hultberg.org: LinkLog

Totally crazy spam numbers

This sounds a lot like the problems we face every day at work. Lately our mail servers are working harder fencing off spam than delivering proper email.

I have a small domain I run for my personal e-mail. On Saturday, January 26, I received 114 legitimate e-mail messages from friends, business associates, and various mailing lists. (I know that this number is kind of low, but it was a weekend!) On that same day, I received 174 pieces of spam that were automatically identified by Spam Assassin, the open-source anti-spam filter. So I am running 60 percent spam, a little worse than the Brightmail average. Except that even my 60 percent number underestimates the problem. That's because my computer automatically rejects e-mail that's sent to invalid addresses at the domain. Indeed, on that same Saturday, my server rejected 1,699 e-mail messages because they were sent to mailboxes on the computer that do not exist. Add those to the running total, and the amount of spam that my system was exposed to on January 26 rises to 94 percent of all received e-mail. But even that number doesn't tell the whole story.

Insane. Very interesting article about the increasing spam problem.

It’s no surprise that my server is being hassled by spammers from Japan. At the Spam Conference, Geoff Hulten from Microsoft’s anti-spam technology and strategy group said that much of the spam that Hotmail receives comes from China and Japan—in fact, those countries are now the second and third largest senders of spam. The United States is still Number 1, of course, but our Asian cohorts are moving up fast. What’s particularly troubling is that while spam from the United States runs roughly 50/50 with legitimate e-mail, spam from Asia outweighs legitimate e-mail by nearly 10-to-1.

Not only is the amount insane, the spam mail sent is getting more and more clever and also used to hijack account information from users:

Some of the spammers are getting very clever—and very dangerous. Brightmail CTO Ken Schneider says that some spammers have taken legitimate account e-mail from Citibank, modified a single HTML link in the body of the message so that instead of pointing at Citibank’s server, it points at a pirate server in China, and then sent out the e-mail to millions of addresses. All of the other links on the e-mail, including Citibank’s contact information and its privacy policy, properly point to the Citibank server. But a person who unsuspectingly clicks on that one rogue link will end up on the pirate server in China. Try to log in there with a valid username and password, and the pirates gain full access to the user’s Citibank account. This is spam in the service of organized crime. Ironically, when Brightmail blocks these e-mails, unsophisticated users sometimes complain that Brightmail is blocking a legitimate message—the spoofs are that good.

So what can be done? Proposals on creating digital signatures for servers exist, Yahoo! for example has devised such a method. Another method is called SPF, where the sending server is verified against its registered IP address. None of these methods are perfect or fool proof however.

The article ends in quite an ominous and depressive tone:

In the long term, however, these fixes are sure to fail. And there’s a worrisome lesson here. E-mail and Internet-based communications are powerful tools - and just a few people have figured out ways to turn them against the vast majority of Internet users, at a cost to businesses that is now estimated at over a billion dollars. What will happen when the new powerful tools of biotechnology and nanotechnology become widespread? If we can’t tackle the spam problem, then the future may be quite bleak.

False Hope for Stopping Spam

Random fortune brought to you by www.fortunes.nu:

:: ()