Forgot your password?
typodupeerror
Spam

Spam Doubles, Finding New Ways to Deliver Itself 486

Posted by CmdrTaco
from the soul-crushing-never-ending dept.
An anonymous reader noted that the times is running a piece on the rise in spam that you might have noticed in your inbox over the last 6 months. Gates promised the end of spam by 2006, but they figure it's doubled in the last few months. And best of all, a huge percentage of spam is now images that circumvent traditional text analysis.
This discussion has been archived. No new comments can be posted.

Spam Doubles, Finding New Ways to Deliver Itself

Comments Filter:
  • I don't know why they don't just ban emails with stupid images anyways, or best yet just strip them out of the attachments. If I really want to share pictures I'll put them on a website or Flickr or something.

    If Spammers knew that all of their lovely penny stock .gif puzzle emails were getting stripped of the .gif files, they'd stop sending them.

    Tom
    • Re: (Score:2, Insightful)

      by Anonymous Coward
      Good for you. Personally I'd rather just email one or two images to the inlaws instead of dicking around with a web based system.

      Now, dropping emails that contain images as inline attachments might be a good idea. As would droping any and all emails with a Content-Type of text/html.
      • Re:ban images? (Score:5, Informative)

        by TheRaven64 (641858) on Wednesday December 06, 2006 @01:12PM (#17132096) Journal
        Compromise, and whitelist. Anyone can send you plain text emails, but only people you have emailed can send you emails that are anything other than plain text. Since spam filters do pretty well on plain text emails, this should cut down the incoming spam a lot. If someone wants to send you an email containing an attachment and you haven't emailed them before, then all they need to do is first send one saying 'Hi, I want to send you some pictures, is that okay?' If you reply, then the mail server lets them through the next time.
        • Re: (Score:3, Insightful)

          by nametaken (610866)
          This is going to sound awful, but I've almost stopped trying to come up with solutions. I've implemented some that others have tried and like, but I don't go out of my way. Nothing works well without serious compromises.

          Honestly, I'm glad spam has doubled in the last six months. I say pile it on... but not because I'm some sort of masochist. It became clear to me a long time ago that the current technology for sending email just don't cut it anymore, and we need to move to something new. Anything new i
    • Re:ban images? (Score:5, Insightful)

      by Shakrai (717556) on Wednesday December 06, 2006 @10:44AM (#17129010) Journal

      Yeah, cuz it's not enough that I can no longer relay e-mail directly from my machine. It's not enough that I now have to have reverse DNS otherwise my e-mail gets rejected. It's not enough that e-mails that aren't SPAM get dropped/flagged. It's not enough that many e-mail providers drop useful attachments and scan so intrusively into them that I need to encrypt them if I want the e-mail delivered.

      Let's take away yet more functionality due to spam! That's a great idea. Seriously, I hate SPAM but the zeal to stop it has ruined many useful features of SMTP.

      • Re:ban images? (Score:4, Insightful)

        by tomstdenis (446163) <tomstdenis@@@gmail...com> on Wednesday December 06, 2006 @10:57AM (#17129308) Homepage
        Why not use email for what it was meant for?

        If clients weren't so friendly to "auto show" images this spam would never had existed.

        I too send attachments to folks but usually only source files and/or patches (e.g. really small things).

        I want my email client to read/write messages, not the "web". It's bad that HTML emails exist ...

        Tom
        • by Serious Callers Only (1022605) on Wednesday December 06, 2006 @11:37AM (#17130090)
          If everyone turned off images, html and anything else, we'd get text only spam [templetons.com] instead.

          The real problem is authentication in email. While mail servers accept email with any arbitrary 'from' address, this problem will persist.

          • by Sancho (17056) on Wednesday December 06, 2006 @12:22PM (#17130956) Homepage
            But we can easily deal with text-only spam. The problem is that filters don't know how to read the image to detect whether or not it is spam.
            • by Shazow (263582) <andrey,petrov&shazow,net> on Wednesday December 06, 2006 @01:00PM (#17131814) Homepage
              ASCII art to the rescue.
            • by MBGMorden (803437) on Wednesday December 06, 2006 @01:06PM (#17131944)
              They did for a while. I use a filter (Spamassassin, Postfix, and Amavisd-new based) in front of my main mail server, and a plugin called "FuzzyOCR" uses several open source OCR techniques and could stop a lot of the image spam for a while.

              Of course now that the spammers know this, they're moving around the letters, putting in noise, and throwing various geometric shapes into the background to confuse the OCR.

              The bad thing is, at this point the only thing they're able to use it for is trying to pump up a stock. Any links and we'd kill it dead really quick. It boggles my mind that people could possibly take a "stock tip" from a picture of jumbled up, scrambled words with all sorts of triangles and circles in the background.
              • by fosterNutrition (953798) on Wednesday December 06, 2006 @01:44PM (#17132758) Journal

                It boggles my mind that people could possibly take a "stock tip" from a picture of jumbled up, scrambled words with all sorts of triangles and circles in the background.
                The fact is that most people don't. The real reason these things are so popular is that everyone knows it's a scam. People then feel like they're "in the know," and hence that they can beat the scammer. The idea is that if you know it's a scam, you can buy stock and then dump it before the scammer does.

                This never works, simply because the scammer has such an enormous volume of the stock pre-purchased that they can easily undercut your selling price on the market while still making a profit, and hence their stocks will always be dumped before yours are. Of course, in theory, if you have an even larger volume, and can undercut them, you could profit. That would, however, technically mean you are now the pump and dump scammer, even if they do all the work for you.
        • Re: (Score:3, Interesting)

          by Fozzyuw (950608)

          I want my email client to read/write messages, not the "web". It's bad that HTML emails exist ...

          No joke. HTML in email is a lesson in frustration when trying to design an E-Newsletter or some such marketing thing. Though, once you get your feet dirty, you start to know what you can and cannot do easily.

          However, I do appreciate HTML emails and they have good uses. It's cost-effective and a great way to deliver attractive marketing messages to customers. Of course, that's when I (or one of my compani

      • by giorgiofr (887762)
        Well if you don't mind, I'll do whatever I like on MY mail server - including dropping mail based on arbitrary criteria.
      • Yeah, cuz it's not enough that I can no longer relay e-mail directly from my machine.

        Unless your ISP is blocking outgoing connections to port 25, sure you can. It's up to the recipient whether they want to accept that connection or not.

        It's not enough that I now have to have reverse DNS otherwise my e-mail gets rejected.

        Again, that's a choice made by the recipient.

        It's not enough that e-mails that aren't SPAM get dropped/flagged.

        Again, that's a choice made by the recipient.

        It's not enough that many e-mail p

        • Wrong. (Score:5, Insightful)

          by aussersterne (212916) on Wednesday December 06, 2006 @11:22AM (#17129778) Homepage
          It's not up to the recipient, it's up to the recipient's service provider; most recipients have no idea what is or isn't happening to their email before they get it.

          And we have lost a tremendous amount of functionality due to SPAM. There was a time not so long ago when I could send to a family member: email with an attached photo, email with an attached document, email sent from my own PC and handled with my own SMTP daemon, email that was only two or three lines long, etc.

          Now all of these are likely to be rejected. Even plain text email sent with a large subscription SMTP server is now getting blocked by some friends and family members' service providers simply because the domain of the address (my personal web domain) is not whitelisted and this hits the SPAM score where it hurts. A phone call is great... unless you were hoping to do one of the many useful things you used to be able to accomplish by sending attachments (i.e. send an article you're working on to a friend to have them read it and mark it up with revisions before sending it back).

          So I suppose your answer is that we should all get an @gmail.com account, have to use it via the Web interface to send plain-text only email with zero attachments that's at least five but no more than twenty sentences long and doesn't use the words "sex," "free," or "mortgage."

          Fine, but don't pretend that email hasn't lost a significant amount of functionality due to SPAM or that these restrictions are being imposed democratically by the consensus of common users. Functionality has indeed been lost and the decisions are made by admins at major email providers trying to save costs and manage the tremendous problem that SPAM has become.

          The proper solution isn't to filter more. The proper solution is the death penalty for SPAMmers. I'm quite serious. We execute far too many blue collar criminals in this world and not nearly enough white collar ones. SPAMmers should be first among these.
          • Re:Wrong. (Score:4, Funny)

            by A beautiful mind (821714) on Wednesday December 06, 2006 @11:39AM (#17130114)
            You're advocating a

            () technical (x) legislative ( ) market-based ( ) vigilante

            approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

            ( ) Spammers can easily use it to harvest email addresses
            ( ) Mailing lists and other legitimate email uses would be affected
            ( ) No one will be able to find the guy or collect the money
            ( ) It is defenseless against brute force attacks
            ( ) It will stop spam for two weeks and then we'll be stuck with it
            ( ) Users of email will not put up with it
            ( ) Microsoft will not put up with it
            (x) The police will not put up with it
            ( ) Requires too much cooperation from spammers
            ( ) Requires immediate total cooperation from everybody at once
            ( ) Many email users cannot afford to lose business or alienate potential employers
            ( ) Spammers don't care about invalid addresses in their lists
            (x) Anyone could anonymously destroy anyone else's life or business

            Specifically, your plan fails to account for

            (x) Laws expressly prohibiting it
            ( ) Lack of centrally controlling authority for email
            (x) Open relays in foreign countries
            ( ) Ease of searching tiny alphanumeric address space of all email addresses
            (x) Asshats
            (x) Jurisdictional problems
            ( ) Unpopularity of weird new taxes
            ( ) Public reluctance to accept weird new forms of money
            ( ) Huge existing software investment in SMTP
            ( ) Susceptibility of protocols other than SMTP to attack
            ( ) Willingness of users to install OS patches received by email
            ( ) Armies of worm riddled broadband-connected Windows boxes
            (x) Eternal arms race involved in all filtering approaches
            ( ) Extreme profitability of spam
            (x) Joe jobs and/or identity theft
            ( ) Technically illiterate politicians
            ( ) Extreme stupidity on the part of people who do business with spammers
            (x) Extreme stupidity on the part of people who do business with Microsoft
            ( ) Extreme stupidity on the part of people who do business with Yahoo
            ( ) Dishonesty on the part of spammers themselves
            ( ) Bandwidth costs that are unaffected by client filtering
            ( ) Outlook

            and the following philosophical objections may also apply:

            (x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
            ( ) Any scheme based on opt-out is unacceptable
            ( ) SMTP headers should not be the subject of legislation
            ( ) Blacklists suck
            ( ) Whitelists suck
            ( ) We should be able to talk about Viagra without being censored
            ( ) Countermeasures should not involve wire fraud or credit card fraud
            ( ) Countermeasures should not involve sabotage of public networks
            ( ) Countermeasures must work if phased in gradually
            ( ) Sending email should be free
            ( ) Why should we have to trust you and your servers?
            ( ) Incompatiblity with open source or open source licenses
            ( ) Feel-good measures do nothing to solve the problem
            ( ) Temporary/one-time email addresses are cumbersome
            ( ) I don't want the government reading my email
            (x) Killing them that way is not slow and painful enough

            Furthermore, this is what I think about you:

            (x) Sorry dude, but I don't think it would work.
            ( ) This is a stupid idea, and you're a stupid guy for suggesting it.
            ( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
            • Re:Wrong. (Score:5, Funny)

              by fredklein (532096) on Wednesday December 06, 2006 @01:57PM (#17133034)
              I have a simple, foolproof idea to help eliminate spam.

              Email certification.

              If you want to be able to send Certified Email (CE), you apply for Certification from the company that gives you internet connectivity. They check you out, and 'Certify' you as being a legitimate emailer (ie: not a spammer). Then, you generate a private/public key pair and give them the public one. In the headers of all your email, is their certification, and an encrypted header line that's createdusing your private key.

              When email arrives at the recipients server (or this could be done at the client level, as well), the server sees the certification, and connects to the certifying server to get your public key. It attempts to decrypt the header line. If it does it marks the email as 'certified', if it cannot, it marks the email as 'uncertified', and the email client can be programmed to filter messages based on that.

              Due to the public/private key cryptography, there can be no certified email spoofing. (Assuming the private keys are secure, the keys are of decent length, etc.) All emails are traceable back to the originating server. CORRECTION- all CERTIFIED emails are traceable. Anonymous email is still possible. People can still set up email servers for mailing lists without "having" to get them certified. And people can still receive non-certified mail.

              If an email server sends out spam, the complaints go to it's certifier. They can drop the certification, deleting the public key from their server. When this happens, ALL the email from the spamming server is now 'uncertified', and gets handled accordingly by email clients. If nothing is done, complaints go to THEIR upstream, etc. Individuals and groups can keep their own blacklists, if they wish, and anyone can choose to filter emails according to those lists.

              Now, I've looked over that 'form email' that people like to post to shoot down anti-spam ideas. And nothing applies to this idea. (If something seems to apply, it's because I either left out details, or explained something wrong.) This idea does NOT need to be universally adopted, nor does it need to be adopted by everyone all at once. It's primarily a way of reliably tracing (certified) emails back to their originating server. The anti-spam part comes later: if you receive certified spam, complain and get the server un-certified. If you receive un-certified spam... well, just have your email client dump all uncertified emails in the trash. (Not nessisarilly, you could just use it's un-certifedness as a factor in filtering your email.)

              This idea does not require anything be changed with SMTP. It simply requires a second connection be made to the certifying server. Now, before you bitch about the extra bandwidth, I'd like to remind you that, once this idea catches on, spam will be greatly reduced. This reduction will MORE than make up for the slight increase in bandwidth created in querying the certifying servers. Also, the certifying servers can set time limits on when the certifications expire, and need to be re-downloaded (kind of like DHCP leases). A 'new' company that just applied for certification might have it's certificate set to expire almost instantly. This way, every email they send requires a download of the certificate. This allows the certificate to be pulled rapidly if they start spamming. After a month or two, it could be set to expire weekly or monthly.

              To sum up: Email Certification is reliable way of tracing the certified emails back to their originating server. This allows spammers to be identified unequivocally, and have their certification pulled. Email servers are NOT required to be certified, and anonymous email is still possible. Email recipients can, if they choose, set up their client to send uncertified emails to the trash, or to handle them however they wish. White lists and black lists are still possible. 'Hobby mailing lists' are still possible, certified or not. The extra bandwidth is minimal, and easily overshadowed by the reduction in spam being sen
      • Let's take away yet more functionality due to spam!

        HTML in e-mail was never standard functionality anyway. E-mail is a text medium, which has grown in some ways without growing the infrastructure to go with it.

        What we have needed for a long time is e-mail 2.0: a proper, standardised protocol that deals with text messages including formatting, that is always encrypted, and that includes formal methods to authenticate the source (probably based on some sort of web of trust) and flag unwanted e-mail (to

        • Re:ban images? (Score:5, Interesting)

          by Shakrai (717556) on Wednesday December 06, 2006 @11:14AM (#17129620) Journal

          HTML in e-mail was never standard functionality anyway. E-mail is a text medium, which has grown in some ways without growing the infrastructure to go with it.

          HTML e-mails annoy the hell out of me, mainly because for a long time I was quite content to use older e-mail clients that didn't support them. But that's not what I was lamenting.

          I was lamenting how anti-spam measures have made e-mail less and less useful. It was drowned out by the righteous replies of "I'll do whatever I want with my mail server". You can do whatever you want with your own server. But I'm allowed to lament the fact that e-mail has become less and less useful.

          It seems to me that there is no technological solution to this problem as long as it remains profitable to SPAM. Any technological solution is short lived (i.e: arms race) and will have at least some negative effect. Can't we take away the financial motivation to SPAM? Go after the companies whose products are being sold? The spammer may or may not be offshore or may or may not be using zombies but if that spam message is to be successful then it has to point me at a product. Go after that product!

          That's probably naive of me and smarter people then I have attempted to solve this problem. Still, I miss the days when I could just put up an e-mail server and all it had to do was deliver messages to my users. It wasn't the servers job to care about what was in the message -- it was the clients.

          • Re:ban images? (Score:4, Interesting)

            by aaronl (43811) on Wednesday December 06, 2006 @11:18AM (#17129686) Homepage
            Unfortunately, if you go after the product the spam offers, then it turns into a vehicle to damage a third party. Now when someone doesn't like a company/product, they will pay to have a few millions spam messages sent out, and destroy their competition. Or they will threaten to do the same if said company doesn't pay a large amount of money.

            This happens today with email viruses and botnet attacks, and don't think that it wouldn't happen if you attacked products advertised in spam.
            • by Shakrai (717556)

              Unfortunately, if you go after the product the spam offers, then it turns into a vehicle to damage a third party. Now when someone doesn't like a company/product, they will pay to have a few millions spam messages sent out, and destroy their competition. Or they will threaten to do the same if said company doesn't pay a large amount of money.

              I didn't pretend it would be a perfect solution. But you can't deny that no technological measure is going to solve this problem. It's an arms race -- the proverbi

          • Re: (Score:3, Insightful)

            by geekoid (135745)
            " It wasn't the servers job to care about what was in the message -- it was the clients."

            And it still should be.

            As you point out, the admins have not solved this problem. Mostly because most solutions go after a specific 'attack' and not the problem.

            AS I see it, the best way to help this problem is personal whitelist autogenerated be demanding a one time responce from the sender. No response in 30 days(or whatever) it gets trashed.

            Once an email address has been authorized, then it's golden. If it is authori
      • Re: (Score:3, Funny)

        by mgblst (80109)
        Agreed, I tried to send a cdrom driver to a friend today, and gmail told me that I couldn't. Thanks a lot spam. Even though the file was zipped up.
      • Re: (Score:3, Insightful)

        by Ryan Amos (16972)
        Actually many scanners will not deliver encrypted attachments for this reason. It's a setting you can change in MailScanner, but it's defaulted to block them.
      • by vdboor (827057)

        Yeah, cuz it's not enough that I can no longer relay e-mail directly from my machine..

        Everybody delivers e-mail messages through the SMTP server of their ISP. What is wrong with that?

        Network administrators get thousands of connections from infected machines. They drop those connections, except the connection from the official SMTP server of that IP-block. If someone can't put aside their blind determination to ignore the SMTP of their ISP, or lack a damn good reason to send email directly, their deserve

    • Re: (Score:3, Insightful)

      Who's "they," and how exactly is this ban going to be enforced?

      If I really want to share pictures I'll put them on a website or Flickr or something.

      At which point, we might as well go back to taking pictures on film and sending copies through the mail. [rolls eyes] Practically all the picture-sharing services are an enormous PITA, and not everyone wants to put up every picture they want to show someone on their personal site.

      For corporate servers, I agree, the idea of a no-image-attachments policy makes a
    • Why even bother delivering the junk text?

      If the message comes from a home ISP block, but not from that ISP's mail server(s), and contains a *.gif, then drop it.

      The real home users will be using the ISP's server to send their email. There may be some exceptions to this, but it shouldn't be too difficult to deal with those on a case by case basis.

      Of course, this is from a business perspective. We don't seem to receive a lot of legitimate business email *.gif's from home ISP blocks.
    • ban emails with stupid images anyways

      Who is "they"? I already strip images from my home email. And html. And believe it or not, even Outlook's cheesy filtering system blocks 98% of my spam with very few false positives (and the false positives are generally my wife's goofy friends who send "fwd: fwd: fwd: fwd: fwd re:This is so cool you have to do it!!!!!!1!!!)
    • Cmon', sending Images is essential.

      I don't mind the stock spams so much. Every time I see one I just think of the morons who actually read spam losing their money - it brightens up my day!

    • by canuck57 (662392)

      don't know why they don't just ban emails with stupid images anyways, or best yet just strip them out of the attachments. If I really want to share pictures I'll put them on a website or Flickr or something.

      The answer is as simply as this.

      With all the virus scanning and filtering it sells more servers. More servers is more money for M$.

      Thus, don't fix it.

      To show what I mean, in one environment I know they have sendmail running on 2 old 300MHz UNIX systems for 8 years relaying the mail for 10000 users.

    • If I really want to share pictures I'll put them on a website or Flickr or something.

      Great idea. Which means that I have to: (1) put them on Flickr, making them available to the entire planet - whether I want to or not or (2) put them on Flickr, make an account and then make everybody else deal with accounts and passwords or (3) create a web site to put them on and still have to deal with (1) or (2).

      I think I'll just use snail mail.

    • by PopeRatzo (965947)
      Good idea. In fact, I think it would be a good idea to have my email client discard automatically or mark as spam any email that contains an image where the sender is not on my white list. That would take care of all the .gif puzzle emails.
  • by Rastignac (1014569) on Wednesday December 06, 2006 @10:41AM (#17128944)
    Gates promised the end of spam by 2006. He still has one month to succeed. It is still possible. I'm waiting. I really want to see that. Thanks, Bill.
  • Picture spam (Score:4, Interesting)

    by millwall (622730) on Wednesday December 06, 2006 @10:42AM (#17128978)
    The picture spam not caught by the gmail spam filters that I receive all look very very similar. Randomly generated sentences with buzz words and a "picture text" haussing a certain stock.

    I'm very surprised these all come through the gmail spam filter. By now it should be easy to identify them.
  • by Pig Hogger (10379) <pig.hogger@NoSpAM.gmail.com> on Wednesday December 06, 2006 @10:43AM (#17128988) Journal
    The crux of the problem is the penny-pinching network executives who prefer to run spam sewers where zombies thrive without any supervision.

    Competent sysadmins are expensive, and the idea of, say blocking outbound port 25 would never occur to them, or is brushed-off for stupid reasons.

    The only way out is to exerce pressure on those network owners and the best way to do so is by simply blocking them left and right until they are left with nothing but their huge intranets.

    • by Shakrai (717556)

      The only way out is to exerce pressure on those network owners and the best way to do so is by simply blocking them left and right until they are left with nothing but their huge intranets.

      It's funny that your subject is "it's the bottom line, stupid!" but the idea of going after the bottom line of the spammers products isn't mentioned. Why should we become even more restrictive with networks and e-mail? Why should my outgoing port 25 be blocked because others abuse it? Instead we should be going afte

      • by Lehk228 (705449)
        there is no reason you couldn't have an unblocked subnet which a customer can call and be transfered to as long as they don't start spamming.

        another way is for the combined modem/firewall/routers to be shipped with 25 blocked except to the ISP's servers
        • by Shakrai (717556)
          What bothers me is that everybody on /. is pro network neutrality but also pro blocking port 25. Don't you see the contradiction there?

          My ISP is supposed to give me an unfiltered connection. And last time I checked, getting Mom & Pop ISP to unblock ports for you might be possible. Getting Verizon DSL/Roadrunner/Comcast to do it is next to impossible, short of paying two or three times as much for a 'commercial' account.

      • by Dun Malg (230075) on Wednesday December 06, 2006 @11:39AM (#17130112) Homepage
        Instead we should be going after the money. It doesn't matter if the source of the SPAM is offshore or not. The products they are selling have some sort of presence in the US -- otherwise, why spam Americans?
        The majority of my spam is pump-n'-dump penny stock scamming. There is no product. Just a "wow! this stock is going to take off and go up fifty points! Invest now!" message, and some daytrader jackass somewhere waiting for it to go up half a point so he can sell and make a couple thousand bucks.
        • by M-G (44998) on Wednesday December 06, 2006 @01:33PM (#17132538)
          And the problem is that it appears to work. For giggles, I've tracked a couple of these stocks. If you don't get too greedy, and get out before the spammers (presumably holders of large blocks of stock) dump, you can actually make a good return.

          So if you, as a spam recipient, play along with their stock game, you can make money, while helping drive up the price for the spammers to make their profit.

          As for buying spammed products, I've long held the opinion that no one need to buy any products for the spam to keep flowing. Much like the pump and dump schemes, I get the feeling that a lot of spam originates from people paying for 'internet marketing' services touted in various 'get rich on the internet' programs. So the actual money-making product is the 'service' that's being sold to those down the chain.
          • by kalpol (714519) on Wednesday December 06, 2006 @02:19PM (#17133512) Homepage
            This is a truth rarely pointed out in discussions of spam. I see many many comments along the lines of "if only losers would stop buying their product, spammers would go away..." No, as long as there is hope, some idiot will pay some spam gang to blow a load of email across the face of the net hoping that he'll get rich quick. There could be zero purchases, and the guy will just give up, but what do the spammers care? They have their money and there's always some new moron out there with a grand scheme.
          • by cmholm (69081) <cmholm@NOSPaM.mauiholm.org> on Wednesday December 06, 2006 @04:01PM (#17135422) Homepage Journal
            And the problem is that it appears to work. For giggles, I've tracked a couple of these stocks. If you don't get too greedy, and get out before the spammers (presumably holders of large blocks of stock) dump, you can actually make a good return.

            You should revisit your data, and reread the article. The "problem" is that the scammers buy the stock pre-scam, and dump immediately at the first sign of a price blip. When I plug whichever penny stock into Yahoo, the price spike has always been a day or two in the past by the time my server receives (nevermind by the time I read) the spam touting it, and hasn't lasted more than a few hours.

            So if you, as a spam recipient, play along with their stock game, you can make money, while helping drive up the price for the spammers to make their profit.

            No you can't, unless you are "lucky" enough to be among the first recipients of the spam, and act upon it immediately. Depending on the number of shares outstanding, it may well be your buy of maybe $500 to $1000 that triggers the scammer's sell order. Face it, this is a total non-starter. Research already suggests that the scammers are only netting about 5%, which means they're doing about as well as a successful day trader, with only a little less effort. Since you will be in a reactive mode, you will be putting in more effort with significantly greater risk.
    • by David McBride (183571) <david+slashdot AT dwm DOT me DOT uk> on Wednesday December 06, 2006 @10:58AM (#17129346) Homepage
      My understanding is that botnets, mostly made up of weakly-secured home machines, are the source of the majority of spam. Thus the main problem is not network administrators not taking good care of their networks (which are usually quickly identified and isolated using blocklists), but rather the woefully insecure configuration of home desktop machines out-of-the-box.

      And the blame for that can be squarely placed with Microsoft.
      • by A beautiful mind (821714) on Wednesday December 06, 2006 @11:29AM (#17129912)
        You're essentially correct. Greylisting results confirm what you say. The spam that goes through greylisting is miniscule compared to the amount it blocks, for now. The spam that gets through comes from hacked servers, open relays etc, which are much less common than a compromised windows pc.

        The blame is mostly on MS. Partly in a different way than people think. MS advertises easy to use windows/computers, while that category is fiction. A computer is a complex tool. You can use it easily like you can use a chainsaw easily. The chainsaw eliminating a couple of your fingers is enough deterrent that most people learn to use it properly before that happens.

        A computer is a chainsaw that cuts into someone's finger 2000km away in another country if not used correctly. The user stupidity only causes such big problems because the expectations are out of touch with reality. Computers are not easy to use and can't be made easy to use. Anyone who tells you so lies and sabotages the stability of the Internet.

        What I'm talking about here is the "user stupidity" part of the problems. The Windows security side of the issue is another part of the problems. The "user stupidity" part is grave, because even if someone switches to Linux or BSD or something else than Windows, it is still easy to take over any system with a stupid user's cooperation. The answer is education and readjusting the common thinking about what computers are.
  • by Bananatree3 (872975) on Wednesday December 06, 2006 @10:43AM (#17128994)
    Interesting how things come to pass. Websites like this one and many others have used text-in-image capchas for a couple of years to avoid spam bots. Now, spam bots are using text in images to avoid filters. The spammers have caught up for now, but just wait another couple months/year and anti-spam technology will catch up
  • I gauge my spam intake by looking at my 'held mail' folder at spamcop. At one point a couple of weeks and a few days ago, it was up to over 220 per day (earlier in the year it was about 20 spams a day). For the past week or so, its been at less than fifty per day (today so far its at 30. Normally by this time it was about 150). Something has changed, although my measure may not indicate that spam volume in general has dropped. That's actually interesting to me, because spamcop just catches them and let
    • Alas, I am in the opposite position. I organise the e-mail for a local non-profit, and recently introduced an automated spam filter on all our incoming addresses. A month ago we were trapping under 100 spams a day across those addresses. Now it's well over 200, and rising fast. :-(

  • I get maybe 2-4 unsolicited spam emails a day. I get another 10-20 spams a day from groups that I have an affiliation with.

    -Rick
    • by Utopia (149375)
      Back in 2003 I used to get about 5 spams a day in my hotmail Inbox.
      Now it has dropped to an average of 1 per month.
  • And best of all, a huge percentage of spam is now images that circumvent traditional text analysis.

    Yep, I've seen plenty of that.

    I can't help feeling that this is mostly a solved problem, though. OCR is pretty good these days, and the bad guys have been using text-recognition techniques to foil the more cleverly disguised text in captchas [wikipedia.org] on web sites for a while now. The text in these e-mail images should be relatively easy (algorithmically speaking) to identify.

    Of course, given the volume of spam

    • Re:Image spam? (Score:5, Interesting)

      by Brandon Hume (73471) on Wednesday December 06, 2006 @11:16AM (#17129636) Homepage
      The problem is mainly that the spammers have an absolutely IMMENSE amount of stolen processing power available to them. Botnets with hundreds of thousands of hosts, and many of those PCs have just as much, if not multiple times more processing power than any common server in your rack. Your mail server is built for reliability and I/O, and has a much longer life cycle than a desktop.

      It's nothing for the spammers to analyze a captcha, even if they want to. But for every obfuscated image they send to you, you've got much fewer resources to try and analyze it. Even if you build a monster mail transport (muchos dinaros) they'll just bot a few more idiot machines and overwhelm you.

      In fact, that's apparently a new tactic some of the more scummy spammers have been taking. If your filtering/tarpitting is TOO good, they'll just unleash the whole botnet onto you and crash your mail servers until such time as you see that it's better to take their crap than try to fight them. I've seen admins complaining about it on NANAE.

      It seems outrageous to say this in relation to something as "unimportant" as email... but I really, truly wish we'd start seeing some fatalities amongst the spammer set.
  • Spam 2.0 (Score:5, Funny)

    by choongiri (840652) on Wednesday December 06, 2006 @10:45AM (#17129034) Homepage Journal
    "The new breed of spam -- call it Spam 2.0"

    No, no, no... please, please don't!
  • "And best of all, a huge percentage of spam is now images that circumvent traditional text analysis."

    Yet another reason I love Thunderbird - if the Bayesian spam filter misses it, I still don't see the ad.

    I do still have to waste .25 seconds hitting "Delete" though...

  • Another problem (Score:5, Interesting)

    by Sv-Manowar (772313) on Wednesday December 06, 2006 @10:47AM (#17129072) Homepage Journal
    Good to see them documenting the rise of email spamming, but I'm suprised the article doesn't talk more about the spammers who are running amock across websites rather than people's inboxes nowdays. While the problem of email spam is still growing, it has pretty much always been there and the public are fully aware of it (with mainstream services such as Gmail offering spam protection, etc), the huge rise at the moment is the amount of web applications and sites that are being exploited. Take for instance Youtube (with many of the most popular videos having their comment threads spammed hard), or any mainstream forum software (most commonly phpBB), where spam bots are continually developed to get around registration methods (including OCR) and then spam the forum with either their profiles or posts. Not forgetting the guestbook spamming which many of the people behind these use for SEO purposes, so they can get phising or product selling pages to the top of search engines (even if it is for a day or so before they are penalised/blacklisted).

    While email spamming is still the main problem, it would be nice to see the mainstream media realise that there is a growing danger in people exploiting community websites nowdays, because all it takes is for one of these operations to install enough spyware/get traffic from sites/top search engines for banking/insurance etc websites, then they will start taking consumer's data faster than spam would - all without the majority of customers realising, because they think the main threat is in their inbox.
  • by zappepcs (820751)
    "640k spam emails ought to be enough for anyone..."
  • Do any large email services compare all email over the entire system to check for spam? If gmail receives 4,000,000 messages from the same IP in 5 minutes, each with the same image attached; you can be sure it's spam. That's still defeatable, though.

    The only way I can think of to totally stop the problem is to make it unprofitable. Maybe Bill Gates could stop the problem by producing a high-profile ad campaign telling people to stop buying things from Spam.

  • But the rise of "the rise of spam" articles all over the web.
    We seem to have at least a couple a week.
  • by east coast (590680) on Wednesday December 06, 2006 @10:55AM (#17129266)
    We can hire the A-Team to come in and stop them.

    I pity the fool who litters Mr T's inbox with ads for home equity loans.
    • Ironic since Mr. T is in recent years reduced to doing commercials for home equity loan companies.
  • by rutger21 (132630) on Wednesday December 06, 2006 @10:58AM (#17129336)
    Since about two weeks I am using the image-spam repositories of MSRBL [msrbl.com], and of Sanesecurity [sanesecurity.com]. Using a cron script to fetch the data and keep Clama's database up-to-date works quite well!
  • Fuzzy OCR (Score:5, Informative)

    by Conception (212279) on Wednesday December 06, 2006 @10:59AM (#17129368)
    There is a plugin for Spamassassin called Fuzzy OCR. It's false positive rate is pretty low and I haven't seen image spam for weeks.

    http://fuzzyocr.own-hero.net/wiki/Downloads [own-hero.net]

    • Re: (Score:3, Interesting)

      by jannic (152373)
      I could just throw away every message containing an image, and the false positive rate would still be pretty low. And while doing that, throwing away every executable would be useful as well, to discard most of these stupid worms.
      • Re: (Score:3, Insightful)

        by statusbar (314703)
        I get so much spam that if I just deleted all my email, my false positive vs number of emails 'rate' would be pretty low too.
  • by A beautiful mind (821714) on Wednesday December 06, 2006 @11:00AM (#17129398)
    Greylisting [wikipedia.org]. All MTAs should be RFC compliant, so this one hurts the broken MTA's only, but some find the delay this adds to the normal mailing process unworkable.

    Fortunately you can whitelist known good servers and even use an AWL.

    According to some university administrators I've talked to where it is deployed, 93.6% of all mail is blocked this way. The network is around 20k computers strong. No big mail losses reported.
    • by E-Lad (1262) on Wednesday December 06, 2006 @11:52AM (#17130368) Homepage
      Two weeks ago we implemented 3-factor greylisting here at the university I work at. We went from delivering 700,000 emails per day to 200,000 after turning it on, which works out to about 10 messages per day, per email box on average... certainly a more realistic number. The response from the users has been great (some even thought that our email system was broken at first because they stopped getting so much noise in their inbox/spam folder, the change was that dramatic).

      Naturally, the work-around for spammers is to resend their spams, but they would have to do it from the same IP and with the same envelope from and to address. This means that their army of zombie'd PCs would have to work twice as hard if everyone greylisting was common practice, and likely a require a non-trivial change to the software on these zombies. We'll have to see how it pans out, but after watching my greylist logs and inspecting the spams which do get through, it seems that perhaps a few spammers have already caught on to this, but not all. Most of the spams which do get through our greylisting are subsequently caught by Spamassassin and RBLs, and come from open-relays (those still exist!)
    • Re: (Score:3, Interesting)

      by david.given (6740)

      I wrote my own greylister (<plug>Spey [sf.net]</plug>) and it works really well. (I will also point out that people who complain about it making email too slow have a major education problem --- email doesn't guarantee anything about delivery times. If they rely on the email being delivered within a certain amount of time, then they'll be screwed when that doesn't happen for completely legitimate reasons. But anyway.)

      So far I've only had one false positive: Yahoo Groups. They have this brain-damaged sy

  • by SpecialAgentXXX (623692) on Wednesday December 06, 2006 @11:01AM (#17129406)
    I have had no problems at all using Outlook 2003 with Junk E-mail settings set to high. I have not seen 1 image-spam. However, when I fire up Thunderbird, the image-spam always shows up. I wonder what settings/algorithm MS is using because it works. My corporate E-mail server also blocks all spam. I have not received 1 spam of any type in my office E-mail account.

    So is the problem really an increase in spam or incompetent admins who don't know how to setup their filters to block them? Yes, the size & volume of E-mails may have increased, but if you can filter them they will be deleted before they take up space.
  • by wayne (1579) <wayne@schlitt.net> on Wednesday December 06, 2006 @11:10AM (#17129554) Homepage Journal

    I know people like to rant about the "spam problem" a lot, but for all practical purposes, the problem has been largely solved for several years now.

    If you run reasonable spam filters, including many open source ones, you will not end up with much spam in your inbox. Yeah, there will be lots of spam still being sent, but the real, significant, cost of spam is really mostly people's time, not machines. Any ISP, company or person who gets "too much spam" is simply being penny wise and pound foolish. The same goes for systems that get too may "false positives", that is, legitimate emails being rejected. Almost all of that is due to trying to run "cheap" spam filters, or buying snake-oil systems. Upgrade your mail servers or switch to someone who runs reasonable spam filters.

    The "spam problem" of today is really the "you can't do anything about spam" problem. Too many people are convinced that you can't stop spam, so you shouldn't try harder. The problem is low expectations. The problem is people cutting corners.

    For email senders having problems getting caught in spam filters, some of this is due to people running bogus spam filters and that is the receiver's problem more than yours. Most of the rest is due to either you not running a standard-compliant mail server on a static IP address that can have a reputation built up for you being a good server, or because you really do send out spam, either due to "bad" customers or backscatter (bogus bounces, challenge/repsonse systems, autoresponders, etc.). Don't be cheap and think you can get away with not running spam filters on your outbound email and catching your "bad" customers. Don't be cheap and spew backscatter. Don't be cheap and say you can't afford to do port 25 blocking of dynamic IP addresses, or not allow customers to configure their reverse DNS.

    The vast majority of knowledgable people in the area of spam do not munge their email addresses. The vast majority do not suffer either lots of spam in their inbox nor lots of false positives.

  • One of the reasons that the pump and dump has become so popular for criminals is that the money trail has often gone cold by the time there is enough interest from law enforcement to chase the bad guys.

    The SEC could mostly take pump and dump schemes for penny "pink sheet" stocks off the table by using rules to lengthen the settlement process for sales of those shares or to suspend entirely the trading of stocks in companies that are not fully reporting entities. With fully reporting companies that have leg
  • The ISP restricts the client system to 1 outgoing email per 'n' seconds except if they have applied for a business exception which of course costs more. And sends a monthly email sending report so that the client can see something may be wrong.
  • And best of all, a huge percentage of spam is now images that circumvent traditional text analysis.

    Now look at that statement and think a little. How would we filter this? Gee.. a tough one... hmm...

    Let me think about it...

    (41 years 6 months 10 days later)

    We'll filter e-mails with images! Who needs friggin images in e-mails anyway. They are used for few purposes:

    1. newsletters (aka "nice spam"), but newsletters can learn to be leaner.
    2. pointless (and huge) "image signatures" showing off your latest company
  • A big problem is spam sent to invalid users on a mail server
    which is then have to bounced to somebody else. I guess SPF might help that.
  • Force MS to provide free *nix based hardware firewalls for every Windows user in the world to prevent incoming connections unless the user actively consents. I believe that would cut down on at least 75% of the spam we see. A CD-based firewall would be best as it would prevent hackers from being able to do anything to the firewall that would be lasting. I also think that this will end the war in Iraq. But that's just me.
  • by mmell (832646) <mike.mell@gmail.com> on Wednesday December 06, 2006 @12:03PM (#17130568)
    (1) Get an ISP that isn't currently doing "traffic shaping" (you hear me, Charter Communications? Qwest gave me what you couldn't - a "not shaped" connection to the internet).

    (2) Run *NIX on (at least) one machine in your LAN. (3) Run Sendmail on that machine (or postfix, or whatever MTA you like).

    (4) Listen to your wife and kids complain that their family/friends aren't getting e-mails from them.

    (5) Correct the configuration on your MTA (oops - mea culpa).

    (6) Listen to your wife and kids complain that they're not getting e-mails from their family/friends.

    (7) Correct the configuration of your MTA (again).

    (8) Listen to your wife and kids complain that they're still getting spammed into oblivion.

    (9) Configure mail filters to hold the spam.

    (10) Listen to your wife and kids complain that they're missing valid e-mails.

    (11) (Repeat steps (8)-(10) recursively until (8) and (10) no longer happen.)

    (12) ???

    (13) Profit!^H^H^H^H^H^H^HRelax!

  • by RonBurk (543988) on Wednesday December 06, 2006 @01:07PM (#17131968) Homepage Journal
    I always feel a little guilty when I read people's spam problems. Graylisting plus a database of honeypot addresses (addresses fed to spammers that no human could have ever seen, a la the CBL) sure let me quit fussing with spam.

    No filters (text or otherwise), no false positives, hundreds of spam messages arrive at my server every day, and approximately 1 a day gets through. I can live with that. Sometimes, a legitimate email will get delayed by several hours. Since I often don't check my email for hours at a time, I can live with that too.

    I'm sure there must be some problem that keeps this solution from being widely deployed. But if you're geeky enough to run your own mail server, give it a try. It sure beats fussing with all those filters and crap.

    Has there been an increase in spam? Huh. I didn't notice.

"Life, loathe it or ignore it, you can't like it." -- Marvin the paranoid android

Working...