying number, but it also clearly is a step in the right direction. Interestingly, your editor's personal spam indicator, currently running at about 4,000/day, does not show any decline at all. Some people, it seems, are just lucky. The Economist credits a number of factors in the decline. Filters are one of those, though the article only mentions proprietary offerings. (Said proprietary filters are credited with 95% effectiveness, incidentally; your editor can attest that a well-trained SpamAssassin can do much better than that). Smarter recipients are another; evidently most Internet users have already enlarged whatever parts of their anatomy they felt were too small, or figured out that it wasn't going to happen for them. High-profile legal setbacks for selected spammers have provided a small disincentive. And phishing attacks, which are very much on the increase, have convinced many users that spam can be dangerous and is best avoided. Phishing is where the action is now - especially in South America, it would seem, where a strong interest in postcard sites makes attacks relatively easy. Since there is money in phishing, this problem is likely to grow, at least until enough people get burned that a general awareness sets in. It is a somewhat ironic outcome, meanwhile, that the phishers may be helping to take the profits out of spam, and thus reducing the problem. Declaring victory on spam seems somewhat premature, however. The costs of carrying that much garbage through the email system, filtering, and shoveling out mailboxes remain high. But wouldn't it be interesting if the arms race between spammers and their opponents turned out to be winnable - by the good guys - after all? (Log in to post comments)
Victory against spam? Posted Aug 25, 2005 10:13 UTC (Thu) by copsewood (subscriber, #199) [Link] The "victory" reported by the Economist may apply to some corporate success in subcontracting out email receipt and filtering, reducing the spam count in the inboxes of those who answered the relevant survey. But it doesn't represent a success in moving towards more open communications generally.Debate within the anti-spam developer community seems to be focussed on getting clearer lines of accountability into message delivery as a neccessary step before the problem can be controlled. The sufficient step after that will depend upon being able to use measurements of sender reputation once lines of accountability for origin are established. I am currently very impressed by the quality of thought and work behind CSV/CSA/DNA proposed standards , having partially implemented CSV (Certified Server Validation) within my own spam filtering program successfully a couple of days ago.
Victory against spam? Posted Aug 31, 2005 1:04 UTC (Wed) by kitterma (subscriber, #4448) [Link] In a recent survey of all .com domains a grand total of 5 were found to have published records for CSA. Probably won't help you much in the short term.
Victory against spam? Posted Sep 21, 2005 19:39 UTC (Wed) by copsewood (subscriber, #199) [Link] I agree that the CSV standard won't help reduce spam much in the short term - nor will any other genuine SMTP infrastructure improvement help in the short term. A realistic timescale is about 24 months to develop and debug a standard and combine or differentiate it from similar proposals. It will then take about another 12 months to include it into mainstream products and demonstrate it stable enough to improve life for early adopters. Another 12 months to persuade most potential mainstream adopters that they will be left behind if they don't adopt it, and a further 12 months to mop up the mess the late adopters find themselves in. About 5 years in total is a more realistic estimate for how long something requiring cooperation of hundreds of programmers and tens of thousands of mail and DNS administrators will take.
Victory against spam? Posted Aug 26, 2005 6:16 UTC (Fri) by njhurst (guest, #6022) [Link] The arrest of a high profile spammer in the US recently will probably have a greater effect :)
Victory against spam? Posted Aug 27, 2005 14:15 UTC (Sat) by alspnost (guest, #2763) [Link] I'm not seeing much "victory" around here, either. My home volume of spam isn't much of a problem; SpamAssassin deals with it and there are just a few minor annoyances each day. What's far grimmer, though, is wading through customer companies' spam traps each day, looking for false positives. This shouldn't be necessary, of course, and I'm hoping it's a temporary situation, but what an appallingly grim way to spend a little precious part of your life each day!
Victory against spam? Posted Aug 29, 2005 13:42 UTC (Mon) by xombi (subscriber, #13659) [Link] 4000+ spams a day? What could you be doing to get that much spam?
:)
Seriously, I don't know anyone who gets that much spam. Any idea what caused you to get so much?
Victory against spam? Posted Aug 29, 2005 14:05 UTC (Mon) by IkeTo (subscriber, #2122) [Link] It is not difficult at all to get such a good spam trap. First, use a stable mail account, and don't change your email address every now and then. Then, put the mail address in some web sites, and get as many other sites to link to that as possible. Let as many friends have your email as possible, and ask them to put your address in their address book so that when a virus or spyware attack their computers, your address gets sent to the spammer.
After that, use that address to post into many groups of the usenet and other mailing lists. As a little bonus, use that address to register online services, purchase, etc. At this point, success to get 1000+ spam a day should be just a one or two years ahead. It works very well for me.
Victory against spam? Posted Sep 2, 2005 13:47 UTC (Fri) by forthy (guest, #1525) [Link] I do all this. Doesn't help. Spam is downwards. I get on average 10-20spams per day (most of them filtered out). Just a few days ago, a coworker printed out a jpeg of someone who clearly needs to enlarge a certain body part, and I couldn't find a single recent e-mail with the appropriate topic. Spam on my working account also was much higher last year; a significant impact was that we now use Postfix with rbl and spf to reject connections before filtering, and spamassassin for filtering itself, but the consequence of these rejections are also that fewer attempts to deliver spam are made. The least effective place for spam-trapping is a public keyserver. I've a new mail address, which isn't published anywhere except for my GPG key. I've got *one* single spam in a period of a month or so that clearly must have used the keyserver (all my signed identities were spammed with one mail).
Victory against spam? Posted Sep 3, 2005 9:14 UTC (Sat) by anton (guest, #25547) [Link] I have my email address well published, and from the start of the year till now I got 144 spams per day on average. Our mail server does not reject blacklisted sites at the moment, though.
Victory against spam? Posted Sep 4, 2005 7:01 UTC (Sun) by la_atardecida (guest, #32256) [Link] Like Mr Corbet, I'm not seeing any decline in spam lately. To the contrary, last week, spams to my domain spiked at a bit above 12000 spams/day for one day. I'm now seeing a 7-day moving average of about 7000/day. My domain has been registered since 1995 and my web site has been very stable (no moving of pages causing 404's, pretty high quality of content etc.)FWIW: here are the stats on spams on my domain in the past 5.97 days. I truly regret having to red-act a few of the items, I don't want to help spammers too much with not widely used information. Items are ordered by the order they are applied. Each provides a "lift" which is the percentage of the remaining messages (not yet caught) that are caught at each step. The 'bad-address' bounces are mails that bounce to my domain by a large number of auto-responders who trust headers faked by spammers to include my domain. As you can see, these "helpful" auto-responders constitute roughly of 40% of the spam problem and give my spam catcher a 77% lift for one simple (much faster than something akin to bogofilter or spamassasin) check. Category Count %Count %Lift %Cumm virus-signature: 45 0.10% 0.10% 0.10% REDACT-secret1: 21978 48.02% 48.07% 48.12% REDACT-badaddr-bounce: 18398 40.20% 77.48% 88.32% null-from-bounce: 81 0.18% 1.52% 88.50% REDACT-badaddr: 4799 10.49% 91.15% 98.98% REDACT-spam-ip: 51 0.11% 10.94% 99.09% spamhaus: 44 0.10% 10.60% 99.19% unreadable-charset: 6 0.01% 1.62% 99.20% spamsig: 34 0.07% 9.32% 99.28% REDACT-SpamAssassin: 45 0.10% 13.60% 99.38% bogus-antivirus-bounce: 68 0.15% 23.78% 99.52% url-spam: 89 0.19% 40.83% 99.72% bogofilter-caught: 90 0.20% 69.77% 99.91% ===NOT-SPAM=== 39 0.09% 100.00% 100.00% TOTAL 45767 100.00% ------- 100.00% 20050903 45767/5.97 = 7669.44 messages/day (5.3260/min)
|
|||||||||||||