Spammers Choose GMail 325
EdwardLAN writes "A study by Roaring Penguin has discovered that during the past three weeks, the amount of spam originating from Gmail has risen sharply." My spam has been pretty ridiculously high for the last few weeks, although I have no idea if this is part of it. It really does seem like gmail's spam filters are declining these days.
It's still not much of a problem (Score:5, Informative)
I've got maybe 3 a week, which is up from the normal of 1 per month, but it's not really too big of a deal.
IIRC, marking an email as spam or moving the message to the spam folder (if you're using Gmail's IMAP function as I am) helps to train the filter.
Google Groups (Score:5, Informative)
I haven't noticed any particular trouble with spam originating from Gmail, and Gmail has still been pretty good at filtering most of my spam.
But if you really want Google to do something about spam, go after them for their negligence on google groups. They've allowed the service to become almost unusable due to the amount of spam they allow through. For actual Google Groups it's not a big problem, but for USENET groups it is. Most people on USENET are just dropping anything coming from Google Groups outright. Any legitimate posts from Google Groups are considered an "acceptable loss" given the amount of godawful spam they allow through. It really cheeses me off that Google won't do something about it.
Already predicted (Score:2, Informative)
Real summary: spammers have cracked the CAPTCHA (Score:5, Informative)
The summary implies that there's something wrong with the GMail spam filters. Actually, the problem is with the GMail spammer filters... the CAPTCHA.
Also, both Google and spammers are being overly complacent about people blocking GMail:
Actually, several sites have blocked Google SMTP hosts that show large spam outflow (it seems to be specific hosts, as if specific accounts are allocated to specific servers or clusters of servers). Including, and I know the irony is thick enough to cut with a knife, MSN Hotmail. There have even been a number of posts to Google's help forums complaining about mail not being sent because Google servers are being blacklisted.
Fix the damn summary! (Score:3, Informative)
Most of the comments on this page are about *incoming* spam to google, when the article itself is about *outgoing* spam from google.
Re:One thing Google could do about incoming spam.. (Score:5, Informative)
Yeah thats why I mentioned the Cyrillic thing.
In reality doing it via language matching should be pretty trivial. I'd hazard a guess if you had a list of 30 languages and you pulled out the top 50 most common words in each language you'd probably have near 100% success in detecting the primary language in an e-mail. I'm sure an algorithm either purely based on that word set or based on a larger dictionary choosen based on that matching could be done to determine with a very high confidence what language an e-mail is in and if there's more than one or two languages in it.
They also know my white list of contacts. In my case I'd bet 90% of my e-mail comes from them so those can be immediately put in the inbox, reducing the number that need to be scanned at all.
Re:One thing Google could do about incoming spam.. (Score:5, Informative)
Re:Companies blocking Gmail? (Score:4, Informative)
MS takes security seriously? Perhaps nowadays, but that's a relatively recent trend (last few years), and they've got a lot of mindshare to win back on that score.
If you're going to adopt a policy re: mail, blocking all webmail accounts would make more sense than *just* gmail, especially making that policy months ago. There was more evidence to point to spam originating from compromised Windows boxes than from Gmail.
What the heck does Google Docs have to do with this conversation? But I'll bite anyway... You really think *security* has anything to do with why Google Docs hasn't taken off in the corporate world? Nothing to do with requiring people to be connected (increasing bandwidth costs) and having to use browsers to do work they weren't meant to do (document editing)? No, Google Docs simply can't replicate the functionality corporate workers need right now. Maybe some day it will, but I'd say it's far more likely functionality is keeping it out of business rather than security.
I wrote the release... (Score:5, Informative)
Well, I did this study and our results are here [roaringpenguin.com].
We in no way imply that Gmail's inbound spam filtering is bad. It's probably excellent. It's just difficult or impractical for Google to filter outbound mail without either human review or complaints because of false-positives.
What we're saying is that spammers are trying to evade IP reputation systems by hijacking organizations with good reputations or which would be impractical to block. There will be a CAPTCHA-cracking arms-race, but unfortunately I think the system will reach equilibrium with spammers quickly breaking CAPTCHAs and continuing to abuse free e-mail systems.
Re:Why not apply spam filters on outgoing messages (Score:3, Informative)
I have mail accounts which are filtered by SpamAssassin, which does a fairly good job, and it looks like the actual text content of the email can only contribute so much to the spam score. I tried sending myself emails from a different account with text like "president nigeria $8,000,000 viagra penis enlargement rolex' and it stayed below the spam threshold: each spammy subject gives one point, so that is only 4 points while the spam cutoff is at 5. Blacklisted IP addresses have much more weight, and in addition there are plenty of technical issues that are are spam indicators, such as dynamic IP addresses, forged header lines, HTML-only mail with inline images, and so on.
I don't know what Gmail exactly uses for spam filtering, but the above message sent to my gmail account made it to the inbox with no problem.
Re:Gmail's spam filters (Score:5, Informative)
I definately agree. I have had no issue with increased spam in my inbox, and as I never check the spam box, I cannot say one way or the other. Me getting one or two spam messages in my inbox every couple of weeks does not say to me that there is an issue with their spam filter.
Re:Invite-Only (Score:3, Informative)
I did not say Gmail was OSS. I said "Two years of beta in the OSS community isn't unheard of." I'd edit to change the wording, but I can't.
Re:Actual Origin? Don't blame service provider. (Score:4, Informative)
You linked to the usual "time to pwn" stories, but the reality is that botnets grow nowadays by means of email attachments. Very few (that I know of) trojan attacks are over remotely-exploited vulnerabilities, with patches or not. You are implying that botnets are created when unsuspecting Windows users install nine-year old copies of an unpatched operating system. That's not true, is it?
The previous wave of trojan attacks (with those "admirer has send you a message" subjects) grew botnets dramatically, I think. How do you account for that? Sobig [wikipedia.org] is the fastest spreading trojan ever, and it requires user interaction to infect a machines. It's a proven fact that infections are spread thanks to vulnerabilities with available patches. How do you account for that?
How is that a "continued failure" of "M$" to protected their customers again?
If your Windows machine is in a botnet herd, you probably did something you shouldn't have, or failed to patch your machine. Even the actual remotely-exploitable vulnerabilities like Blaster have had patches available a month before the exploits were seen in wild.
Re:CAPTCHA is broken (Score:3, Informative)
To create your new Gmail account, please translate the following equation into a limerick:
(12 + 144 + 20 + 3 * sqrt(4))/7 + 5 * 11 = 9^2 + 0
Answer:
A Dozen, a Gross, and a Score,
plus three times the square root of four,
divided by seven,
plus five times eleven,
equals nine squared and not a bit more.
via: http://www.trottermath.net/humor/limricks.html [trottermath.net]
Re:Blaming the user now? (Score:2, Informative)
Please be so kind as to reply with the account you originally posted the comment with, not the name troll [slashdot.org] you created for me, or any of your other 12 accounts [slashdot.org].
Also, ad hominems are not particularly useful, they merely tell everyone that your argument was invalid to begin with.
Re:Blaming the user now? (Score:2, Informative)
Oh. Whomever modded me offtopic probably can't see the post I'm replying to? Here it is [slashdot.org]. "deadzero" is one of twitter's accounts, and it was created for the same purpose as all the other name trolls he maintains.