Slashdot Log In
Spammers Choose GMail
Posted by
CmdrTaco
on Thu Jul 17, 2008 07:47 AM
from the my-inbox-it-hurts dept.
from the my-inbox-it-hurts dept.
EdwardLAN writes "A study by Roaring Penguin has discovered that during the past three weeks, the amount of spam originating from Gmail has risen sharply." My spam has been pretty ridiculously high for the last few weeks, although I have no idea if this is part of it. It really does seem like gmail's spam filters are declining these days.
Related Stories
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Invite-Only (Score:5, Interesting)
Re:Invite-Only (Score:5, Funny)
Parent
Re:Invite-Only (Score:5, Insightful)
Two years of beta in the OSS community isn't unheard of. Wine was in an alpha/beta state for what...16 years?
Parent
Re: (Score:3, Interesting)
Re: (Score:3, Informative)
I did not say Gmail was OSS. I said "Two years of beta in the OSS community isn't unheard of." I'd edit to change the wording, but I can't.
Re:Invite-Only (Score:5, Funny)
Wine was in an alpha/beta state for what...16 years?
It took forever to work out the tannins...
Parent
Re: (Score:3, Insightful)
Maybe they should have just kept the system invite-only, instead of opening it up to everyone -- that would help, the way I see it.
Sure that would help, but it would mean less ad views for Google.
Re: (Score:3, Insightful)
Google doesn't get paid for ad views, only ad clicks.
SirWired
Re:Actual Origin? Don't blame service provider. (Score:4, Informative)
You linked to the usual "time to pwn" stories, but the reality is that botnets grow nowadays by means of email attachments. Very few (that I know of) trojan attacks are over remotely-exploited vulnerabilities, with patches or not. You are implying that botnets are created when unsuspecting Windows users install nine-year old copies of an unpatched operating system. That's not true, is it?
The previous wave of trojan attacks (with those "admirer has send you a message" subjects) grew botnets dramatically, I think. How do you account for that? Sobig [wikipedia.org] is the fastest spreading trojan ever, and it requires user interaction to infect a machines. It's a proven fact that infections are spread thanks to vulnerabilities with available patches. How do you account for that?
How is that a "continued failure" of "M$" to protected their customers again?
If your Windows machine is in a botnet herd, you probably did something you shouldn't have, or failed to patch your machine. Even the actual remotely-exploitable vulnerabilities like Blaster have had patches available a month before the exploits were seen in wild.
Parent
Gmail's spam filters (Score:5, Interesting)
How does spammers creating gmail accounts to send spam from imply that gmail's spam filters for inbound mail are declining? (if that is indeed what the summary is supposed to say).
Re:Gmail's spam filters (Score:5, Funny)
Now listen, if you've waited this long to complain about Taco's reading comprehension skills, you're way too late to get into the game.
Parent
Re:Gmail's spam filters (Score:5, Insightful)
I find it interesting that gmail's spam filters are in-bound only (If that is in fact the case [citation needed])
on the e-mail system I run, every message gets sent through our spam/virus-detection system. I don't care if it's inbound, or outbound, it gets scanned. period.
yes my site is much smaller than gmail, but still... isn't the first rule "Don't trust the users!"?
Parent
Re: (Score:3, Insightful)
I also think ISPs should be forced to do this. If they have a customer who sends massive amounts of email, they should have to investigate the nature of those emails. If they have an IP that is sending out spam, disable that customer's account until the problem is fixed. It would really disrupt a botnet if every time they a
Re:Gmail's spam filters (Score:5, Insightful)
I love Slashdot. One minute everybody is all pro net-neutrality, and insisting that ISPs shouldn't prioritize or monitor customer traffic because it's none of their business what someone does with their connection. Then somebody mentions the word spam, and all of a sudden the attitude turns completely around and ISPs should be held responsible for customers private communications and behaviour on the internet. Kicking people off the net is fine, as long as you're only breaking spam laws. But kicking people off the net for breaking copyright law is bad, how dare those evil corporations!
I'm not necessarily expressing an opinion either way, I just think it's interesting.
Parent
Re:Gmail's spam filters (Score:4, Insightful)
Actually... I think (even ;) Slashdot is right on this one.
ISPs should not check your email. It's noe of their damn business.
ISPs should check to see if you're generating an excess of emails, slowing the net down for everybody (hey, over 80% of email traffic is spam).
Thus, yes, even I would allow them to have a look at email contents if the amount of generated emails exceeds a certain (very large) amount.
However, they are most certainly not allowed to check the content every time, (even if) looking for spam or the usual eeeeevil terrarist.
Parent
Re:Gmail's spam filters (Score:5, Informative)
I definately agree. I have had no issue with increased spam in my inbox, and as I never check the spam box, I cannot say one way or the other. Me getting one or two spam messages in my inbox every couple of weeks does not say to me that there is an issue with their spam filter.
Parent
Re: (Score:3, Insightful)
You probably should check it at least once a month (since spam messages are deleted after thirty days)—I've had several important messages show up there, and I always use the Not Spam/Report Spam buttons when needed.
Potentially losing genuine mail is far more of a problem than briefly seeing spam in the inbox.
One thing Google could do about incoming spam... (Score:5, Interesting)
Half of the spam I get on my gmail account that actually gets past the filter is in some language other than English... in fact its almost always in Cyrillic as well.
Give me a damn drop down that says "I speak English, anything not in English is not to me".
Won't solve their outgoing problem, but adding "this is my language" support would be a big help on the incoming, at least with my spam patterns.
Re:One thing Google could do about incoming spam.. (Score:4, Interesting)
Yeah I've thought the same thing, too. It wouldn't be that hard to filter. You could just select a charset (like Latin-1) and if less than 90% of the characters in a given message aren't representable in your chosen charset, automatically kill it. That wouldn't require figuring out the actual human language it was written in; it's a pretty trivial automatic test.
Parent
Re:One thing Google could do about incoming spam.. (Score:5, Informative)
Yeah thats why I mentioned the Cyrillic thing.
In reality doing it via language matching should be pretty trivial. I'd hazard a guess if you had a list of 30 languages and you pulled out the top 50 most common words in each language you'd probably have near 100% success in detecting the primary language in an e-mail. I'm sure an algorithm either purely based on that word set or based on a larger dictionary choosen based on that matching could be done to determine with a very high confidence what language an e-mail is in and if there's more than one or two languages in it.
They also know my white list of contacts. In my case I'd bet 90% of my e-mail comes from them so those can be immediately put in the inbox, reducing the number that need to be scanned at all.
Parent
Re:One thing Google could do about incoming spam.. (Score:5, Interesting)
Parent
Re:One thing Google could do about incoming spam.. (Score:4, Insightful)
Spelling checkers is not the compete salutation.
Parent
Re:One thing Google could do about incoming spam.. (Score:5, Informative)
Parent
Re:CAPTCHA is broken (Score:5, Insightful)
Well, as you increase the level of intelligence meeded to go through the CAPTCHA, you start to leave humans out. And this only gets worst as CAPTCHA breakers get better and better, so in that sense, the CAPTCHA is broken, and also in that sense, we have artificial intelligence that is at least as good as the worst humans.
Parent
Re: (Score:3, Interesting)
I don't think CAPTCHA's are being machine broken. I've seen ads outsourcing the typing in of CAPTCHA bidding $1 per 1,000. Try looking at http://www.getafreelancer.com/projects/Data-Entry/Captcha-PROJECT.html [getafreelancer.com] to get an idea of what is going on.
Companies blocking Gmail? (Score:4, Interesting)
The IT staff at my dad's company blocked all communication with Gmail servers a few months ago, on the grounds that it was 'insecure'. Locking down an MS shop (XP/Exchange/etc) from the 'insecurity' of Google (while still accepting hotmail.com emails) still strikes me as a bit odd, but I've been hearing more reports of lax Google security with respect to spam/spammers. Perhaps they (dad's company) were on to something?
Anyone else having issues with people blocking Gmail?
Re:Companies blocking Gmail? (Score:4, Informative)
MS takes security seriously? Perhaps nowadays, but that's a relatively recent trend (last few years), and they've got a lot of mindshare to win back on that score.
If you're going to adopt a policy re: mail, blocking all webmail accounts would make more sense than *just* gmail, especially making that policy months ago. There was more evidence to point to spam originating from compromised Windows boxes than from Gmail.
What the heck does Google Docs have to do with this conversation? But I'll bite anyway... You really think *security* has anything to do with why Google Docs hasn't taken off in the corporate world? Nothing to do with requiring people to be connected (increasing bandwidth costs) and having to use browsers to do work they weren't meant to do (document editing)? No, Google Docs simply can't replicate the functionality corporate workers need right now. Maybe some day it will, but I'd say it's far more likely functionality is keeping it out of business rather than security.
Parent
Re:Companies blocking Gmail? (Score:5, Funny)
Taking his mom was the first mistake.
Parent
Re: (Score:3, Interesting)
I do similar to your catchall domain, but i use wildcard dns... thus:
anything@name.of.site.mydomain.com will come through.
This has the advantage that if i start receiving spams, not only do i know who sold me out, but i can create a dns record for the subdomain to point elsewhere (somewhere invalid, or back at the mailserver of the company that sold me out).
It's still not much of a problem (Score:5, Informative)
I've got maybe 3 a week, which is up from the normal of 1 per month, but it's not really too big of a deal.
IIRC, marking an email as spam or moving the message to the spam folder (if you're using Gmail's IMAP function as I am) helps to train the filter.
It's a big problem for gmail users! (Score:5, Interesting)
It's the outgoing spam from Gmail that's the problem, not the incoming spam, and there's been messages on the Gmail forums about Gmail servers being blocked for spam. If Google doesn't do something about it, then Gmail accounts will end up "read only".
And having Google themselves impose outgoing spam filtering is something else to worry about, if you're a Gmail user.
Parent
Re: (Score:3, Interesting)
Not sure how much of an issue filtering for outgoing spam would be, except perhaps an extra delivery delay. Charge for that feature as 'authorized' accounts, or something like that. I'd pay a nominal fee, tied to a credit card, to 'authenticate' my outgoing mail.
I've never sent anything that's *remotely* spammy, and people I correspond with generally don't.
What problems do you see with outgoing mail being filtered?
Re: (Score:3, Interesting)
What problems do you see with outgoing mail being filtered?
False positives. Even if you never send anything that's remotely spammy, you can still be caught by filters... I dig legitimate mail, including mail that doesn't look at all spammy to me, out of my google *incoming* filters on a regular basis.
I often think the biggest cost of spam has been the decreased reliability of email caused by spam filters making mistakes like that.
Re: (Score:3, Interesting)
I get several incoming emails **a day** that get caught in the inbound email filter. The thing that is so silly is they are all on several mailing lists I subscribe to, so you think the filter would be smart enough to realize gee, this guy has wanted several THOUSAND emails from osg-users, even though this one looks like it might be spam, I'll let it slide and see how this g
Why not apply spam filters on outgoing messages? (Score:5, Insightful)
Gmail used to be touted as the best spam filtering service. Certainly it's good, but apparently they only feel the need to filtering incoming messages. Why not filter outgoing messages as well? Can't quite be a CPU problem, because outgoing has be be just a small fraction of incoming, right?
Is it just tradition? People never expect anything they send to ever have anything done to it? Google could set another precedent in webmail by introducing outgoing filters which would block or slow down mail appearing to be 'spammy'.
Re: (Score:3, Informative)
I have mail accounts which are filtered by SpamAssassin, which does a fairly good job, and it looks like the actual text content of the email can only contribute so much to the spam score. I tried sending myself emails from a different account with text like "president nigeria $8,000,000 viagra penis enlargement rolex' and it stayed below the spam threshold: each spammy subject gives one point, so
Google Groups (Score:5, Informative)
I haven't noticed any particular trouble with spam originating from Gmail, and Gmail has still been pretty good at filtering most of my spam.
But if you really want Google to do something about spam, go after them for their negligence on google groups. They've allowed the service to become almost unusable due to the amount of spam they allow through. For actual Google Groups it's not a big problem, but for USENET groups it is. Most people on USENET are just dropping anything coming from Google Groups outright. Any legitimate posts from Google Groups are considered an "acceptable loss" given the amount of godawful spam they allow through. It really cheeses me off that Google won't do something about it.
Re:Google Groups (Score:5, Insightful)
> Most people on USENET are just dropping anything coming from Google Groups outright.
Google Groups is well overdue for an active Usenet Death Penalty; in my opinion it is the only sanction which will make them take note. It was sufficient to bring Erols and UUNet to their senses. ( There is a conspiracy theory that Google is deliberately flooding Usenet; a UDP would disprove this in addition to forcing action ).
Similarly, widespread blacklisting of Google Mail may be the only means of controlling the huge increase in spam. At present, a few individuals and companies are blacklisting but this is inadequate to make Goliath pay attention.
Parent
Real summary: spammers have cracked the CAPTCHA (Score:5, Informative)
The summary implies that there's something wrong with the GMail spam filters. Actually, the problem is with the GMail spammer filters... the CAPTCHA.
Also, both Google and spammers are being overly complacent about people blocking GMail:
Actually, several sites have blocked Google SMTP hosts that show large spam outflow (it seems to be specific hosts, as if specific accounts are allocated to specific servers or clusters of servers). Including, and I know the irony is thick enough to cut with a knife, MSN Hotmail. There have even been a number of posts to Google's help forums complaining about mail not being sent because Google servers are being blacklisted.
Fix the damn summary! (Score:3, Informative)
Most of the comments on this page are about *incoming* spam to google, when the article itself is about *outgoing* spam from google.
Spew from an unblockable (Score:4, Insightful)
Perhaps the GMail mailadmins will try to stop some, but they probably won't get it all. And they too will rely on GMail being "too big to block" for most mail recepients.
This just highlights how the burden of anti-spam efforts often gets transferred to legitimate email senders by simplistic blocking. The unacknowledged false-positive problem. I have seen these come to a sudden stop when the company loses an important order because it false-positived the prospect.
Re: (Score:3, Insightful)
In the other hand, connection source blocking can cut the connection after receiving a few bytes, but cant do anything again widely used real servers... like gmail.
Complementing this 2 techniques with some sort of user feedback (
Google should hire hit squads (Score:3, Funny)
Re:Google should hire hit squads (Score:5, Interesting)
Blackwater would probably do it.
There's something to be said for this. Many of the major spammers have been identified (see ROKSO [spamhaus.org]). The anti-spam community needs "boots on the ground" to do something about them. There are private companies in that business. Blackwater [blackwaterusa.com] is one; Kroll [kroll.com] is another. Spammers today are part of larger criminal enterprises, which makes them vulnerable to private investigators.
Parent
I didn't read it (Score:3, Interesting)
I just wanted to add something interesting, I forwarded an account to my gmail in order to use gmail's filters to rid me of most of the "sorting" work, periodically I log into the original account to clean it up.
After about 6 months of doing this, I notice when I log into the original account there is almost no spam in it these days.
I guess they lost interest in that email since I never actually look at anything in it.
I wrote the release... (Score:5, Informative)
Well, I did this study and our results are here [roaringpenguin.com].
We in no way imply that Gmail's inbound spam filtering is bad. It's probably excellent. It's just difficult or impractical for Google to filter outbound mail without either human review or complaints because of false-positives.
What we're saying is that spammers are trying to evade IP reputation systems by hijacking organizations with good reputations or which would be impractical to block. There will be a CAPTCHA-cracking arms-race, but unfortunately I think the system will reach equilibrium with spammers quickly breaking CAPTCHAs and continuing to abuse free e-mail systems.
The real issue: Gmail considered secure (Score:5, Insightful)
With most big name email players like gmail, yahoo, etc, now using DomainKeys, the value of having an email address on any such system has skyrocketed. Gmail addresses are also usually even more respectable addresses. So being on gmail and a getting through because DomainKeys work makes it is a privileged domain.
What the proper response should be:
What should really happen is SenderKeys, which augments DomainKeys. You will get your own domain key when you can become "verified" like at Ebay and elsewhere. SenderKeys is implied by DomainKeys.
Re:No spam for me. (Score:5, Funny)
Parent
Require digital signing; people will catch on fast (Score:4, Interesting)
Parent
Re:The usual slashdot response to.. (Score:4, Interesting)
When has that ever been true? From what I can tell from reading the comments to most Google stories, certainly in the past six months, the groupthink seems to be more along the lines of cynicism and criticism. I can't recall any company that gets unanimous praise regardless of its actions. The opposite used to be true, that scorn was heaped onto some companies regardless of their actions (Microsoft is probably the most obvious target of that group-disgust), but even that seems to be waning, there's still the hard-bitten MS-haters, but the view seems to be more balanced and critical these days.
Even the Mac fanboys aren't quite so unfettered any more.
Parent