One Third of Email Now Spam 431
Himanshu writes "The volume of spam received by business has doubled over the last two years and it's going to get worse.
Analysts IDC reckons that spam represented 32 per cent of all email sent on an average day in North America in 2003, doubling from 2001. That figure is less than the 50 per cent or more junk mail statistic commonly cited by email-filtering firms like MessageLabs and Brightmail but it still represents a serious problem,"
Only 32%? ? ? (Score:5, Informative)
From the logs of our anti-spam appliance [barracudanetworks.com], over the last six weeks or so:
That's right, about 96% of our email is spam, viruses, or otherwise ungood.I'd be delighted if the spam dropped off so it were only 32% of our mail. Think of all the things I could do with that extra bandwidth...
In fairness, the study says they were looking at businesses, and this is at a small ISP, mostly residential customers. But it's a good number to chew on nonetheless.
Even more (Score:3, Informative)
Comment removed (Score:4, Informative)
Comment removed (Score:3, Informative)
Thanks to previous raves about Mozilla (Score:5, Informative)
I heard about it here on /. and installed it the same day. At first it marked ALL my mail as spam because I'm on a few list servers, but the adaptive learning function of it is getting much better. After I "unlearned" my list mails as spam, it'd still let about 60% of spam through. Now it gets about 40 out of the 42 spams I get a day. I don't mind deleting two (or hitting "j" for junk), and recent searches through the junk folder show no false positives.
Check it out...
where do they get their numbers... (Score:2, Informative)
Re:For Our CEO it's more like 98 out of 100... (Score:5, Informative)
Stick a mail proxy between the internet and Exchange, that way he still gets to keep using Exchange, and you have a simple proxying machine that can do arbitary scanning and filtering.
You can scan all incoming mail with spamassissin and clamav before it reaches exchange, bounce or drop bad mail and forward "passed" mail into the Exchange server
You could also hookup a challenge response script there too.
I do the same thing for a company mail server running Lotus Notes.
I wouldn't know... (Score:3, Informative)
My mail provider is Yahoo. Boo all you want but I do have to say that Yahoo does a superb job in spam filtering. It is a very rare spam that gets past their filtering. I have quit looking at my bulk mail folder when on the webmail interface anymore because I have seen virtually no false positives there either.
On my home systems I NEVER see the spam at all. I have postfix, procmail, and spamassassin setup to handle it and handle it they do. First off, procmail directs ANY email that has the Yahoo X-filtered-bulk header in it to /dev/null. Anything that gets past this is handled by one of several handy procmail recipes and gets /dev/nulled. Anything that gets past that is handled by spamassassin and gets /dev/nulled. I might see 1 or 2 spams a month, TOPS, that manage to run the entire gauntlet...but then doing "sa-learn" on it brings those particular guys to the /dev/null world.
My wife gets dozens of spams a day at her job, where the network nazis require her to use outlook and wont allow her to install any personal filtering software ala spamassassin. They tell her "Sorry, we feel your pain but we are doing our 'best' to handle spam..." I encourage her to get a laptop to take to work upon which I would install linux for her AND set it up so that she rarely ever gets any spams ever again. When she gets tired of penis enlargement or breast enlargement messages to delete she may take me up on the offer.
On spam filtering, does Snotmail not do something similar to Yahoo with its bulkmail/spam filtering?
Comment removed (Score:2, Informative)
Re:Bah. (Score:5, Informative)
Filtering is removing about 97% of the spam, but even after filtering, I'm getting more spam than real mail.
Most of the spam seems to be selling prescription drugs. It's clear the Bush Administration doesn't want to do anything about this; there's plenty of authority for stopping illegal sales of prescription drugs on-line. Prescription drugs are traceable, after all.
Re:For Our CEO it's more like 98 out of 100... (Score:4, Informative)
Mailwasher [mailwasher.net] - Not a challenge/response like you asked for, but allows you to send bounces back to spam, and delete them off of the server before you donwload them. Can tie into SpamHaus and such.
ChoiceMail [digiportal.com] - Challenge response, both single user and enterprise are available. Single user sits on local machine, enterprise ties into Exchange. Can quickly add anyone in your Outlook contact list to the whitelist, and anyone you send an e-mail to can be set to be whitelisted. The challenge message can be customized. Biggest problem with the bounce (at least in my testing) is that the challenge gets rated as spam by my filters. I'm sure if the challenge was tuned up it wouldn't be that big of a problem. And they have a free trial so you can test it for 14 days
Nephilium
What %? (Score:4, Informative)
Forgetting work -- let's just look at my home domain. Hosting my wife and myself I'll look at my email alone. In the last week we've sent/received 42 legit emails. That's about 6 a day between the two of us. In the same week the average _daily_ traffic looks like this:
I'll start by saying that actual junk mail that may make it to the Inbox in front of me is maybe 1 a week. I find even that annoying. Yesterday, an average day -- there were 109 messages harvested by spam sucking address'. Our daily average [last typical week] at home was 6 emails (sometimes less, sometimes more
By my numbers that is almost 95% of my email traffic which is simply not wanted, nor allowed.
There were also a total of 291 subnets blocked (for various other noticeable offenses
Of course, once blocked there's a URL sent back (-0- lookups in the same time frame) which tells you what to do (email a unblocking address or pickup the phone and call me
They're numbers, well -- just don't jive with my real life experiences.
Comment removed (Score:5, Informative)
Re:So what? (Score:2, Informative)
I Was 5 Minutes from Shutting Down my Mail Server (Score:4, Informative)
I doubt it'll keep spammers at bay forever, so I really should start looking into some more spammer hostile things I can do to my mail server. Worst case, I can always shut the damned thing down. I was ready to do that anyway. If the service is useless to me (Because filtering spam takes so long that I don't have time for anything else) why should I bother running it?
Re:Oh no! (Score:5, Informative)
33% is crap. 5.4milllion out of 6million a day (Score:1, Informative)
Over the past three years, they've gone from 400k to 600k real emails.
In the same time, they've gone from 500k to 6m total mails.
*90% SPAM*, and it takes over two dozen servers to filter it all.
Re:what about server solutions? (Score:5, Informative)
Don't waste your time implementing a content-based filter. The best solution is to incorporate a real-time spam relay blacklist [ordb.org]. I recommend bl.spamcop.net [spamcop.net]. It's very effective and accurate with an extremely low legit mail blocking rate.
RBLs are great because they refuse spammer connections before the mail even gets delivered, so you don't waste bandwidth and system resources downloading spam crap and trying to interpret the contents. RBLs respect the sanctity of the e-mail message as a private communication medium and penalize those ISPs which allow spammers to operate.
If you're using Sendmail, you can also hard-code some of the IP regions where tons of spam is originating (signal-to-noise ratio for most people on the Chinese IP blocks is 0% so why allow them to hit your server in the first place? A few lines in your
Personally, if you want to get aggressive, block the following Class As: 61,80,81,82,83,142,164,193,194,195,196,200,201,20
Set up a web-based e-mail form and put a link to it in your Sendmail access configuration so that if any legit mail gets bounced, they can redirect to a web page to contact you in the [unlikely] event they were inappropriately blocked.
Average? (Score:2, Informative)
My spam filter says differently (Score:1, Informative)
My Solution to Spam (Score:2, Informative)
First, I set my account to scan all incoming e-mail for viruses and trojans. Any e-mail with an infected attachment is automatically deleted. Secondly, I set SpamAssassin to mark any spam with the score 4.1 or higher and move it to a "Junk" folder. Any spam with the score 10 or higher that is sent from anyone who doesn't match my address book is automatically deleted. Any e-mail that is HTML only is rejected and sent back to the sender. Since SpamAssassin doesn't scan e-mail above 249 Kb in size, I have it set to automatically let any e-mail above that size into my Inbox, since it's *most likely* not spam. Then, any e-mail that doesn't meet any or all of the above criteria, but doesn't match any address in my address book, is filtered into a "Gray List" folder, which is periodically reviewed every two-three days or so. Only e-mails that don't meet any or all of the above with e-mail addresses that match my address book are let into my Inbox.
It's a rather complicated system, but it works. For anyone else that uses FastMail (it most likely won't work anywhere else due to FastMail's unique headers), here's my Sieve script -
require ["envelope", "fileinto", "reject", "vacation", "regex", "relational", "comparator-i;ascii-numeric"];
if header
reject "Message bounced by server content filter";
stop;
}
if anyof( header
discard;
stop;
}
if not header
if header
discard;
stop;
}
if header
fileinto "INBOX.Junk";
stop;
}
}
if size
fileinto "Inbox";
} elsif not header
fileinto "INBOX.Gray List";
}
They eat spam (Score:2, Informative)
I love this service.
You can create as many disposable email addresses as you want.
Now you can even send mail, and those little critters won't be able to spam you on these addresses.
Hint, hint !: Create a single, specific address for each address you give, and you will be able to see who sold/gave your email.
And it's free (as in beer).
We are way above average... (Score:3, Informative)
Speaking as one who comes from two IPs in 202/8 (Score:2, Informative)
You sound just like my manager. Just because you personally don't want to talk to someone in Australasia doesn't mean other people your server is serving mail for don't. Whole Class A's and countries is far too coarse. The internet isn't just the United States!
Re:Speaking as one who comes from two IPs in 202/8 (Score:3, Informative)
I wouldn't normally recommend blocking class As, with the exception of 61.* and 218.* and 219.* - they have no legitimate purpose for 99.99% of North America with the exception of the small-penis demographic.
However, in some large IP block cases, it's better to block large areas and redirect people to a form where they can be specifically white-listed, rather than individually blacklist each of the gazillion IPs those goons can't seem to control.
Personally, I really think all of 24.* needs to be blacklisted since it's primarily controlled by a number of grossely irresponsible broadband ISPs who can't seem to control the spamming on their own network. All we'd need would be a few large systems to say "fuck off 24.*" and Comcast, SWBell and a bunch of other screwed up ISPs might get off their asses, or lose their corporate clientele.
99.38% (Score:3, Informative)
970 total messages
6 of which real emails
964 spam.
My SpamAssassin proxy needs a tweak or an upgrade, it only correctly tagged 750 of the spams.
I'm a good-natured sort, but this pisses me off. If I ever meet a spammer I'll fucking kill his ass dead with a 2x4.