Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Spam Hits 95% of All Email

CmdrTaco posted about 7 years ago | from the thats-just-depressing dept.

Security 270

An anonymous reader writes "Commtouch released its Email Threats Trend Report based on the automated analysis of billions of email messages weekly. The report examines the appearance of new kinds of attachment spamsuch as PDF spam and Excel spam together with the decline of image spam, as well as the growing threat of innocent appearing spam containing links to malicious web sites. Image spam declined to a level of less than 5% of all spam, down from 30% in the first quarter of 2007; also, image pump-and-dump spam has all but disappeared, with pornographic images taking its place."

Sorry! There are no comments related to the filter you selected.

Summary only link (5, Informative)

Lord Grey (463613) | about 7 years ago | (#21008909)

The link referenced in the posting goes to a summary page that is a little light on details. At the bottom of that page is a link to the PDF-formatted report [commtouch.com] . There's a lot more information there, including some screenshots of example SPAM and malware sites, trends in attack vectors, zombie systems, etc.. Interesting stuff.

Re:Summary only link (2, Interesting)

speaker of the truth (1112181) | about 7 years ago | (#21008985)

Considering this is the land of the goatse posts and I've never heard of commtech before, how do I know this isn't a virus PDF?

Re:Summary only link (0, Funny)

Anonymous Coward | about 7 years ago | (#21009081)

I'll test it out for you. Downloading the file... opening it.... oh crap!
don't open the fi

HAHAHAHA DISREGARD THAT.
I SUCK DICKS.

Re:Summary only link (1)

mikael (484) | about 7 years ago | (#21009739)

Isn't there a proxy server somewhere that could convert PDF back to the equivalent HTML?

Re:Summary only link (0)

Anonymous Coward | about 7 years ago | (#21008993)

isn't posting PDF links on /. a form of bacn?

Re:Summary only link (2, Funny)

cayenne8 (626475) | about 7 years ago | (#21009681)

From the article:"... image pump-and-dump spam has all but disappeared, with pornographic images taking its place."

I dunno....I thought "pump-and-dump" was another word for "pornographic images"....

:-)

Ewww.... (1)

crovira (10242) | about 7 years ago | (#21009743)

JapScat images just popped into my head there...

Re:Summary only link (-1, Offtopic)

Anonymous Coward | about 7 years ago | (#21009489)

+5, informative for a link that's included in the article that Slashdot linked to? Seriously?

Re:Summary only link (1)

nschubach (922175) | about 7 years ago | (#21009929)

Sometimes the editors miss the important stuff and post links to sites with less than meaningful content. If the actual data behind the story is more informative, then yes. Seriously. I wish some other sites had that kind of feature. I hate clicking through four sites just to get to the source of the information because someone wants to get hits.

Re:Summary only link (1)

value_added (719364) | about 7 years ago | (#21009575)

There's a lot more information there, including some screenshots of example SPAM and malware sites, trends in attack vectors, zombie systems, etc.. Interesting stuff.

Indeed, though as a mutt user, I feel left out.

Seriously, though, I had no idea spam could be so colourful and attractive looking. All I get is random ascii. If I'm lucky, I may see something like (altered to protect the click-happy) the following:

You can pick up your postcard at the following web address:
[1]http://xm190.internetdsl.tpnet.pl/~test/foo/bar/card.exe

My spam is still lame :-P (5, Funny)

danaris (525051) | about 7 years ago | (#21008977)

...also, image pump-and-dump spam has all but disappeared, with pornographic images taking its place.

Huh? Where? Man, all I ever get are stupid Viagra spam and "O3M S0FTWARE!" (and variants thereupon).

Humpfh. Everyone gets pr0n spam but me.

Dan Aris

Re:My spam is still lame :-P (1)

adamlazz (975798) | about 7 years ago | (#21009165)

Maybe that is a good thing! Some of the things I have seen... The images are printed on the inside of my eyeballs.

Re:My spam is still lame :-P (4, Funny)

varmittang (849469) | about 7 years ago | (#21009283)

Tell me, is it bad when if you recognize someone from high school in one of those.

Re:My spam is still lame :-P (4, Funny)

Chrisq (894406) | about 7 years ago | (#21009323)

Especially when its your phys ed. teacher.

Re:My spam is still lame :-P (5, Funny)

blindcoder (606653) | about 7 years ago | (#21009371)

Do you recognise the girl? Then call her!
Do you recognise the canine? Then yes, that's bad.

Re:My spam is still lame :-P (1)

tygerstripes (832644) | about 7 years ago | (#21009771)

Depends. Do you teach her?

Re:My spam is still lame :-P (1, Funny)

Anonymous Coward | about 7 years ago | (#21009651)

I could forward you mine, if you like.

Re:My spam is still lame :-P (0)

Anonymous Coward | about 7 years ago | (#21010299)

Huh? Where? Man, all I ever get are stupid Viagra spam and "O3M S0FTWARE!" (and variants thereupon).
Ooh you lucky bastard, how I wish for that calibre of spam.

Right now I've got a inbox full of adverts for chemical toilets, wanna swap?

SPAM @ 95%?! (4, Informative)

thatskinnyguy (1129515) | about 7 years ago | (#21008991)

Thank God for Gmail and its excellent spam filtering! I don't think I've had any spam hit my inbox in 2 years. :-)

Re:SPAM @ 95%?! (1)

rvw (755107) | about 7 years ago | (#21009009)

I haven't had many, but I do get an occasional spam mail in my Gmail inbox.

Re:SPAM @ 95%?! (4, Funny)

blindcoder (606653) | about 7 years ago | (#21009297)

That's because they read every mail before it hits your inbox.

Re:SPAM @ 95%?! (1)

PrescriptionWarning (932687) | about 7 years ago | (#21009313)

yeah but its like a 3 year old reading your mail... its only going to catch words it knows

Re:SPAM @ 95%?! (3, Funny)

Opportunist (166417) | about 7 years ago | (#21009613)

I do NOT want to know what words you teach your 3 year old.

Re:SPAM @ 95%?! (1)

nschubach (922175) | about 7 years ago | (#21009951)

The kid's gotta learn sometime!

Re:SPAM @ 95%?! (0)

Anonymous Coward | about 7 years ago | (#21009617)

Did you know that your email program also reads your mail?

Re:SPAM @ 95%?! (2, Interesting)

Nimey (114278) | about 7 years ago | (#21009309)

Gmail's spam filters have definitely improved. When I first got my account (in '03?) I foolishly posted something to Usenet via DejaGoogle (required my @gmail.com account) and the spam just started rolling in. I still get lots of spam, but almost all of it is properly routed to the spam folder, and thanks to the CustomizeGoogle extension, I don't even see the spam count.

Re:SPAM @ 95%?! (1)

Thaelon (250687) | about 7 years ago | (#21009497)

I had the same problem.

Thanks Google, for not letting me obfuscate or otherwise modify my email when posting directly from Gmail!

Luckily the spam filtering is excellent and I've only seen one spam in my in box in months.

Re:SPAM @ 95%?! (1)

MeditationSensation (1121241) | about 7 years ago | (#21009359)

How many do you get per day? I get an average of around 100 per day, thanks to only 30 references to my email online. Most of those are newsgroup posts. Gmail gets most them, but some still end up in my inbox.

Re:SPAM @ 95%?! (1)

blindcoder (606653) | about 7 years ago | (#21009717)

Currently I get just under 1000 spammails a day, roughly 0.8% make it through to my inbox.

Re:SPAM @ 95%?! (1)

Gr8Apes (679165) | about 7 years ago | (#21010257)

That's why you use a "junk" email address for posting... I get virtually no spam in my email addresses, even ones that date back to 98...

Re:SPAM @ 95%?! (0)

Anonymous Coward | about 7 years ago | (#21010153)

The spam filtering is pretty good, but I find the amount of spam coming directly into my gmail account when I never give out that address highly suspicious. My account name isn't a common name or anything either, so I find it hard to believe it all arrives by chance.

Re:SPAM @ 95%?! (3, Insightful)

jfengel (409917) | about 7 years ago | (#21010193)

They're good, but they're not that good for me. I get several spams a day in my inbox (and thousands a day filtered out).

Bizarrely, they should be easy to identify. Most of them are in Russian. Whatever bayesian network they're doing should have figured out by now that I don't read Russian.

The other one is the same template, over and over, all beginning with the same phrase. I have no idea why that one keeps getting through.

I'm sure not complaining; they're clearly filtering out a huge amount of sheer misery.

call me a cynic, but (4, Insightful)

petes_PoV (912422) | about 7 years ago | (#21008995)

... here's a report from a company that specialises in anti-virus and other security products.

While I'm not denying spam etc. is an annoyance and does cause a lot of people some problems, do we really want to accept at face value some words from an organisation that could well have a vested interest in making the problem appear more threatening than it really is?

Personally I'd prefer to teach people how to avoid spam/virus infection - in the same way we teach people how to avoid clinical infection, than to go around wailing about how bad the problem is.

Re:call me a cynic, but (1)

aadvancedGIR (959466) | about 7 years ago | (#21009135)

"in the same way we teach people how to avoid clinical infection", you mean, with little to no succes?

Re:call me a cynic, but (5, Insightful)

gammygator (820041) | about 7 years ago | (#21009163)

FWIW, about 90% of our e-mail has been spam... and we've seen a solid 50% increase in traffic over the past quarter. The numbers aren't that out of whack. quote: Personally I'd prefer to teach people how to avoid spam/virus infection... Good luck with that. Particularly with the avoiding spam part. If you come up with a foolproof method that actually involves using e-mail... I'm sure you'll be a lot richer than I am.

Can we go to my scheme yet? (1)

Firethorn (177587) | about 7 years ago | (#21010059)

Good luck with that. Particularly with the avoiding spam part. If you come up with a foolproof method that actually involves using e-mail... I'm sure you'll be a lot richer than I am.

I have a modest proposal: Hitmen. And Hitwomen. It's simple enough. Everybody using email who are frustrated with spam donates a buck or so a year. The millions of dollars are used to hire teams of investigators who track down those sending spam, then you hire somebody to dispose of them.

This includes programmers that write worms that use email, people who operate illegal botnets* to send out spam, etc...

Word of the day: Defenestration

That's not an unrealistic number (5, Interesting)

SaDan (81097) | about 7 years ago | (#21009193)

I work at an ISP and we do SPAM detection and elimination at our border routers. We scan both incoming and outgoing email, and will auto blacklist our own internal IPs if we detect SPAM.

The highest two-week percentage of rejected incoming email that I've seen broke 97% a few months ago. It's normally between 90% and 95%.

It's loads of fun dealing with this crap.

Re:That's not an unrealistic number (2, Interesting)

liquidpele (663430) | about 7 years ago | (#21009243)

Out of curiosity, what do you use for spam detection? What percentage of the email do you actually delete so it never reaches the destination?

Re:call me a cynic, but (1)

jayhawk88 (160512) | about 7 years ago | (#21009261)

Clearly they are not counting the volume of email within companies, but even so, if this number is even within 15% accuracy, we're about 10 years away from abandoning email as a communication medium altogether. Can you imagine any other form of communication that was 95% inefficient?

Re:call me a cynic, but (1)

Velveeta_512 (1142553) | about 7 years ago | (#21009457)

I can... but then, I used to be a Sprint PCS customer...

Re:call me a cynic, but (1)

timeOday (582209) | about 7 years ago | (#21009599)

Can you imagine any other form of communication that was 95% inefficient?
I don't think the 95% figure is very important. What's matters is the balance of power in the arms race between spamming and filtering, i.e. how many spam actually show up in your inbox. Is the average user actually seeing any more spam than 10 years ago? I'm not.

Re:call me a cynic, but (3, Interesting)

Snocone (158524) | about 7 years ago | (#21009615)

Can you imagine any other form of communication that was 95% inefficient?

Flirting.

Let us pick some text randomly off a googled link and exercise our imagination.

"First for Emailing - UK's only Emailing Academy

We are offering you two free e-courses value $45 each. One is our new success emailing communication programme and the other is our popular lifestyle coaching programme

SUCCESS EMAILING Communication Tips - series of 4 communication tips modules. Designed to get you connecting and interacting more easily and effectively plus monthly success emailing newsletter with tips, quotes and news..."


When there is a large industry which advertises itself in terms like that instead of the original [flirtzone.com] then perhaps there would be a point to be made that email communications are unusually inefficient. In the meantime, well, sure looks to me like anyone who has ever interacted with the opposite sex should have no problem imagining a form of communication in which 5% efficiency would be a striking -- well nigh unbelievable actually -- increase, and somehow that communication medium has not died out in several millions of years.

*looks around* Ah .... neee-ver mind.

Re:call me a cynic, but (0)

Anonymous Coward | about 7 years ago | (#21010093)

I've read your comment a few times and still have no idea what your point is.

Who giving up, US or the spammers... (1)

crovira (10242) | about 7 years ago | (#21009855)

Why pay money when the amount of 'mail recipients' is down to 5% because filters have become so efficient?

That empties the possible pool of suckers out there so you might as well give up and find some other scam. (Remember, there zipper-heads want to get your money for free. If they can't... Well fuck it...)

OK, another data point (4, Interesting)

CustomDesigned (250089) | about 7 years ago | (#21009449)

Checking my mail stats, since 4 am this morning, I've received 51985 emails, 51909 of which were filtered as spam. That's 99%. Checking the bandwidth monitor, the spam has consumed a steady 100Kbit/s since 4 am, despite being mostly blocked in SMTP envelope via SPF and reputation (SPF blocks forgeries, reputation blocks spammers with the balls to use their own domain).

Re:call me a cynic, but (3, Informative)

l0b0 (803611) | about 7 years ago | (#21009727)

The statistics for CERN yesterday: 90% rejected, 7% (manually) moved to spam folder, 3% good mails. And that's not even including those that are just deleted without being moved to the spam folder. Scary tendency.

Re:call me a cynic, but (1)

Pontiac (135778) | about 7 years ago | (#21009819)

So far these numbers are right on for what we see here at my company.
Last year we were running about 80% spam
In July 07 we were at 90-92%
August-07 we reached 95%
Looking at the numbers this morning we hit 96% for the week.

Numbers rounded to the thousands
We run a cluster of 4 Eprism 2000 Appliances for inbound mail
This week we received 21,490,000 total inbound messages
We rejected 15,757,000 on RBL and Block lists
6,591,000 were passed through for spam filtering.
858,000 were passed as clean.

We only saw 200 infected messages because the Firewall is doing virus scanning and drops the packets before they reach the Spam appliances. Without that our overall numbers would be slightly higher.

white lists are the way to go (0)

Anonymous Coward | about 7 years ago | (#21009051)

All the more reason to use a white list. I never get spam, ever. And really - if I want to hear from you then you'll be on that list. If you aren't on that list then I don't want you cluttering up my inbox in the first place.

Re:white lists are the way to go (4, Insightful)

tepples (727027) | about 7 years ago | (#21009125)

And really - if I want to hear from you then you'll be on that list. If you aren't on that list then I don't want you cluttering up my inbox in the first place.
Let me guess: You don't run a business.

Re:white lists are the way to go (1)

gad_zuki! (70830) | about 7 years ago | (#21009689)

>Let me guess: You don't run a business.

Or his business uses a, you know, web form for contacting him with a captcha. Once they pass that stage they get whitelisted.

Re:white lists are the way to go (2, Insightful)

cliffski (65094) | about 7 years ago | (#21009719)

and what goes on the business card, the press release and other similar locations? or you think you can run a business that has no email address and ignores emails sent blindly to sales@ info@ and webmaster@ not to mention support@ ?

Re:white lists are the way to go (2, Insightful)

DrgnDancer (137700) | about 7 years ago | (#21009967)

Must be nice not need to hear from customers. Or legit vendors. Or old friends who changed their e-mail addresses. I'm jealous.

I can't even the use apparently moderately effective "blacklist Chinese and Russian IPs" technique. We correspond all over the world.

E-mail stinks (0)

Anonymous Coward | about 7 years ago | (#21009091)

because it's dead. There's no reliability: Thanks to spam and worms, "didn't receive your email" is always plausible. You don't know when your hoster's/provider's mailserver is being held hostage by some anti-spam lunatics. You don't know if the recipient uses an overzealous spam filter. You can only hope that your mail doesn't sit in a queue behind the latest spam storm for a day, twice, because the recipient uses graylisting. If you're asking a question, it takes three tries to get through pattern matching braindead auto response systems before you get to a real person who pretends to read your mail, and then ignores you. Email sleeps with the fishes.

It's urgent: phone.
It's important: letter.
It's important and urgent: fax.
It's neither important nor urgent: IM or SMS.
You don't care about it: email.

Why can't we stop this shit ?? (1)

moseman (190361) | about 7 years ago | (#21009107)

I for one am feed up with this shit. I know I will get flamed, but why not have your ISP limit the number of SMTP transactions to a "reasonable" amount without your expressed request for more. Say 1000 SMTP messages per day per IP for the average user. If you want more, then you simply ask for a higher limit. This would surely throttle zombies. Corporations would be exempt.

Re:Why can't we stop this shit ?? (1)

liquidpele (663430) | about 7 years ago | (#21009197)

Most ISPs just block outgoing port 25. I heard a few viruses have started trying to get the ISP login id/pass so they can send through the ISP smtp servers, but that won't work really because the ISP will notice that fast and shut you down since it would get their servers on blacklists pretty fast. It's the ISPs that don't do a damn thing that are the problem - anyone know of any major ones that still don't block port 25?

Re:Why can't we stop this shit ?? (1)

walt-sjc (145127) | about 7 years ago | (#21009397)

ISPs are in the perfect position to sniff traffic and identify infected machines that are part of botnets. It's obviously technically possible since the government does it at AT&T. You don't even need to sniff ALL traffic, SYN packets are enough. Most tech savvy businesses already sniff all their traffic with IDS systems, it's not a big leap.

ISPs should also be blocking outbound port 25 traffic from dynamic addresses (and if you need to use an external mail relay, use a tunnel or port 587.) Some ISPs do this already, many don't.

To all the whiners that don't like the port 25 blocking: Dynamic IP space is already "damaged goods", and you have multiple workarounds available to you. Any sane mail admin (including many large ISPs) already blacklist dynamic space therefor you can't effectively run a mail server on dynamic IP space.

The solution that stops 90%+ spam is out there, but it costs a little money to implement. It's still less money than what we currently are spending fighting spam. What are they waiting for - government mandates? Fines? Lawsuits? Getting their netblocks in 2,000,000 private blacklists that they have no chance in hell of getting out of?

Re:Why can't we stop this shit ?? (1)

glpierce (731733) | about 7 years ago | (#21009647)

"The solution that stops 90%+ spam is out there, but it costs a little money to implement. It's still less money than what we currently are spending fighting spam. What are they waiting for - government mandates? Fines? Lawsuits? Getting their netblocks in 2,000,000 private blacklists that they have no chance in hell of getting out of?"

I can actually understand the ISPs on this one. Yes, spam costs a huge amount of money to the economy as a whole, however it's not such a major cost to the ISPs themselves. As businesses, they can't make a case [to their stockholders, etc.] to spend a bunch of cash fixing someone else's problem. If the businesses that were paying the huge tolls created a fund to pay ISPs to fix the problems, then you might see something. Otherwise, government mandates are probably the only solution. As far as ending up on blacklists, major ISPs aren't all that worried; so long as they aren't blocking each other, their customers will be happy. Most people will blame whatever random business is blocking their email rather than their own ISP (after all, most of their email gets where it's supposed to go).

I sort of agree. (1)

crovira (10242) | about 7 years ago | (#21010165)

Either ISPs are common carriers (the postal system is a prime example, I get lots of 'junk mail' for every legitimate piece of mail, but at least they're getting paid to deliver the crap,) or they aren't (and NOBODY wants that.)

Its like the telephone itself.

Its NOT the phone company's problem if people call you in the middle of the night and threaten to cut off your balls.

They're just the messenger.

Re:Why can't we stop this shit ?? (1)

kasin (44122) | about 7 years ago | (#21009753)

The solution that stops 90%+ spam is out there, but it costs a little money to implement. It's still less money than what we currently are spending fighting spam.
Why do you assume ISPs aren't already doing this? 95%+ of email is spam, you just don't see it because the ISPs are in fact blocking. Problem is, the spammers can more easily add an order of magnitude more bots than we can add a order of magnitude better scanning.

- ObDisclaimer: I deal with email at an ISP.

Re:Why can't we stop this shit ?? (1)

DrgnDancer (137700) | about 7 years ago | (#21010075)

Other have pointed out other problems with your post. I'll point out that most spam does not originate in US ISPs. Even if the spammers themselves are in the US, they use ISPs in places where there are virtually no legal checks on what you do with your computer to generate the traffic (or spread the botnets to generate the traffic).

Re:Why can't we stop this shit ?? (1)

value_added (719364) | about 7 years ago | (#21010119)

To all the whiners that don't like the port 25 blocking: Dynamic IP space is already "damaged goods", and you have multiple workarounds available to you. Any sane mail admin (including many large ISPs) already blacklist dynamic space therefor you can't effectively run a mail server on dynamic IP space.

Agreed, but it's worth pointing out that fixed addresses aren't exactly the cat's meow, either.

When I signed up for a DSL account with SBC/ATT, I asked for static addresses and and got my delegation request for tiny /29 netblock processed a few days later. All good, right? With everything setup on my end, I send out a few test messages to my personal ATT email account (hosted by the folks at Yahoo), and it gets the 'YahooFiltered: Bulk' treatment 4 out 5 tries.

Granted, Yahoo uses DomainKeys, but a cursory Google search will reveal any number of problems from all sorts who have gone to the trouble of setting up DKIM, SPF, etc. and run into problems with their email being tagged as spam by Yahoo, Hotmail (especially problematic), or any of the other large email services.

The lesson seems to be is that if you expect your mail to be delivered, have someone else host it, or alternatively (if you don't want to use your ISP as a smart host), pay for one.

Re:Why can't we stop this shit ?? (0)

tepples (727027) | about 7 years ago | (#21009411)

Say 1000 SMTP messages per day per IP
Times a million rooted Windows PCs equals how many spams?

If you want more, then you simply ask for a higher limit.
By "ask" do you mean "pay"?

Re:Why can't we stop this shit ?? (0)

Anonymous Coward | about 7 years ago | (#21009817)

That's a very good point, but the optimist (well, the unreasonably hopeful optimist) in me says that the "customer calls up ISP, refuses to pay extra when they aren't the ones composing the emails, and gets their system properly secured to save money" process will at worst yield better security worldwide. Of course, it's much more likely that the ISP will cave in, or the customer will pay the extra money, or (most likely) they won't keep their PCs properly secured for long.

The other main problem is that a good chunk of spam emails I've seen come from free webmail providers (hotmail et al), and it's trivial to create multiple accounts and spam from each (especially if they had a botnet so that banning IPs wouldn't affect them). There is no way webmail providers would limit the number of emails per IP (regardless of accounts) as most households have two or more people using the same webmail service, it would cause too much uproar.

doubtful (2, Interesting)

jsldub (133194) | about 7 years ago | (#21009111)

I highly doubt that, "All Email"?

Did they track private networks? Encrypted Email?

Re:doubtful (1)

Alioth (221270) | about 7 years ago | (#21009259)

It's certainly high. Looking at my spam filter for the last week, 99% of email sent to me is spam - I'm now getting in excess of 250 spam emails a day, but generally only a couple of legitimate email messages per day. Fortunately, SpamAssassin filters nearly all of it.

Re:doubtful (1)

hansamurai (907719) | about 7 years ago | (#21009523)

Hey, I get spam on private networks too. No Mary, I do not want to see this hilarious video of a dog or read about this amazing (fake) story about some family.

Mine is full of spam... (3, Funny)

psychicsword (1036852) | about 7 years ago | (#21009139)

All I ever get is spam.

Most of the subjects are as follows:(filtered for privacy)
Courses next term
[Course name here] Grades
IMPORTANT: Calculus Final Exam Time
Hello from [Relative name here]
[Subscribe newsletter here]
Funny pictures

Why wont it stop?

Re:Mine is full of spam... mod funny! (1)

radarsat1 (786772) | about 7 years ago | (#21009531)

I know how you feel.. ;-)

Re:Mine is full of spam... (1)

frdmfghtr (603968) | about 7 years ago | (#21009573)

Courses next term
[Course name here] Grades
IMPORTANT: Calculus Final Exam Time
I don't know about the others, but as for these, maybe they would diminish somewhat if you went to class on occasion. :)

Re:Mine is full of spam... (1)

coldfusionjn (1110719) | about 7 years ago | (#21009725)

I don't know about him but that is when I play Portal while playing Halo 3 on xbox live?

Those were my organization's summer levels (1)

peipas (809350) | about 7 years ago | (#21009307)

We were at 95% spam back in June. September and October so far are 98%. Meanwhile, November 2006 was 89%.

Not new. (2, Informative)

Anonymous Coward | about 7 years ago | (#21009325)

Wasn't "95% of email is spam" reported by the BBC [bbc.co.uk] back in 2006?

And Security Focus has a great article [securityfocus.com] that shows how all of these numbers are totally made up.

Spam?? (1)

electronerdz (838825) | about 7 years ago | (#21009363)

I didn't know there was still spam out there? I got CanIt from Roaring Penguin [roaringpenguin.com] and don't see spam anymore.

penalize the seller not the messenger (2, Insightful)

Anonymous Coward | about 7 years ago | (#21009393)

If the financial incentive is removed the problem should go away. The spammer is not the root cause, the entity hiring the spammer and benefiting from the people responding to the advertisement appears to be the root cause and is easier to identify.

The entity initiating the process is identifiable ( the contact information must be accurate in order to effect the sale ) unlike the spammer that can utilize many techniques to avoid identification.

Re:penalize the seller not the messenger (1)

Firethorn (177587) | about 7 years ago | (#21010151)

I say major fines backed up by labor camps if they can't pay. CIA kidnappings and visits to Gitmo for major out of country spammers. Maybe contract with Russia for one of their old siberian prison camps.

Then again, I might be a tad irrational with my hatred of mass spammers.

Any different? (3, Insightful)

Gorkamecha (948294) | about 7 years ago | (#21009471)

Is this any different then the stats of the dead tree style of spam that appears in my mailbox every day?
And we have seen the huge (cough) progress made in removing that snail mail spam from the system.

Honestly, there seems to have been more progress in weeding out the digital spam then the paper sort.
Even vague sort of laws and protections and such.

Re:Any different? (1)

pthor1231 (885423) | about 7 years ago | (#21010039)

Seriously. I have gotten two applications FOR THE SAME CREDIT CARD in one day. Tell me what sense that makes...

Re:Any different? (1)

Hoi Polloi (522990) | about 7 years ago | (#21010143)

Probably minor variants in the same name or address. Speaking of which, non profits could save themselves a few bucks if they took the time to clean up their fund raising databases. I frequently get doubles from them (minor variations in address).

Re:Any different? (1)

Firethorn (177587) | about 7 years ago | (#21010221)

Is this any different then the stats of the dead tree style of spam that appears in my mailbox every day?

Good point. I'd estimate it at ~75% for me, defining SPAM as 'unsolicited commercial package that I'm not interested in'. Near 0% for fraudulent letters, which I got about a half dozen of when I was a teen. Near 90% of the spam caught by my filters is fraudulent and illegal in nature.

At least I can heat my house a bit with the dead tree spam.

Been there for years (1)

flyingfsck (986395) | about 7 years ago | (#21009483)

This is hardy new. Anyone with an old (>10 years) domain name is on every spam address list in the galaxy and likely gets 99.99% spam. All my mail server does is run spam assassin and clamav and a few times per day, actually delivers a real message.

That's an AVERAGE?? (1)

tygerstripes (832644) | about 7 years ago | (#21009501)

I get a fair bit of solicited and genuine email, and a moderate amount of spam. Thunderbird's and Gmail's filters seem to do almost all the filtering perfectly these days, but even checking the size of my inbox against my junk-boxes, I have to say that I'm getting nothing like 95%. Not even 50%.

Anecdotally, I don't think mine is an unusual scenario, which causes me to wonder: how many people are getting 96-100% spam, in order for this average to hold true? I mean, are there folks out there being inundated with a daily 100%-spam diet, just on the off-chance that they get a spot of lean steak one day?

Poor bastards.

Re:That's an AVERAGE?? (1)

amccaf1 (813772) | about 7 years ago | (#21009785)

Keep in mind that the "95% of all email is spam" figure probably also includes emails sent to a server with a bad/non-existent address. Spammers will use a list of commonly used usernames and send an email to a domain to each username on that list. Most of these will have associated mailboxes on a given server, but there's probably a significant amount that simply bounces back, keeping that signal to noise ratio very very low.

Re:That's an AVERAGE?? (1)

smallfries (601545) | about 7 years ago | (#21009995)

My gmail account had 535 spams in the last 30 days against 20 genuine emails. So that's roughly 96%. My gmail account name hasn't been splashed anywhere public, I only use it for companies that require an email for registration and with friends. The account name is 10 characters long and won't appear in a dictionary anywhere.

So I would guess that my usage patterns put me somewhere near the average and I'm seeing the spam levels that they talk about. You might be very lucky :)

Re:That's an AVERAGE?? (1)

oliderid (710055) | about 7 years ago | (#21010293)

In my case it is worst than 95%.
in four days i've received 1514 spams
I guess I have only received 30 or 40 legitimate emails for the same period.

97.5/98% of all my emails are spam.
Thunderbird does a pretty good job. I delete/flag manually 5 or 10 spams per day only.

Why do I receive so many spams?
I've got 3 different emails.
My primary email address didn't change for years.
It is available on my company's web site.
It is obvious (surname@mycompany.com)

What my friend sysadmin did (0)

Anonymous Coward | about 7 years ago | (#21009755)

He uses a custom hacked version of exim which basically sets up a delay (about 3sec) between the SMTP MAIL and DATA commands. This is a way of DoSing back the spammer by forcing them to keep open TCP connections. Most spammers give up about 1 sec timeout. That doesn't work for botnets though.

Yahoo Mail welcome spam and block real email (1)

crf00 (1048098) | about 7 years ago | (#21009787)

Anyone experience this with Yahoo Mail? Yahoo Mail has blocked any email that contain my website url, even though my website contains no spam at all. (same case as what happened with YouTube [slashdot.org] .) Yahoo Mail also blocked my other website's mail server that any mail being sent from that mail server goes into spam folder. All these just happened within last week.

The brute force style of filtering spam disappointed me alot as it makes innocent websites completely helpless to communicate with their members who use yahoo mail. Now that all my important messages go into spam folder and spam mails go into my inbox, the effectiveness of Yahoo spam filter becomes 0. (Yes I know I can unblock my website in my own account settings, but how about mails being sent to other people?)

Yahoo Mail sux and I am switching to GMail.

So where's the invisible hand? (2, Interesting)

suv4x4 (956391) | about 7 years ago | (#21009861)

Since most slashdotters are libertarians for some reason (and I could argue even I am to some degree) my question is: where's the technological efficient solution to this.

We've seen some "free market" solutions which basically required that you pay a fee to every mail provider so they don't trash your email. And this didn't particularly help spam either.

I come to the conclusion that spam as an issue is one of two things, or both of those things:

1) Not that big of a problem (hard to believe if you are a mail provider / ISP yourself)

2) Impossible to solve by means of free market solutions, and requires cooperation and standardization of new technology.

Point 2 is hard to happen since every little startup that comes with a mini solution, trumpet it on their own and hence they are only a nuissance to deal with in the big picture (due to lack of a single standard, it's impossible to have clients which make the process of whitelisting easier and even half automatic).

Here are couple of solution which would get us half-there, but are only quarter-implemented right now:

1) Whitelist SMTP servers by talking back to the supposed mail of origin and comparing IP-s. The SMTP may return list of IP-s this host responds from. This is then cached and used for further authentication on this domain. It *may* lead to DoS if many hosts do a first-time check simultaneously, but it's unlikely (and less problematic, given we're eliminating 95% of bad emails this way).

2) Test-for-human-intelligence in your first email to a new email. Such as, I don't know, some sort of CAPTCHA you fill-in? Once this is done, communication can proceed without further tests between those two emails. The receiver still has the option to block you, lest you employ a mechanical turk.

Those solutions are boring, they're incomplete in a way, they introduce hassle, but if we *all* agree on those, they can be made less of a hassle, and still not lose their efficacy.

That would require the likes of AOL, Hotmail, Gmail and so on free mail providers to cooperate with the likes of Microsoft, Apple, Linux devs and so on, to implement this on both the clients and servers.

Right now, I could see Hotmail cooperating with Microsoft (.. wink, wink.. :P ), but that's where it ends.

Re:So where's the invisible hand? (1)

John Bayko (632961) | about 7 years ago | (#21010171)

Established technology can be replaced if a technology for another use becomes popular enough, and can be adapted to replace the existing technology, and has some advantage. For email, two candidate technologies are notification feeds like RSS or Atom, and social web sites like Myspace and Facebook.

Both have an advantage over email in that you can control who you receive messages from because the sender identity cannot be faked. In RSS, you poll to get updates, so you know with certainty who you are polling. Social web sites let you define your relationship to others, and require an identity that satisfies those running the sites.

Either one could be modified to function like email, and I expect they will in time. Once that happens, existing email will have little reason to exist, and will go the way of Usenet newsgroups - generally used for special purposes, to unpopular for spammers to bother with. Email spam will be dead.

Re:So where's the invisible hand? (1)

jfengel (409917) | about 7 years ago | (#21010297)

I'd say that the real skew on the free market comes from the armies of spambots. They can spew essentially infinite spam, which gives the spammers a huge thumb on the scales in any free competition between us and them.

I'd say the agreement that needs to be made between us is to start shunning ISPs who behave so impolitely. Email is a commons, and subject to the tragedy of the commons. The solution to the tragedy of the commons is politeness.

This commons is so large that there's actually room for considerable freedom, but there are obvious offenders. If you have a machine on your network sending out email 24 hours a day, have a quick peek. If you feel squeamish, make that "peek" an automated spam filter. If it's all spam, SHUT IT DOWN.

Because if you don't, the free market solution is for the rest of us to shut you down.

Spam auf deutsch? (1)

mikeboone (163222) | about 7 years ago | (#21009881)

Anyone else getting a lot of spam in German? I don't think the spammers know that I can speak German, but I would say that at least 25% of my spam these days is in German.

Re:Spam auf deutsch? (1)

Corporate Troll (537873) | about 7 years ago | (#21010179)

No German spam here even though I do talk it (Luxembourg here). I guess you gave your email to some shady German website and they sold it to german marketeers.

Check your SMTP logs and see if it's the same IP addresses sending those spams. If so, blacklist.

Re:Spam auf deutsch? (1)

Hoi Polloi (522990) | about 7 years ago | (#21010199)

Ich weiss nichts!

Why we can't stop spam with our current techniques (5, Interesting)

damn_registrars (1103043) | about 7 years ago | (#21009905)

We can't stop it because we aren't addressing the real problem. Spam is an economic problem. People send out spam because they make money off of it. And they will therefore continue to send out spam as long as they make money off of it.

If you want to stop spam, you have to remove the economic incentive. To do that, you need to cut off the co-conspirators that are allowing the spamvertised domains to be established and hosted. If you can either prevent them from getting a cut off the action, or punish them severely for taking their cut, then you can stop spam.

Until then, if all we do is try to filter spam out, we'll just continue to see the costs of inaction. Beyond that, we're ignoring the fact that filtering has real costs, as well. Filtering doesn't prevent the spam from traversing the internet, and furthermore it requires human time to update as the spammers change their tactics.

I believe... (0)

Anonymous Coward | about 7 years ago | (#21009927)

I believe that 94.99% of all statistics are made up on the spot...

Email is dead, long live Email (5, Interesting)

kthejoker (931838) | about 7 years ago | (#21009947)

As email asymptotically reachs 100% spam, we will have essentially created a mechanism whose sole goal is to deliver us undesired ads and scams. Talking about spam detectors and blockers and blacklists is irrelevant. Why devote all of this energy to ensure that maybe 5, 10, or 20 people can contact you or your business a day? Or even 20,000, which only highlights the issue that separating spam from valid emails is just bad juju. Simply put, there is no solution to asynchronous communication that is not too tedious or too restrictive. We'd be a lot better off if we blew up all the email servers, and put all of the energy and cost savings into developing encrypted telepathy. You think I'm kidding.

Re:Email is dead, long live Email (1)

Dephex Twin (416238) | about 7 years ago | (#21010163)

We'd be a lot better off if we blew up all the email servers, and put all of the energy and cost savings into developing encrypted telepathy. You think I'm kidding.
Woah, how did you know what I was thinking? Wait a minute!!!!

Re:Email is dead, long live Email (2, Funny)

mrjb (547783) | about 7 years ago | (#21010209)

and put all of the energy and cost savings into developing encrypted telepathy
It will never work. Considering the trash in my brain, I must conclude that it has already been done, and it has already been compromised.

Re:Email is dead, long live Email (1)

keithjr (1091829) | about 7 years ago | (#21010261)

What's more intimidating to me is the tilting of the spam:real-message ratio COMBINED the general increase in internet traffic as more people and businesses come online. The bandwidth numbers are, frankly, staggering (sorry, can't find any good links to stats). Now, consider the economic ramifications of the amount of traffic caused by spam servers and botnets flooding the lines AND the amount of money (in commercially available products and human resources) companies and ISP's have to dedicate to stop spam from reaching users AND the lost productivity when the aforementioned measures fail AND the lower efficiency of malware-infested PC's in the botnets. This little advertising practice creates an unacceptable drain on our economy.

Only a few more percentage points to go... (2, Interesting)

s_p_oneil (795792) | about 7 years ago | (#21010271)

...before it reaches the level of spam I get in the mailbox in front of my house. I swear, if we want to save the trees, we need to start by arresting the people putting all those unwanted 20-100 page sales catalogs in everyone's mailbox every day.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?