Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Sophos Reveals Latest Spam-Relaying Countries

Hemos posted more than 8 years ago | from the spam-ham dept.

181

An anonymous reader writes "For the first time in more than two years, the United States has failed to make inroads into its spam-relaying problem. The U.S. remains stuck at the top of the chart and is the source of 23.2 percent of the world's spam. Its closest rivals are China and South Korea, although both of these nations have managed to reduce their statistics since Q1 2006. The vast majority of this spam is relayed by 'zombies,' also known as botnet computers."

cancel ×

181 comments

Sorry! There are no comments related to the filter you selected.

Why Divide By Country or Continent? (5, Insightful)

eldavojohn (898314) | more than 8 years ago | (#15770290)

I'm not sure why they divide by country. Are they implying that the laws and regulations of these companies should be stricter? Is this some sort of international contest to see who can restrict the rights of its internet users the fastest? The fact is that these nations are just relaying the spam. They might not be the origin of the spam so it's not like targeting a nationality will help.

Furthermore, these percentages don't appear to be normalized in any way. Does the United States contain more than 23% of the world's internet traffic? Probably. What about the sheer number of IPs assigned to citizens? Again, probably more than 23% of the world's total user population. Even if it isn't that high, it'd still show that countries like China are doing ok relative to the sheer number of users they have. I think this study only showed that spam is directly proportionate to internet usage. And nothing more.

Logically, you would divide by source or company or--better yet--ISP. I think the penalties should come from the companies that make money providing the internet service to the sources of the spam. Even if it's a bot or open relay for spam, the ISP should investigate it and shut it down. I honestly wouldn't be surprised to see Cox & Comcast show up on that list as they are so unbelievably careless.

I think laws against the internet service providers are in order to force this but it's difficult to track. That's why Sophos should publish names of internet service providers and drag them through the mud, I don't care about countries. And how about making the penalty for the ISP a bit tougher as in you get one warning about a particular user and then you're restricted from providing internet service?

In the end, you have to ask yourself--do we really want to make this a responsibility of all governments? I think the answer is 'no' considering that they can always just open up some operation in another nation and find an ISP dying for cash. Then you have to chase them there.

Re:Why Divide By Country or Continent? (1, Interesting)

Homology (639438) | more than 8 years ago | (#15770314)

I'm not sure why they divide by country. Are they implying that the laws and regulations of these companies should be stricter? Is this some sort of international contest to see who can restrict the rights of its internet users the fastest? The fact is that these nations are just relaying the spam. They might not be the origin of the spam so it's not like targeting a nationality will help.

Once I saw some statistics that USA is the originator of most of the spam.

Re:Why Divide By Country or Continent? (0, Troll)

RendonWI (958388) | more than 8 years ago | (#15770345)

You sure it wasn't just america that accually responds to the spam advertising. I mean who else but Americans need a larger p3n1s, or wants vi4gra? I would like to see a statistic on just that, how much of the world wide spam is targeted at Americans.

Re:Why Divide By Country or Continent? (1)

Mister Whirly (964219) | more than 8 years ago | (#15770492)

"I mean who else but Americans need a larger p3n1s, or wants vi4gra?"

EuroTrash - you know, the ones that blast Americans every chance they get, yet try as hard as they can to emmulate Americans.... Oh wait, of course you know - "It takes one..."

Re:Why Divide By Country or Continent? (2, Funny)

Brickwall (985910) | more than 8 years ago | (#15770426)

Yes, Hormel Foods is based in Austin, MN.

Re:Why Divide By Country or Continent? (2, Informative)

Homology (639438) | more than 8 years ago | (#15770854)

> Yes, Hormel Foods is based in Austin, MN.

Hormel Foods sells SPAM not spam, and last time
I checked they were quite picky about spelling ;-)

Re:Why Divide By Country or Continent? (4, Insightful)

yourOneManArmy (986080) | more than 8 years ago | (#15770316)

You're assuming media statistics are actually logical; they're designed to give 'convincing and unbiased' proof of the source's opinion.

Why are ISPs so reluctant to deal with the bots? (1)

Peter Simpson (112887) | more than 8 years ago | (#15770372)

It would seem to me that they have only network bandwidth and happier customers to gain by taking action.
If, in fact, the problem is naive, unprotected users, wouldn't a complimentary firewall and de-rootkitter CD be appreciated, and benefit both user and ISP?

Re:Why are ISPs so reluctant to deal with the bots (2, Insightful)

BVis (267028) | more than 8 years ago | (#15770430)

The old saying goes, "You can lead a horse to water, but you can't make him drink."

Updated, it'd be "You can lead a user to clue, but you can't make him think."

As it applies here, the average user isn't going to understand (or want to understand) what benefit these free items will give him/her. They've never heard of a firewall or a rootkit. All they really care about is how much it costs.

Now if a service could show better profits through these steps (from reduced expenses, including bandwidth, support, etc) then we might be getting somewhere. But you're never going to get anywhere trying to educate the user.

Re:Why are ISPs so reluctant to deal with the bots (1)

LindseyJ (983603) | more than 8 years ago | (#15770509)

It wouldn't cost anything, as it is complimentary.

Anyway, users, as you said, aren't too bright. Just put the firewall setup and de-rootkitter (and whatever else) into a CD labled "Setup" and the user will pop that right in. Hell, if you're feeling really audacious, put instructions on how to open your CD-ROM and insert the CD and then close it again, and what button to push on the Autorun in your setup pamphlet.

Re:Why are ISPs so reluctant to deal with the bots (2, Insightful)

eno2001 (527078) | more than 8 years ago | (#15770846)

Well I always go back to the example of a relative of mine who asked "What in the world would some hacker want with my PC"? They don't have a grasp of what access to even a Pentium 100 on a dial-up can be used for. They don't realize that spamming is pulled off with a "death by 1000 paper cuts" approach. How many average users could even grasp the concept of a computing cluster? Not everyone can or wants to understand this stuff. To them, it's just more time wasting useless crap when all they want to do is get on the net and play.

Re:Why are ISPs so reluctant to deal with the bots (3, Interesting)

bigbigbison (104532) | more than 8 years ago | (#15770928)

I see this illistrated every time I listen to the podcast of Leo Laporte's KFI radio show. Every show he has at least one call about spyware where he tells people the exact same things: Get a router, run spybot, adaware, windows defender. The people seem so clueless when he tells them that. I can understand that people aren't experts on things, but it is litterally the same advice every week. Weren't these people listening last week? If they've never listened before, then how did they know about the show in the first place? It just baffles me. Whether or not you think that is the best advice, I just don't understand how these people haven't heard it before.

Re:Why are ISPs so reluctant to deal with the bots (1)

Krojack (575051) | more than 8 years ago | (#15771036)

Its all about the money.. If the customer is paying their bill then let them do as they want. At least that my companies way of thinking.. and i hate it but i also need the job seeing IT jobs are running thin in the USA.

How about by the OS of the zombies (1, Interesting)

shis-ka-bob (595298) | more than 8 years ago | (#15770464)

It would be interesting to see this arranaged by the operating system of the infected computer. Given the frequency of infections by OS and the frequency of the OS on the internet, I can use Bayes theorem to deermine how suceptable a computer is to become a Zombie spammer. Im just guessing that this would not be flattering number for Microsoft, espicially the older versions of Windows. This sort of information could be used by Microsoft to encourage upgrades and by everyone else to recommend migrating from Windows altogether. In either case, this would give users actionable information to reduce risk - moving to a 'low spam' country simply isn't actionable for most people. As you pointed out, showing data by ISP would also be actionable. In either case, it allows for users to have some control.

Re:Why Divide By Country or Continent? (3, Insightful)

klaun (236494) | more than 8 years ago | (#15770591)

You don't seem to have much evidence for your assertion that ISPs are reluctant to deal with bots. I know that both ISPs your mention have aggressive programs to battle spam that is generated or relayed by users. It is really a very tough problem to deal with.

How do you identify a bot infected computer? What do you do to a customer with a bot infected computer that he is probably not aware of? What preventative steps can you take that will not interfere with legitimate customer traffic?

While technical savvy folks can generally think of solutions to problems, they often neglect the issue of scalability... every solution has to work in an environment that may deal with a million emails a second! Customers get very irate when they are disconnected, sandboxed, and refused further service until they run (free) anti-virus software on their computer. Customer care organizations within an ISP are generally very resistant to any program that will involve turning off customer service or restricting it, because that causes tremendous expense for them in terms of customer calls. ("What does this web page mean? How do I get rid of it?") It is not just about engineering a solution but also deploying it holistically within a company that has issues other than technology.

Other solutions that make managing the problem easier are also very expensive and slow to implement across a customer base of millions. SMTP AUTH deployments are tremendously expensive in terms of customer care, customer education, and engineering efforts. Everything is complicated by scale and working within the confines of a business with other requirements apart from just technical ones.

ISPs spend millions on efforts to combat spam. The anti-spam industry is expected to hit $1.7 billion in revenues by 2008. If you have the answer to all these problems, start a company and sell it. You will be very successful.

Re:Why Divide By Country or Continent? (0)

Anonymous Coward | more than 8 years ago | (#15770754)

You don't seem to have much evidence for your assertion that ISPs are reluctant to deal with bots


Or much evidence to back anything else that was said either, but regardless, raises a good point. Those companies that provide access to the Internet should be the ones tasked with tracking down and stopping spam relaying -- after all they're the ones making money off of providing that access.

I don't think that saying it's a difficult problem should lessen, in any way, the expectation that the problem be addressed. Just cause it's hard doesn't get you off the hook.

Re:Why Divide By Country or Continent? (1)

MikeTheC (990441) | more than 8 years ago | (#15771144)

Let's also not forget how litigious people can be here in the good 'ole U.S. of A. "How dare you accuse *me* of sending spam?!? Give me my damn connection back, or I'll sue!!!"

Now, I also fully realize that most threats of lawsuits are meritless (both in terms of the customer carrying through with it, and how well it would stand up in court if tried), but companies are, for the most part, scared to death of dealing with a lawsuit. Or, in the case of larger, established ones, *another* suit.

It's funny; it's almost schizophrenic. "No, that customer can't do such-and-such. Oh, wait, they're threatening to sue us? Well, give them anything they want." It's predictable!

Re:Why Divide By Country or Continent? (3, Insightful)

FireFury03 (653718) | more than 8 years ago | (#15771190)

Customers get very irate when they are disconnected, sandboxed, and refused further service until they run (free) anti-virus software on their computer.

In other news, drivers get very irate when they aren't allowed to drive their unsafe car on the road until it's been fixed. However, banning people with unsafe cars makes everyone else safer, so is a Good Thing. Same with infected computers. If a computer is actively attacking other systems then drop it's connection ASAP - this is good for two reasons:

1. It stops the infected system from doing any more damage to any other systems/people (this may be relaying spam, DDoSing someone, trying to infect other systems with a worm, running a phishing site, etc).
2. If someone loses their whole connection every time they get infected they might actually start giving a damn about their system's security.

that causes tremendous expense for them in terms of customer calls.

If all the ISPs started taking these measures then it would surely *reduce* the number of support calls since the number of infected systems would be reduced. Sure, there'll be a short term peak in the number of support calls but the long term picture is much better. Sadly, most businesses these days only seem to care about the short term bottom-line.

Re:Why Divide By Country or Continent? (0)

Anonymous Coward | more than 8 years ago | (#15770694)

UK population: ~60,000,000
UK online percentage ~33% [internetnews.com]
US population: ~300,000,000
US online percentage ~35% [internetnews.com]

US has ~105,000,000 people online. UK has ~20,000,000 people online. A factor of 5.25. But the US puts out over 12 times as much spam.

Re:Why Divide By Country or Continent? (1)

charleste (537078) | more than 8 years ago | (#15770712)

In the FA, they explained that the theory is Zombie PCs that are relaying spam, and suggest that the solution is tighter individual security on PCs in the U.S.. The originators are broken out by continent - North America is not at the top.

Re:Why Divide By Country or Continent? (1)

14CharUsername (972311) | more than 8 years ago | (#15770815)

Well aren't the number of people on the internet growing more rapidly in China? so by your logic the amount of spam should be increasing from there too. But they are reducing the amount of spam. The number of internet users in the US is growing much slower so therefore it should be easier for the US to fight spam than china.

And ok so you make a big list of spam-friendly ISPs. What the hell difference does that make? You think people will stop using them? No people will measure the quality of an ISP based on bandwidth/$. The free market is amoral. Nobody chooses their purchases based on morality. If that were the case Walmart would be broke.

Sorry its up to governments to deal with these kinds of problems. Maybe that goes against your libertarian sensibilities, but throughout history it has been the only way to fix these kinds of problems (tragedy of the commons).

Why continent (1)

phorm (591458) | more than 8 years ago | (#15771307)

Well I'm here in Canada, and we're apparently not even in the top-10 for spam, so there's a good chance that the local political/corporate environment affects the internet. Not that I've heard of us having big anti-spam laws here (and I do remember hearing about some big spammers living down east), but perhaps the ISP's are more vigilant.

I know that at one point I had been messing around with my proxy settings and that allowed it to be abused as an open relay. Consequently, there were about 1-2 days where some bastard(s) used it to send spam. About 2-3 days after that (after I'd caught it and shut it down, partly because of /.'s warnings that they detected me as an open relay) I had my connection borked by my ISP because they had received complaints. All it took was a phone-call to explain that the situation had been fixed and things were back up and running. I think they watched it for recurrence for awhile after that but I had no hassles.

So at the least, it seems that "Telus" in Canada does do something about the open relays. Unfortunately they seem to suffer from suckage lately for other reasons, but at least they're trying to keep their network 'clean' from usual misuse and abuse of spammers et al.

Deep Throat Knows (5, Insightful)

ackthpt (218170) | more than 8 years ago | (#15770340)

"Follow the money"

What's so hard here? The US has pushed for having banks and financial service companies to be more open with governments on who is doing what with transactions.

There's always the content, too. Just look in the emails and they have telephone numbers, web sites, the various means of seeing what these scumbags have to offer and how to contact them.

Educating the public is failing. Why? How many public service ads have you seen advising people how to protect themselves from being scammed, preventing identity theft, etc.? I've seen none. I see private ads OF the voice overs of the big dude with the girl's voice, where his identity has been stolen, I think it was for a paper shreader of all things.

Sophos must be with the terrorists as they are not proclaiming victory in the war on terror. Enough has been made of the suspicion (has anything been proved?) that terrorists raise funds this way. I wouldn't put it past them, but I also wouldn't put it past some russian teenagers with limited career potential in Putin's New And Improved USSR.

Re:Deep Throat Knows (1)

budgenator (254554) | more than 8 years ago | (#15770832)

Just look in the emails and they have telephone numbers, web sites, the various means of seeing what these scumbags have to offer and how to contact them.
No they don't, not anymore,

Sophos estimates that 15 percent of all spam emails are now pump-and-dump scams, compared to just 0.8 percent in January 2005. These scams are email campaigns designed to boost the value of a company's stock in order for spammers to make a quick profit. Many of these spam messages contain images rather than traditional text.

and that's been my personal experience in the inbox as well; I haven't gotten a farmapseudical spam in months! Now there is no money to follow, half of my spam is giffed pump-and-dump stock scamms and the other half is gibberish.

Re:Deep Throat Knows (1)

ackthpt (218170) | more than 8 years ago | (#15771152)

Sophos estimates that 15 percent of all spam emails are now pump-and-dump scams
and that's been my personal experience in the inbox as well; I haven't gotten a farmapseudical spam in months! Now there is no money to follow, half of my spam is giffed pump-and-dump stock scamms and the other half is gibberish.

Amazing how their 15% translates into 50% for you. While you were typing that up, didn't a little voice in the back of your mind tap gently at your conscience and suggest the there's a bit of a difference between the two? It might also have pointed out that we could also be on different spammers mailing lists, not representative of Sophos sample.

The volume has significantly ramped up in the last 3 weeks. On Sunday my ISP sent me a polite note that my spam-filter-box was now 4% over my quota of 50MB of space. My breakdown is about like this:

  • 50% pr0n
  • 25% d1scr33t ph4rm4cy
  • 10% UK (or other lottery winning notification)
  • 10% Banks/eGold/PayPal phishing scams
  • 2% Nigerian scams
  • 1% Ancient Virus/Worms still making the rounds
  • 1% h0t st0cks
  • 1% Other

These are largely the proceedes of posting anything on USENET and perhaps a few stolen address books.

I have a gmail account which seems to attract 100% chinese/korean spam, no clue what it's content is. I posted a note to a blog somewhere using the account and apparently that was how the spammers obtained that address.

Another address was listed on my web page, now removed or made less harvestable, and has achieved a significantly smaller following along the lines of the prior list.

My business address seems to garner exclusively PayPal phishing i.e. "Hey when are you going to pay (some piddly amount which looks a great bargain, hence the sucker bait) for this Dell Laptop?"

Isn't that completely amazing when different accounts can receive differently targeted spam? Golly!

Re:Deep Throat Knows (0)

Anonymous Coward | more than 8 years ago | (#15771037)

I'm seriously curious if you've heard of something called a "Joe Job". SURPRISE, SURPRISE, YOU CAN FAKE THE IDENTITY OF WHO'S SELLING WHAT! Not exactly the same thing, but the same principle.

Want to fuck with someone? Send a spam in their name. Put their telephone number as the contact number in the spam. Put down their address as where to send the money. Hell, for double the pleasure, advertise kiddy porn and watch the news for them to be arrested by some clueless gimp at the local PD.

The solution is a zero tolerance policy towards zombies. Don't know how to secure your box, or don't want to know how? Too bad, you get to live in the walled garden. Are you an ISP that continues to let people who continue to get rooted to use your service? If you're unwilling to cut their connection, you get to forward their payments as fees to a regulatory agency.

Uh, "other"? (-1, Redundant)

Anonymous Coward | more than 8 years ago | (#15770355)

With "other" making up 22% that is just shy of the top spot.

Normally the "other" is the smallest percentage. I think they have some more work to do.

I find Japan's spot interesting. Are they so low because they are good natured follow-the-rules types or because they are better about securing their systems? A little of both maybe?

No wonder (5, Funny)

traveller.ct (958378) | more than 8 years ago | (#15770364)

No wonder the tubes are jammed.

Re:No wonder (1)

Krojack (575051) | more than 8 years ago | (#15770997)

refering to the tubes being clogged at flickr? =)

The thing that I've always wondered... (1)

AltGrendel (175092) | more than 8 years ago | (#15770365)

...is how many of the zombie systems are actually deliberatly set up by the owner. Not some accidental "gone to the wrong web site" setup, but some "I'm gonna make some bucks serving spam" and then claiming they didn't know they were infected.

Re:The thing that I've always wondered... (2, Interesting)

99BottlesOfBeerInMyF (813746) | more than 8 years ago | (#15770890)

...is how many of the zombie systems are actually deliberatly set up by the owner. Not some accidental "gone to the wrong web site" setup, but some "I'm gonna make some bucks serving spam" and then claiming they didn't know they were infected.

Probably very few. If it is your own system you have to pay for the bandwidth. Or for even less money you can rent time on a botnet that runs on two thousand exploited Windows boxes. There are even Web based interfaces that will walk you through sending your spam. People who want to run their own spam service on legitimately owned and linked machines have been priced out of the market. Both are equally illegal, so no motivation there. Sure there might be a couple run by someone clueless, but the numbers won't compare to the thousands a botnet herder can put together in an automated fashion.

I've often wondered... (3, Interesting)

Osrin (599427) | more than 8 years ago | (#15770390)

... if you just opened up port 25 on EVERY machine and put some dummy SMTP recieve code behind it that did nothing else other than accept mail and then discard it, could we make it 500 million times harded for spammers to find an active and working open relay?

Would not work (0)

Anonymous Coward | more than 8 years ago | (#15770445)

The spammers actually test to see if they get an email from the server before using it as a relay server.

Re:I've often wondered... (0)

Anonymous Coward | more than 8 years ago | (#15770491)

Its been tried on a smaller scale. Some spammer's software seeds their bombing runs with test addresses so they can tell if the mail is getting though. When they don't get their test spam back, they move on the the next open relay.

We can do better than that! (4, Informative)

jd (1658) | more than 8 years ago | (#15770838)

TCP is based on packet acknowledgement and it is very doubtful that spammers have thought to check their software for deadlocks or timeouts. Instead of dumping the data, just have the connection hang after it is fully established, or send deliberately malformed acknowledgement packets. The idea here is to try and crash the zombie by either running it out of resources or giving it replies it can't handle.


Alternatively, if the spammer/zombie computer has port 25 open itself, have a netfilter rule that rewrites the destination address to that of the sender, increases the TTL, and sends the packets back in duplicate. Again, this is a resource-draining scheme. If it's an open relay, it'll get the spam and resend it. I believe the hop count for SMTP is something like 30 and each packet will go two ways along the wire, so it'll take 2^31 as much bandwidth overall, if a sufficiently large number of users set up this kind of loopback. Companies that simply don't care if their machines are zombies will suddenly notice a degradation of their networks but any packet monitoring they do will show all of the packets to have the IP addresses of their machines for both source and destination. At least some will zombie detox to save their sanity.

Re:I've often wondered... (1)

cswiger2005 (905744) | more than 8 years ago | (#15771183)

Its called a "honeynet" or "teergrube"...they work pretty well, although you're using publicly routable IPs in order to set up your spamtraps. Set one up as your secondary MX...

Imagine... (2, Insightful)

fragmentate (908035) | more than 8 years ago | (#15770403)

...if all ISPs simultaneously switched SMTP to another port... At least the existing "bugs" (as in malicious code) would break immediately.

Sadly, any trick (even as drastic as I've suggested) would only be temporary. People still click on random .exe files (and scripts) as fast as they come in. Any Dilbert, South Park, or Pokemon screensaver will be clicked on my some nitwit. I see the forum posts about how certain screensavers don't work. Well, of course they don't -- they're not screensavers, they're little servers designed to relay spam.

Given the vast numbers of idiots, and amateurs online here in the U.S., of course we're in the lead. (I have two teens -- both of them have clicked on evil .exe's -- firing off malicious code warnings on the Windows machines).

Educating the gajillion newly techno-blessed is the only way to get this under control.

How hard is it to understand, "If a stranger gives you an apple -- DON'T EAT IT!"

Re:Imagine... (0)

Anonymous Coward | more than 8 years ago | (#15770564)

Actually, something close to this has been proposed, where clients would continue to connect on the current port but inter-server mail forwarding would be moved to a separate port. Then, connections could be controlled based on what port they come in on: the old port would only accept "valid" client connections from whatever network the mailserver is supposed to be servicing (or users on another network but that can authenticate with the mailserver). The new port would only accept email destined for the local networks and sent from a valid MX (as per the domain's DNS record). Now, it wouldn't solve the problem of zombies that steal Outlook's configuration and send the spam through the "proper" channel, but it would silence a lot of trojans that carry their own smtp engine and attempt to deliver mail directly.

Since the client configuration shouldn't need to change at all, this should be slightly easier to implement. Just have to convince all of the mailserver admins to update.

Re:Imagine... (0)

Anonymous Coward | more than 8 years ago | (#15770623)

It is actually quite easy for providers to stop the spamming:

- by default, block all outgoing TCP sessions to port 25 except to their own outgoing mailserver

- install spamscanning and connection rate limiting on the outgoing mailserver

You would expect that providers would implement these counter-measures, because they are victims themselves.
(the mailvolume without spamming would be 1/4 of what it is now, cutting server and bandwidth cost)

Re:Imagine... (1)

rHBa (976986) | more than 8 years ago | (#15770700)

This is what AOL do in the UK. The problem is that I use different SMTP servers for different addresses, many use SPF to make sure that my mail is being sent by the correct SMTP server so when it is discovered that my email has been hijacked by AOL and sent with their own smtp server it is rejected as spam! Solution 1: Don't use AOL, Solution 2: Ask the postmaster to make the smtp server listen on another port

Your solutions are wrong! (0)

Anonymous Coward | more than 8 years ago | (#15770817)

These are the correct solutions and are easier than cancelling an AOL subscription.
  1. Ask AOL to use SRS instead of forging MAIL FROM
  2. Use a 3rd party SMTP auth relay


You can critisize AOL for everything except their anti-spam stance, I wish more providers would take spam as seriously.

Re:Your solutions are wrong! (1)

rHBa (976986) | more than 8 years ago | (#15770864)

1. I'll try that if I can get AOL to listen. 2. I am using a 3rd party SMTP authorized relay, that is the mail that AOL are hijacking

Re:Your solutions are wrong! (0)

Anonymous Coward | more than 8 years ago | (#15771121)

I wasn't accusing you of improprietry, SMTP AUTH is a protocol extension listening on TCP #587 by default. A simplier solution may be to ask your relay operator to run a standard MSA (Mail Submission Agent) on some port other than 25. Hope you are provided with a workable solution.

Re:Imagine... (1)

rbannon (512814) | more than 8 years ago | (#15770783)

Next time don't buy Windows! That is the sole source of your particular problem. And yes, your kids will still do stupid stuff, but leaving a loaded gun (Windows) around is just asking for trouble.

Re:Imagine... (-1, Troll)

Anonymous Coward | more than 8 years ago | (#15770863)

Ah, shut up.

Translation: (0, Redundant)

numbski (515011) | more than 8 years ago | (#15770412)

"The United States has the world's largest number of unsecured Windows machines, therefore making it painfully easy for anyone to become a spam king from the comfort of their own home by creating their own botnet."

Ja ne!

Do Americans have more, or just less secure, PCs (2, Interesting)

supabeast! (84658) | more than 8 years ago | (#15770419)

At first I was looking at the numbers and wondering if Americans just have so many more Windows machines than the rest of the big relays out there, but once the numbers get into the single digits (everything after the US and China) I quickly realized that most of the people in those nations are probably using the same OS - Windows - as people in the US. So is it simply that the US comes out on top because we have so damned many computers - as opposed to other nations where they're sometimes uncommon in households and people use internet cafes? Or is it not a PCs-per-capita issue, but an issue of people in the USA simply being to stupid/lazy/etc. to secure their Windows machines? If the former is the case, we're in for some nasty spam as PCs per capita increase, and there are ever more systems begging to be infected. If the latter case is true, what will it take to finally get Windows users to start securing their Windows boxes?

Re:Do Americans have more, or just less secure, PC (2, Insightful)

MikeTheC (990441) | more than 8 years ago | (#15770585)

Well, even though he mostly wrote it for British consumption at the time, I think that Charles Dickens pretty much nailed it on the head when he said that Ignorance and Greed were the watchwords of the future.

And why not stop and look at your comment and others: other than *ownership* of computers, the other major common factor here is Windows. It certainly isn't as though Microsoft isn't complicit in this. Look at the security holes and exploits and everything else that can be laid at their doorstep over the last, well, 5-7 years.

And before someone here tries to flame or mod me and say that Windows isn't the only thing you can write viruses for, yeah, silly, I know that. It's just that writing a virus for W32 / WinNT-class environments has always been made pretty much brain-dead simple by those folks from Redmond. If you want to write a virus for anything else, you actually have to know what you're doing to write code. You know, like the "good old days" of MS-DOS and Win1.x/2.x/3.x. Or Apple II. Or Amiga, etc.

I tend not to pay very much attention to the reports on the state of Internet or individual computer security when it comes from most public authorities, since they all like to dance blithely and blindly around Microsoft's (however unintentional) part in all this noise and nonsense. "Criticize Microsoft? We can't do that! We'll just pretend these problems are part-and-parcel of owning a computer! Heh heh! Nobody will notice!" The media needs to get a clue.

Oh, wait, it's the media. Nevermind... :(

Re:Do Americans have more, or just less secure, PC (1)

nero4wolfe (671100) | more than 8 years ago | (#15770667)

What I'd like is for broadband ISP's to at least make it harder for zombie'd systems to cause troubles; harder for zombie'd systems to communicate, etc. This particulary includes Cox, Comcast, etc.

I really wonder sometimes whether in the long run it might be cheaper for broadband ISP's to install a small firewall box between the customers computer and the internet for EVERY connection; similar to what Verizon seems to be doing for all connections to their FIOS (fiber optics to the home) service.

Re:Do Americans have more, or just less secure, PC (1)

supabeast! (84658) | more than 8 years ago | (#15771092)

"I really wonder sometimes whether in the long run it might be cheaper for broadband ISP's to install a small firewall box between the customers computer and the internet for EVERY connection..."

I concur - the need for a good hardware firewall is not new, it seems like it would be simple for every cable/DSL internet device provided to a consumer to include an easily managed firewall - it's not like most ISPs don't pass that cost along to the consumer, if not rent them the device outright. Of course, it could also end up generating a high volume of tech support calls for every dumb kid out there who demands help to configure the modem to allow him to run a CS server.

Re:Do Americans have more, or just less secure, PC (1)

Lennie (16154) | more than 8 years ago | (#15771280)

That's exactly what the ISP's in the Netherlands do you get a (NAT)router with wireless support for example.

With wireless support, which is not fully open, but properly secured by default.

Re:Do Americans have more, or just less secure, PC (1)

Krojack (575051) | more than 8 years ago | (#15770965)

I being from the USA and also working for an ISP would have to say its a mix of both. USA does have more PCs in homes then most other countries (also more data centers with servers). It also has a lot of Defective End Users (DEU's) that just don't know whats out there and how their computer can get infected.

I cleaned over 120 spyware and viruses off my sisters computer one time. I yelled at her and told her i wouldn't fix it till she at least got a irewall router to help block some or most of the incoming crap and also made her run a software firewall that won't allow outgoing connecting without clicking on "Allow" button on a popup.

I think people over the age of 40 that have less then 2 years internet usage should take some kind of internet class before using the internet.

Re:Do Americans have more, or just less secure, PC (1)

FireFury03 (653718) | more than 8 years ago | (#15771271)

So is it simply that the US comes out on top because we have so damned many computers - as opposed to other nations where they're sometimes uncommon in households and people use internet cafes?

ISTR I saw some statistics a while ago suggesting that the UK had a far higher DSL/cable connections to people ratio than most other countries (I think even more than the US). Yet the UK is pretty low down on the list of spammers. Admittedly the UK population is lower than the US population though - they really need to adjust those figures into "spams per citizen" or "spams per internet connection" to make them meaningful enough to draw conclusions about user cluefulness.

pump n dump scams (0, Redundant)

digitaldc (879047) | more than 8 years ago | (#15770420)

And I thought pump & dump scams were primarily concocted around 2am at Frat parties.

Sophos recommends that computer users ensure they keep their security software up-to-date, as well as using a properly configured firewall and installing the latest operating system security patches.
----How long, how long must we sing this song?

Correction (-1, Flamebait)

mustafap (452510) | more than 8 years ago | (#15770438)

>The vast majority of this spam is relayed by 'zombies,' also known as botnet computers."

I think he meant:

The vast majority of this spam is relayed by 'zombies,' also known as american citizens.

Re:Correction to the Correction (1, Flamebait)

digitaldc (879047) | more than 8 years ago | (#15770498)

The vast majority of this spam is relayed by 'zombies,' also known as american citizens.

Dude, you meant British citizens.
Have you forgotten about Shaun of the Dead?? [movie-gazette.com]

Re:Correction to the Correction (1)

gowen (141411) | more than 8 years ago | (#15770604)

We don't use the 'Z' word.

Re:Correction to Correction to the Correction? (1)

thewils (463314) | more than 8 years ago | (#15770766)

Dude, you gotta check your links!

MOD PARENT DOWN (0)

Anonymous Coward | more than 8 years ago | (#15770513)

Lame UK humor. :(

I for one... (3, Insightful)

Siberwulf (921893) | more than 8 years ago | (#15770526)

As impractical as it might be, I, being a software developer think the best way to go about removing this crap isn't on the receiving end. It won't be fixed by filters. It won't be fixed by blockers. The way to fix it is through putting some sort of tax, fee, whatever you might have it, on email getting sent.

Before you flip out and throw the "OMGOOSES MY FREEDOM" argument around, answer me this:

If you were being sent text messages to your cellphone, and being charged ten cents per text message, how long would you tolerate that?

The reason nothing is being done to combat this is due to the fact that when people spend hours cleaning off spam, they aren't even thinkinga bout the "Time = Money" equation. If they were, I think they'd be pretty hot about getting the senders punished.

Re:I for one... (1)

chemical_9 (783522) | more than 8 years ago | (#15770881)

Two Points:

1. How the heck would you enforce this? If there's an open relay in Sri Lanka, how could the US possibly "tax" it?
2. There's another system in place that has this "tax" you speak of, and it's called the USPS. I don't know about you, but I sure do get a lot of snail mail spam.

In the end, taxing e-mail is nearly impossible because the internet is a GLOBAL system.

Re:I for one... (1)

Siberwulf (921893) | more than 8 years ago | (#15771033)

1. It would be tough to enforce, but if there was a certification in place that would allow the differentiation of types of mail, it might help. Again, I said it was a theory, but not necessarily a possibility.

2. I get some spam in the snail mail too. However it is of noticibly less quantity, and the contents usually match the envelope. I've never opened up my Bank of America Envelope and had a "Get your w@ng enlarged" insert fall out.

Re:I for one... (1)

DamnStupidElf (649844) | more than 8 years ago | (#15771014)

. The way to fix it is through putting some sort of tax, fee, whatever you might have it, on email getting sent.

You don't have to pay for receiving faxes (unless you own a toll free number), but that didn't stop lawmakers from making fax spam illegal.

Not to mention that an email tax would do nothing to stop IM or blog spam.

Re:I for one... (1)

Siberwulf (921893) | more than 8 years ago | (#15771096)

Blog Spam can be somewhat averted by the sites themselves. I forget the name of the technology, its the one that makes you type in the characters in the scrabled view. That is getting tougher and tougher to crack (though it can still be done).

IM spam is a little easier to tackle. Many programs have "Allow IMs from those on my list only" which has effectively cut down my IM spam to zero. If someone wants to message me, they already have my email. They can just email me to get added to my whitelist, and all is well.

People DO pay per email! (0)

Anonymous Coward | more than 8 years ago | (#15771193)

The cost just isn't apparent. Companies spend money on spam filters, virus scanners, etc. and pass these costs on to the consumer in one way or another. Money is being spent on email, just not directly.

-nosebreaker.com

Spam Sources (4, Informative)

AaronW (33736) | more than 8 years ago | (#15770534)

My experience is that around 60-75% of the spam I receive comes from China. On my home mail server I finally broke down and started blocking the worst offending subnets and the amount of spam I received dropped dramatically. There is a RBL for China, cn.blackhole.us, or a combination of China and Korea (cn-kr.blackhole.us), though these are no longer listed and will likely disappear soon.

I also use several other RBLs which have helped a lot.

I also decided to add the worst offending subnets in China as rules for my firewall to block. The worst offending subnet is 221.208.208.x where my firewall reports an almost constant barrage of IM spam, and from what I've read, this subnet has been a problem for years.

For your own blocking, the following script will get all the subnets used by China (or any other country you're interested in, just change $ctry):

#!/usr/bin/perl $ctry = shift || 'cn'; $_ = `wget -O - http://www.apnic.net/apnic-bin/ipv4-by-country.pl? country=$ctry [apnic.net] `; print join "\n", /([0-9\.]+\/[0-9]+)/g;

At work, where I cannot do this, most of my spam is also received from China.

Out of the rest of the spam I receive, the US is actually pretty far down on the list of sources, though still much higher than places like the UK, Germany or France. The rest seems to come from places like Poland, Romania and Estonia.

Re:Spam Sources (2, Interesting)

treeves (963993) | more than 8 years ago | (#15770763)

I was surprised last week to get a piece of spam from a server at nih.gov.

Spamopoly (1)

burdicda (145830) | more than 8 years ago | (#15770586)

unless US home users take action to secure their computers and put a halt to the zombie PC problem

Whoa.....

It's US home users fault that a convicted monopoly was not prosecuted ???

Really ?
I just wonder how the spam problem statistic would look if suddenly there was a linux client in every single computer in America
where there now stands Windows. (I mean immediately as in the flick of a light switch)

Re:Spamopoly (0)

Anonymous Coward | more than 8 years ago | (#15771212)

Then I'm guessing Linux would be popular enough to justify a hacker writing malicious code for it.

Part of what makes Linux so secure is the fact that it is not all over the damn place like Windows. It isn't worth going after such a small portion of computer users when you can attack the majority on one OS. Another factor is that those who use Linux are generally tech-savvy. If, at the flick of a switch, most of the world was operating on a user-friendly Linux distro, how do you know that we wouldn't be in a similar situation?

In other news.. (1)

COMON$ (806135) | more than 8 years ago | (#15770622)

America was found to have the highest number of zombies and bots per capita....

Re:In other news.. (1)

SnarfQuest (469614) | more than 8 years ago | (#15771116)

Umm, Brains!!!

Eliminate the zombies (2, Interesting)

Dadoo (899435) | more than 8 years ago | (#15770629)

I haven't been keeping up on my anti-spam measures, lately, so I'm not sure if this has been considered, yet. Wouldn't it be possible to simply add a DNS record that allows a mail server to verify that the machine trying to send it mail is authorized to do so, for that domain?

A machine that supports it could ask the sending domain "Is this machine allowed to send email on your behalf?" The sending domain could simply answer "yes" or "no". That would immediately eliminate all the zombies, for those people who wanted to upgrade their DNS and mail software. It would also be backward compatible for people who couldn't. The best part is that could be controlled by the domain administrators, rather than some government agency or black hole list.

Re:Eliminate the zombies (1)

thewils (463314) | more than 8 years ago | (#15770697)

You have just described SPF (Sender Policy Framework).

Check out OpenSPF [openspf.org] for more details.

Re:Eliminate the zombies (3, Interesting)

vux984 (928602) | more than 8 years ago | (#15770740)

It already exists, its called an SPF record. Its been around for years now and 95% of domains don't have one.

There is also nothing stopping the spammers from using SPF, and they do. In fact, in many surveys the spammers are registering domains and using SPF *more* than legitimate users are. SPF does mitigate some spoofing issues, but that's about it.

On its own its proven worthless. As part of more cohesive anti-spam strategy it might prove to have some value.

Re:Eliminate the zombies (1)

Dadoo (899435) | more than 8 years ago | (#15770944)

It already exists, its called an SPF record.

Well, I've heard of SPF. I guess the actual mechanics didn't register, consciously. :-)

In fact, in many surveys the spammers are registering domains and using SPF *more* than legitimate users are.

Sure, but you'd think they wouldn't be able to keep that up, forever. It's trivial to reject all mail from a specific domain in most email software and, every time a spammer needs to register a new domain, it'll cost him money.

Re:Eliminate the zombies (1)

Zocalo (252965) | more than 8 years ago | (#15771137)

Every time a spammer needs to register a new domain, it'll cost him money

Yeah. Sure. Like maybe $1.99. Domains are cheap; a spammer can quite easily register a domain, possibly even on the credit card of a random luser that got phished, configure some hosts and SPF records and send several tens of millions of spams in a few hours. All it takes is one valid order with a profit margin greater that $2 from all that and they are in the black, and if they get the timing right then with some registrars they can even cancel the domain and recoup the $1.99.

The only thing that SPF provides, and all that it was ever intended to do, is to try and prevent domain names from being misused in Joe-Jobs and phishing attempts, primarily through enabling ISPs to reject/discard the emails before a delivery failure message gets generated. It does work quite well, although there are some minor issues with forwarding that need to be taken into consideration, so quite why it has not been adopted by more of the companies likely to be used in phishes than it has I don't know.

Re:Eliminate the zombies (0)

Anonymous Coward | more than 8 years ago | (#15771246)

> It does work quite well, although there are some minor issues with forwarding that need to be taken into consideration

that's hardly a minor issue, it's a showstopper.
take a look at the mess that is srs and you'll see why most people avoid spf.
for a bank or similar institution, it has some value, for anyone else, the breakage
is just too serious to ignore. /$0.02

What a Poorly Written Article (2, Insightful)

schweitn (802998) | more than 8 years ago | (#15770647)

Its articles like these that lament people's basic misunderstanding of statistics. They use percentage of spam sent by countries in order to try to prove that spam is not being reduced in the United States. The problem is that simply relaying a percentage of total spam does not prove or disprove this point. It simply shows whether the US is changing more or less in proportion to other countries. Did the total number of spam messages go up or down? What about the total number of bot nets? The reality is that the total numbers could have gone down, and the US percentage still could have gone up depending on whether other countries went down further than the US. Percentages always add up to 100!

My milter reduces spam from fooled computers... (1)

mi (197448) | more than 8 years ago | (#15770653)

Whether it is a zombie, which is not supposed to have an SMTP server at all, or a legitimate mail-server fooled into relaying spam to you, my milter [virtual-estates.net] will black-list it for a few hours after your spam-detectors issue their first verdict against the relay.

Unlike with most blacklists, though, the damage from a false-positive is merely a delayed, rather than rejected (or, worse, dropped) message...

ISP's and Open Ports (1)

DigitalRaptor (815681) | more than 8 years ago | (#15770654)

If the ISP's implemented a system whereby port 25 was closed and the average John Q. Public had to send mail through it's servers, or something else like GMail, then the vast majority of zombie spam would disappear overnight.

Then each customer could be limited to __ number of emails each day (perhaps 20). Beyond that they would have to log in and manually re-enable their account for another 20. People regularly exceeding their amount could apply for a higher threshhold.

A little inconvenient? Yes. More inconvenient than receiving 400 spams a day? I think not.

Re:ISP's and Open Ports (1)

P3NIS_CLEAVER (860022) | more than 8 years ago | (#15770753)

Or just make them do one of those image doo-dads to prove they aren't a machine. I haven't used POP since 2000 when I got my yahoo account; I am suprised people are still using it as much as they do.

Re:ISP's and Open Ports (1)

Krojack (575051) | more than 8 years ago | (#15770799)

This would help and some cable providers do block outgoing port 25 to any other mail server other then their own.

I have brought this up to the ISP i work for many times but the head above me shoot it down with stupid reasons like "our customers arn't smart enough to know how to use this". Well if people arn't forced to learn something they they will remain stupid. They will learn if needed to!

Re:ISP's and Open Ports (1)

Limburgher (523006) | more than 8 years ago | (#15771205)

Not going to work. Some people legitimately need to run an email server. That's why I use Speakeasy, because I have complete freedom. That said, pushing the freedom all the way to the end user also pushes the onus for security to the end user, but that's where it should be anyway. I'm not sacrificing freedom for "security". (sound familiar? :))

you have to put those numbers in perspective (2, Insightful)

iritant (156271) | more than 8 years ago | (#15770659)

According to the Computer Industry Almanac [c-i-a.com] the U.S. uses 25% of the world's PCs. While I know our broadband penetration is not has high as other countries, we sure have a lot of hardware. Another thing to look at would be total messages in/out versus total messages claimed as spam. Sophos doesn't give us that piece of information. At least last year, Andrei Serjantov and Richard Clayton had done some work along those very lines in a paper found here [infosecon.net] . I don't know if they've updated it.

What I see (1)

BCW2 (168187) | more than 8 years ago | (#15770698)

My ISP has a pretty good filter and they hold what is blocked for a week. When I access my "help mail" file everything is identified by country. Two months ago close to two thirds was from the US and it all got forwarded to the FTC. Today that is down to about 40% from the US and I still forward everything to the FTC. They do file many charges against spammers every month and the US amount is dropping.

I suspect that if things were traced all the way through that many of the US and offshore groups are related and working for or in partnership with each other. If the top five "spam cartels" were taken down I think we would see a 75% or more drop in SPAM worldwide.

Re:What I see (1)

Red Flayer (890720) | more than 8 years ago | (#15770889)

If the top five "spam cartels" were taken down I think we would see a 75% or more drop in SPAM worldwide.
Until "spam cartels" number 6 - 10 pick up the slack.

worrying? (2, Informative)

pe1chl (90186) | more than 8 years ago | (#15770734)

"It's worrying to see so many pump-and-dump emails - often with embedded graphics included - being spammed out to the general public," added Cluley. "The people that act upon these emails aren't skilled investors, and don't realise that purchasing the shares is likely to reap no reward, benefiting only the spammers, while creating a financial rollercoaster for the organisation in question."

Why is this worrying, in the sense that it needs to be mentioned explictly?
Most of the general public is not medically educated either, yet we have received spam about all sorts of pills for a long time.
And many do not know what 419 is, yet lots of those mails are sent as spam.
Lots of the spam I receive is in far-east languages which most western citizens are not skilled to read.

SPAM in itself is worrying, but there is nothing especially worrying about pump-and-dump.

Detect and Flag Windows Relay as probably spam (0)

Anonymous Coward | more than 8 years ago | (#15770839)

Any serious mail site does not use windows.
So one solution is sniff ports a little. If it is windows, it is assume to be insecure, and probably spam infected.

I presume that the handful of legitamate microsoft mail servers can be white listed.

Re:Detect and Flag Windows Relay as probably spam (0)

Anonymous Coward | more than 8 years ago | (#15770990)

You are very, very stupid.

sorry (0)

Anonymous Coward | more than 8 years ago | (#15771275)

we are sorry that the microsoft viruses make you angry

So much for the US (0, Troll)

Max_W (812974) | more than 8 years ago | (#15770886)

Gi! I thought the US fights spam for all of us around the world, but it is actually sending us the spam.

Oh my, what else I should know.

I blame Bill Gates (1, Interesting)

FlynnMP3 (33498) | more than 8 years ago | (#15770919)

Who designed or allow to be designed all the software that is used for spam, virus and other technodangerous programs? Sure, all the unwitting unsuspecting people out there that treat their computer as a black box should be ashamed of themselves. To use a windows computer safely these days requires a strong predilection to research and remembering security bulletins and knowing specifically how a computer does things. Which in of itself requires knowing about security models, social engineering, UI design and understaning geek lingo.

In short windows computers are no longer general use. Do you realize the implications of that statement? Well yes, of course you do gentle reader. Just this past month my mother called me her laptop died. Turned out a virus got in and overwrote some system files for Windows 2k. This is after telling her to not click on executables in emails, not answer any emails from banks without calling them, and plenty of other things that I read about daily. Even with constant reminders (voice and email) telling her to push the update button on AVG and looking at the results log and telling me if any red stop signs show up. She is now using a backup computer that I had laying around. This is Windows XP professional, installed with all the security trimmings (which shouldn't even be necessary on some level) of zone alarm, avg, and spybot - all setup to run automatically. I suggested that she get a mac mini for her next computer. She is thinking about it.

Yes windows has gotten better about educating users, but only after the situation is so bad that almost nothing can stop it. Vista betas already have viruses. That's insane!

Face it, this country has the most educated, nothing to do, do anything for business minded people ever. Heck the corporations are willfully fleecing the public and most of the them don't care that it's hapenning! "It's ok coming from us, because we use friendly advertising icons. /nod /nod".

Makes me sick.

Sick of hearing about zombie botnets, spam cartels (2, Insightful)

Rorian (88503) | more than 8 years ago | (#15770998)

None of it would exist at all if the END USER stopped buying viagra every time they get an offer in their inbox..

However, I would applaud a spamming company that slowly removed non-responsive email addresses from their spam lists and tailored their spam only to those few users who respond

It's a Microsoft problem, not an American problem (0)

Anonymous Coward | more than 8 years ago | (#15770999)

Once upon a time not long ago I decided to track down where the spam I was getting came from. I did this for about a month and in that month 99.9% of the spam I received came from what appeared to be zombie "Windows" machines. When are people going to call this out as what it really is, yet another Microsoft problem. You can find my tracking results here:

http://voidmain.is-a-geek.net/spam/ [is-a-geek.net]

Void

Port Blocking and interface? (2, Interesting)

Midnight Thunder (17205) | more than 8 years ago | (#15771006)

My provider prevents me from sending to SMTP ports outside of my domain, for better or for worse. This got me thinking:
    - would it be possible to selectivley block ports?
    - provide an ISP based UI, where you could unblock ports based on your account?
    - if both above are doable, what over head would this provide?
    - maybe provide different default configurations based on the type of user you are (technophobe, newbie, average home user, business user, power user, etc)
    - how well would such a solution go down?

Sure you could ask everyone to install the equivalent of zone alarms, but this is not always going to happen.

But How Many Computers? (3, Informative)

fdiskne1 (219834) | more than 8 years ago | (#15771198)

I see a number of people asking the question "But how many computers are there per country?" I found the numbers at:

http://www.c-i-a.com/pr0904.htm [c-i-a.com]

Here's what they show. I've added the % of spam coming from each country as the last entry in each line:

Top 15 Countries in Internet Usage
Internet Users (#X1000) Users% Spam%
1. U.S. 185,550 19.86 23.2% of spam
2. China 99,800 10.68 20.0%
3. Japan 78,050 8.35 1.6%
4. Germany 41,880 4.48 2.5%
5. India 36,970 3.96 N/A
6. UK 33,110 3.54 1.8%
7. South Korea 31,670 3.39 7.5%
8. Italy 25,530 2.73 3.0%
9. France 25,470 2.73 5.2%
10. Brazil 22,320 2.39 3.1%
11. Russia 21,230 2.27 N/A
12. Canada 20,450 2.19 N/A
13. Mexico 13,880 1.49 N/A
14. Spain 13,440 1.44 4.8%
15. Australia 13,010 1.39 N/A
Top 15 Countries 662,360 70.88
Worldwide Total 934,480 100

It looks like the USA's numbers are right about on track with most other countries with China way out in front as to percent of the spam problem compared to percent of Internet connected computers. What's this? France has twice the percent of spams relaying through their country compared to the percent of Internet users? For shame!

can't say I'm surprised - spam me me me! (2, Interesting)

tota (139982) | more than 8 years ago | (#15771254)

Last time I posted, I somehow offended a few americans who mistakenly took my attack on climate-change nay-sayers as an attack on America and americans as whole: it resulted in DoS on my sites and a joe-job campaign against my public mail servers.

Polute the world, polute our mailboxes, and be damned anyone who dares question whether this is moral or not!

Funny thing is: my spam filters are now much improved! Thanks!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>