Despite Gates' Prediction, Spam Far From a Thing of the Past 198
Slatterz writes "Bill Gates declared in 2004 at the World Economic Forum in Switzerland that spam would be 'a thing of the past' within five years. However, Graham Cluley, senior technology consultant at Sophos, has written in a blog post that 'with the prophecy's five-year anniversary approaching, spam continues to cause a headache for companies and home users.'"
Re:I disagree... (Score:5, Informative)
I agree with this both as an IT worker and an email user. A bunch of junk still comes in, but I rarely ever see spam anymore on my gmail or work email. I have an old yahoo account from around 97 that still gets some in, but even there, not much.
I think there's a fish for that sort of thing now (Score:2, Informative)
Really? (Score:5, Informative)
I've slowly switched all my email accounts (business and personal) over to Gmail, and I almost never have to deal with spam anymore.
I still get a fair number of advertising emails from companies I've placed orders from, but they all provide the ability to unsubscribe.
The only people I know still drowning in spam are the ones who are clinging to some ancient ISP-provided address, or who have a poorly managed company mail server.
If those people would simply find a decent email provider, the spammers' market would dry up and spam might become a "thing of the past" once and for all. But for now there's no reason you can't switch to a decent email provider and forget about spam today.
Re:Agree about GMail... (Score:5, Informative)
I've had my Yahoo account since at least 1996, and have used it in many a web form. I get hundreds upon hundreds of spams a day to that address, but only one or two a day actually show up in my Inbox. All the rest are relegated to the spam folder. I consider that a very good success rate.
I disagree with your disagreement (Score:5, Informative)
I would contend that for the average user, spam is essentially a non-issue nowadays.
Just because they don't see it doesn't mean it doesn't cost them. The users have to pay (indirectly) for the cost of the spam traversing the internet, the CPU time for their spam filter to identify and dispose of it, the server space to store it, and the IT employees to refine the filters to acceptable levels of false positives and false negatives.
Just because the users don't see the spam in their inbox doesn't mean it has no impact on them.
Re:The funny thing is (Score:2, Informative)
BTW, parent is on-topic. The reason Gates thought spam would end [bbc.co.uk] wasn't tech, it was economics:
Thanks to Gates' companies' OS and apps being unusually friendly to people who want to automatically run their code on other people's computers, such botnets are able to exist. Thanks to the botnets, spammers get other people to send the spam, thus externalizing any cost. You could charge a billion dollars per spam email and still spam wouldn't end, because the "wrong" people would be getting the bills. ("Wrong" in the sense that they don't originate the spam, even though they bear some responsibility for joining the botnets.)
If users had to pay for their traffic, then spam might end, but at the cost of everyone would switch away from Windows so that they wouldn't have to pay for the spam. If MS counteracted this, by say, making it so that Windows users had to perform an extra step (e.g. make people "chmod u+x virus.exe" to run an attachment after saving it, make the OS not by default automatically execute code on a CD when it is inserted, etc) to opt-in to a botnet, then MS would be flamed for making "unfriendly" products. Users arguably want that insecurity. (?!)
Gates was totally fucked on this prediction, with no way to win. Even if his prediction had turned out correct, he would have still lost.
Re:Getting rid of SPAM (Score:3, Informative)
You both are making me feel inadequate. I've never figured out how to stop receiving spam.
Best I can think of were:
But in practice, my users were still receiving junk mail, and I couldn't seem to do anything.
Any advice?
The list of blacklists I use to reject spam outright:
sbl-xbl.spamhaus.org
list.dsbl.org
bl.csma.biz
cn.ascc.dnsbl.bit.nl
korea.services.net
web.dnsbl.sorbs.net
I've pruned this list to eliminate false-positives, but if you need to receive legitimate mail from China or Korea you'll need to remove those lists.
Next, I use a lot of custom code I've written myself, which is executed by MIMEDefang. I've thrown all kinds of stuff in there.
Finally, I use ClamAV and SpamAssassin (also executed by MIMEDefang). ClamAV can detect certain known phishing scams; unfortunately I had to disable the feature that identifies misdirected links like phroggy.com [example.com] because it was catching a ton of false-positives (including legitimate mail from BANKS! You'd think they'd know better...). I use a few rules from the SpamAssassin Rules Emporium; you'll have to pick and choose which ones work for you.
Or, if you don't want to do all of that work, there are commercial solutions such as Barracuda's firewall thingie. Or, just use GMail.
Re:Agree about GMail... (Score:3, Informative)
I get 2 spam in my inbox every day with gmail.
Mind you I have seen up to 40,000 spam from the last 30 days in my Spam box.
Re:Really? (Score:3, Informative)
The only people I know still drowning in spam are the ones who are clinging to some ancient ISP-provided address, or who have a poorly managed company mail server.
I have an ISP email account and a Gmail account. I only use my ISP email account for things like registering with amazon.com or my bank, because if my Gmail account password is hacked or stolen, I'm screwed. If my ISP email account password is hacked or stolen, at least I can call my ISP and have the password reset.
This issue seems like a big problem with web based email: no recourse if your account password is compromised.
gmail tag is right on the money (Score:3, Informative)
When I still checked my mail on a BSD machine using pine, I had a complex scheme set up using custom IP filters + SpamAssassin. After all that work, I still had 5 or 6 slip through each day out of approximately 140. Since switching to gmail, maybe one slips through per week.
Ironically, thanks to google, Gates prediction is largely true. For me, at least. Spam is a complete afterthought.
Re:GMail's false positives don't bother you? (Score:5, Informative)
The false positives generated by GMail's spam filtering don't piss you off in the least? Not even the fact that you have no direct personal control over the process at all? Nor the fact that, unlike other services like Yahoo, you can't effectively disable it by passing it through, allowing you to use your own more tuned and effective local spam filtering solution (i.e. PopFile)?
It is easy to bypass the spam system, but the way to do it is not obvious. Create a new filter, with just an asterisk in the has the words field. That ensures the filter applies to all messages, even a sender-less, subject-less, body-less email. Then on the actions page select "Never send it to Spam". Apply the filter. Now the spam filtering is bypassed, and no messages will ever end up in the spam folder.
Re:Really? (Score:3, Informative)
More like a job for...
DUNNH DUNNH DUNNNN
Adding a secondary email to your Google account! [google.com]
But turning SSL on [google.com] isn't a bad idea.
Re:I think there's a fish for that sort of thing n (Score:2, Informative)
The problem with Barracuda boxes is that they create backscatter.
I see tons of "Barracuda has rejected your message" bounces from them, and all of it is faked. Why they can't reject mail at SMTP time I don't know.