WLANs As Spam Conduit 217
Saint Aardvark writes "According to this article, a honeypot was recently set up on two wireless LANs. 25% of the connections observed were deliberate, and 71% of those were to send spam. Even more reason to take care of your ether." These statistics should be taken with a salt lick...
Spam on the cell. (Score:5, Informative)
Port 80 is Perfectly Safe (Score:3, Informative)
There's no problem with keeping port 80 open. It's running an unsecured web-based non-authenticated mail relay that's the problem.
-Waldo Jaquith
Re:Serious? (Score:3, Informative)
Re:4 percent? (Score:5, Informative)
The other 75% is the part that is presumably connecting by mistake.
Sounds familiar (Score:4, Informative)
But within 48 hours, the mail server was found by spammers!
He even had a great idea for anti-spam software/blocking. Set up these honeypots in different geographical locations, but don't publish the addresses; let the spammers find them. Have them accept mail as if they would route it, but do not actually send it out. We can assume any e-mails received are spam. Make a collection of spam e-mails, and have filters block out mail that closely matches all the mails the honeypots have received.
Re:public spots (Score:3, Informative)
Mail, not Spam - and this is Good. (Score:3, Informative)
Re:Please, keep the internet free (Score:3, Informative)
And how is that going to help if your wireless LAN is wide open to anyone passing by? The mail relay is, by definition, open for insiders.
Re:How about... (Score:3, Informative)
Perhaps not as many as you'd think though - I recently switched from Spamfire [matterform.com] (keyword based filter) to POPFile [sourceforge.net] (Bayesian with list of known-to-be-good-senders), and have been very impressed.
It's been running for 10 days, has processed 1108 mails, and made 26 mistakes. Almost all of which were in the first 24 hours - I've been checking my spam folder a couple of times a day, and have had 3 false positives in the last week (all receipts from online orders).
So far it's claiming 97.65% accuracy, with 60% of the mail passing through it being spam.
But 1 false positive is unacceptable (Score:3, Informative)
If I get even one false positive, it means I have to manually wade through the 35 SPAM (actual count today) messages I got today, just incase one was a false positive. In effect the spam matching effort is wasted because I still have to look at all the spam. I want spam elimination software to get rid of the spam so I can go on with my life without paying attention to it. When I have to pay attention to it at all, that means that the software is worthless.
False negatives are not as bad. If I can get rid of all the breast enhancement ads (without losing the gossip about some aunt who got enhancements) my life would be better. But if there is a flase match what is the point?
Email is a tool. I get messages every day that I need to read. Most people don't call me, and I used to encourage that as I would prefer to communicate over email. (almost as fast as a phone, but there is a chance to take those stupid things I tend to say back) Spam has made email nearly useless for general communication though.
Re:But 1 false positive is unacceptable (Score:3, Informative)
In the past six months I have never received even a single piece of spam at my 'notspam' address, which is only advertised through this error messages. And even if any spammers did get hold of it, I could just change the address to something else.
I've had one or two people who sent me a message which was bounced (in both cases it was an email greeting card), and they saw this error message and re-sent to my 'notspam' address. I see this as a MUCH better approach than making me review my spam-bucket email every day.