Spammers Choose GMail 325
EdwardLAN writes "A study by Roaring Penguin has discovered that during the past three weeks, the amount of spam originating from Gmail has risen sharply." My spam has been pretty ridiculously high for the last few weeks, although I have no idea if this is part of it. It really does seem like gmail's spam filters are declining these days.
Why not apply spam filters on outgoing messages? (Score:5, Insightful)
Gmail used to be touted as the best spam filtering service. Certainly it's good, but apparently they only feel the need to filtering incoming messages. Why not filter outgoing messages as well? Can't quite be a CPU problem, because outgoing has be be just a small fraction of incoming, right?
Is it just tradition? People never expect anything they send to ever have anything done to it? Google could set another precedent in webmail by introducing outgoing filters which would block or slow down mail appearing to be 'spammy'.
Something's gotta give (Score:2, Insightful)
more arrests needed (Score:1, Insightful)
Can't they do one of the multi-country coordinated sweeps and arrest like the top 100 spammers all at once?
I know the little guys will fill in eventually and take over but at least it will be calm for a few weeks.
Spew from an unblockable (Score:4, Insightful)
Perhaps the GMail mailadmins will try to stop some, but they probably won't get it all. And they too will rely on GMail being "too big to block" for most mail recepients.
This just highlights how the burden of anti-spam efforts often gets transferred to legitimate email senders by simplistic blocking. The unacknowledged false-positive problem. I have seen these come to a sudden stop when the company loses an important order because it false-positived the prospect.
Re:Invite-Only (Score:3, Insightful)
Maybe they should have just kept the system invite-only, instead of opening it up to everyone -- that would help, the way I see it.
Sure that would help, but it would mean less ad views for Google.
The real issue: Gmail considered secure (Score:5, Insightful)
With most big name email players like gmail, yahoo, etc, now using DomainKeys, the value of having an email address on any such system has skyrocketed. Gmail addresses are also usually even more respectable addresses. So being on gmail and a getting through because DomainKeys work makes it is a privileged domain.
What the proper response should be:
What should really happen is SenderKeys, which augments DomainKeys. You will get your own domain key when you can become "verified" like at Ebay and elsewhere. SenderKeys is implied by DomainKeys.
Re:Gmail's spam filters (Score:5, Insightful)
I find it interesting that gmail's spam filters are in-bound only (If that is in fact the case [citation needed])
on the e-mail system I run, every message gets sent through our spam/virus-detection system. I don't care if it's inbound, or outbound, it gets scanned. period.
yes my site is much smaller than gmail, but still... isn't the first rule "Don't trust the users!"?
Re:CAPTCHA is broken (Score:5, Insightful)
Well, as you increase the level of intelligence meeded to go through the CAPTCHA, you start to leave humans out. And this only gets worst as CAPTCHA breakers get better and better, so in that sense, the CAPTCHA is broken, and also in that sense, we have artificial intelligence that is at least as good as the worst humans.
Re:Invite-Only (Score:1, Insightful)
It would only take one invite for a spammer to get his foot in the door, then he could invite himself over and over again to get many accounts to spam from.
Of course, it would also be easy to shut down the spamming account and all other accounts invited by that one, recursively. But you'd run the risk of removing some legitimate accounts in that process.
I don't know that it would have made GMail all that much cleaner.
Re:Google Groups (Score:5, Insightful)
> Most people on USENET are just dropping anything coming from Google Groups outright.
Google Groups is well overdue for an active Usenet Death Penalty; in my opinion it is the only sanction which will make them take note. It was sufficient to bring Erols and UUNet to their senses. ( There is a conspiracy theory that Google is deliberately flooding Usenet; a UDP would disprove this in addition to forcing action ).
Similarly, widespread blacklisting of Google Mail may be the only means of controlling the huge increase in spam. At present, a few individuals and companies are blacklisting but this is inadequate to make Goliath pay attention.
Re:Invite-Only (Score:5, Insightful)
Two years of beta in the OSS community isn't unheard of. Wine was in an alpha/beta state for what...16 years?
Re:One thing Google could do about incoming spam.. (Score:4, Insightful)
Spelling checkers is not the compete salutation.
Re:Gmail's spam filters (Score:3, Insightful)
I also think ISPs should be forced to do this. If they have a customer who sends massive amounts of email, they should have to investigate the nature of those emails. If they have an IP that is sending out spam, disable that customer's account until the problem is fixed. It would really disrupt a botnet if every time they acquire control of a new computer, the ISP shuts down the connection.
The ISPs claim that P2P software takes up too much bandwidth, but what about all of the spam and other botnet activities?
Re:Gmail's spam filters (Score:3, Insightful)
You probably should check it at least once a month (since spam messages are deleted after thirty days)—I've had several important messages show up there, and I always use the Not Spam/Report Spam buttons when needed.
Potentially losing genuine mail is far more of a problem than briefly seeing spam in the inbox.
Re:Invite-Only (Score:3, Insightful)
Google doesn't get paid for ad views, only ad clicks.
SirWired
Re:Spew from an unblockable (Score:3, Insightful)
In the other hand, connection source blocking can cut the connection after receiving a few bytes, but cant do anything again widely used real servers... like gmail.
Complementing this 2 techniques with some sort of user feedback (bayesian, gmail's "report spam", etc) could help to get spam, cpu and bandwidth low.
About updating blocklists based on spam coming from servers risk adding big servers like er... gmail, as spam is originating in their servers from the point of view of the receiver.
Maybe it's because of ... (Score:3, Insightful)
This [slashdot.org]. [/.]
Comment removed (Score:5, Insightful)
Re:Gmail's spam filters (Score:4, Insightful)
Actually... I think (even ;) Slashdot is right on this one.
ISPs should not check your email. It's noe of their damn business.
ISPs should check to see if you're generating an excess of emails, slowing the net down for everybody (hey, over 80% of email traffic is spam).
Thus, yes, even I would allow them to have a look at email contents if the amount of generated emails exceeds a certain (very large) amount.
However, they are most certainly not allowed to check the content every time, (even if) looking for spam or the usual eeeeevil terrarist.