Google Says Spam Volumes On the Rise 187
alphadogg writes "Despite security researchers' efforts to cut spam down to size, it just keeps growing back. The volume of unsolicited email in the first quarter was around 6 percent higher than a year earlier, according to Google's e-mail filtering division Postini. Security researchers have won a few significant battles against the spammers in the last year, first against those hosting the spammers' control systems, and later against the control systems themselves, but they will have to change tactics again if they want to win the war. In the first half of last year, security researchers concentrated their efforts on identifying the ISPs or hosting companies that allowed command-and-control servers to operate, and shutting these botnet purveyors down. The success of that tactic was short-lived, however."
If One Person Clicks, We All Lose (Score:5, Insightful)
Now, maybe he makes that two grand back in his push and maybe he don't. Maybe your new method reduced his clicks from five hundred to five per month. Either way the best we can hope is that at some point that income shrinks to negative or so little it's not worth his time. The problem is that even if 0.0001% of his spam messages generates a click, he's making bank.
The battle for clean e-mail should be fought on a number of fronts. Public awareness is the key weak link in the chain in my opinion. And as a new net savvy generation arises, that will come naturally.
No matter how much I tell my friends and family to be safe on the net, my friend in Cairo had ten credit cards opened in her name and I had to help her clean it up over here. To make sure it didn't happen again we went over smart procedures like if your bank sends you an e-mail you should read it and then open up your browser by hand and type in the bank's URL as you know it by hand and look for the corresponding information on the site. Yeah, it's a pain in the ass but if you can't find it you can always just call them. Don't click the e-mail link and drop your username and password into some site you don't trust. If I had to guess how she got tripped up, it was when she went to Cairo for school she couldn't afford to talk on the phone and had gotten lazy and careless with doing all her banking online.
Re:If One Person Clicks, We All Lose (Score:5, Interesting)
Re:If One Person Clicks, We All Lose (Score:4, Insightful)
We need that kind of will in the fight against spam. It is expensive at first, but less expensive as people get out of the business.
The problem with your analogy is that kidnapping is a binary operation. You're either doing it or you're not. It's also often coupled with extortion and bodily harm and a host of other very serious crimes.
... where was the failure there?
... you get tax evasion or another white collar crime at best. Sometimes theft or grand larceny across all victims. But come on, the FBI isn't going to get the resources from the federal government to chase that rabbit down its hole when they need back hoes to dig up the whole internet.
... not a special FBI initiative to relentlessly track everyone who spams. Enforcement should be increased but not to the level of tracking kidnappers.
Spamming, on the other hand, is very hazy. What is unsolicited e-mail? People don't take the time to read shit. They just "click click oops, why am I getting these e-mail?" So if they clicked an ad and entered their e-mail address to get thirty thousand acres in farmwars by putting in their e-mail and checking a box that they understand
I just got five messages in a minute from Boingo this weekend. Followed by an apology letter. It was some database template test process run amok that informed me about my account (which I don't have with them). I used them once in an airport. They apologized to me today in another e-mail I didn't ask for! Do we vigilantly hunt them down and jail them?
The problem with your vigilance is that it's often objective to draw the line where spamming stops and legitimate business e-mails start. The crimes that come with spam aren't on the level of human trafficking
The government's CanSPAM act has increased the severity of it when we're sure you were doing it. That's the most you can ask for
Re: (Score:3, Insightful)
Spamming, on the other hand, is very hazy.
No, it is not.
Spammers try to make it appear hazy, but it isn't. 99.999999% of the spam volume is not from some overly zealous marketing temp who sends the company newsletter to a few more people than he should've. Pretty much all the spam you get is from address lists. You buy one of them to send those people mail, you fucking know that you're sending unsolicited mails.
The tiny fraction of mails that fall in the "you actually did sign in and forgot" category is so negliegable, you can ignore it for the gen
Re: (Score:2)
If you send me advertisement that I didn't ask for, you are spamming. It is that simple.
What if it's not an advert? Most of the spam I get is just a random collection of words trying to damage bayesian filters, much like a typical Slashdot post.
Re: (Score:3, Insightful)
If someone stops me on the street and tries to sell a product or get me to give to charity thats not truly spam, even though it is frustrating and at times unwanted.
Multiply that by 1000 or so and you see why spam is a problem.
What about businesses that buy qualified sales leads?
If that "lead" hasn't opted in to receive sales pitches, then for all I care they can die. Just because you made a business out of something doesn't mean you have an eternal subscription to stay in business. We don't have a moral problem about all the torturers and inquisitors that are out of a job because we don't do that kind of stuff anymore, do we?
What about when my Bank sends me promotional material for services they offer that they think might appropriate for me based on my current accounts? These are all advertisements that I didn't ask for, but not truly spam.
In my country, they can only do that if you said they could. It's usually a smallprint somewhere
Re:If One Person Clicks, We All Lose (Score:4, Interesting)
I think it is pretty easy to differentiate between spam and not-spam. If the person sending the unsolicited mail tries to obfuscate how or from where they are sending the mail, then it is spam. If it is a company that clearly lists who they are, then they can be held liable (whether by being sued or by public opinion) for what they send out. There is no reason for law enforcement to get involved if the civil sector can sort it out. If, on the other hand, there is no reasonable way to trace the unsolicited email back to a person, they are trying to limit the ability of the civil sector to deal with them, so law enforcement should get involved.
But, that is just my opinion.
Re:If One Person Clicks, We All Lose (Score:5, Interesting)
Good point. The strategy was invented by the Romans, in case you care. The Roman Empire had a kind of primary objective on any and all sieges, namely that they win. No matter how long or what ressources it takes, there was the order from Rome that they will never leave defeated.
A famous mountain fort considered itself invulnerable due to natural features - there was only one small path up to the fortress. The romans built a big camp at the foot of the mountain and started building a ramp. It took them years to build it, but they did it, and took the invulnerable fortress.
That's why one day, when the roman army had just begun besieging another city, its ambassador came for talks, and he boasted "we have food for ten years". To which the romans replied "then we will accept your surrender in the eleventh". The next day, the city surrendered.
I'm telling that story because I like it a lot, but also because it shows that insane investment can pay off in the end. Yes, the romans poured ressources into a few sieges that were far beyond what they gained. But once the word had spread, the return-on-investment came.
There are two things we have to do to get rid of spam, minus the small amount you can never get rid off.
One is to make it very hard to make a profit via spam. A few simple laws could cover that. Going through the credit card companies would probably work great. Simply allow people a chargeback for any and all products sold via spam. All you have to do is send the spam message to the credit card company and ask for it. The CC company may not charge you. They don't want to pay for the trouble themselves, either. They will charge the merchant. That would pretty much eliminate all the non-working crap that's being sold via spam.
Two is to go absolutely anal on the spammers themselves. While #1 reduces the ROI, #2 increases the risk. Once you do that, the business case for being a spammer goes away. I don't necessarily mean higher penalties, but more effort in actually bringing them to justice, in an international effort.
Re: (Score:2)
I like the story too.
Could you, please, provide the necessary info for me to find a more detailed description of the facts? (forts and city names should be sufficient).
Re: (Score:3, Informative)
Re: (Score:2)
Re: (Score:2)
I'm telling that story because I like it a lot, but also because it shows that insane investment can pay off in the end. Yes, the romans poured ressources into a few sieges that were far beyond what they gained. But once the word had spread, the return-on-investment came.
That's how I've been told bank robberies are managed. Spread among the criminals the idea that whoever robs a bank will be hunt down and killed, even if it's more expensive than the robbed money.
Re: (Score:2, Funny)
Your post advocates a
( ) technical ( )
Re: (Score:2)
The template reply is a lot more funny if the answers aren't checked randomly. To pick out just one:
(X) No one will be able to find the guy or collect the money
So the CC company that he uses to be paid by his customers will be unable to find him?
Re: (Score:2)
"better" answer we start locating the datacenters used cut the outbound network lines and then level the DC
(use Naval Gunfire or Bombers as required). And of course we would cut the outbound lines first to prevent switchover and then fire/drop warning round so that the folks can evac before the center goes up (or down as the case may be).
Re: (Score:2)
The person sending the spam isn't necessary the same person selling the goods; and I very much doubt that Viagra companies pay spammers via credit card.
Also your idea wouldn't solve the spam issue. All it would do is provide a way for people to steal legitimate purchases the same way fraudsters used to do with ebay and paypal purchases.
So I buy a Samsung TV and get the credit card company to do a charge back because I got a newsletter or I forge some email myself?
Your idea is completely ridiculous, stop def
Re: (Score:2)
Re: (Score:2)
The way to do it is to target the machines that are sending the spam. So far, much of the effort has been to take down the control networks for the bots. I think that internationally ISPs should agree to charge people trivial amounts for each e-mail sent. People who own infected computers would take notice pretty quickly and take steps to clean up their machines. Legitimate advertisers would have to organize arrangements with the ISPs, but I wouldn't be too sad if that got cut down on as well. Ideally, the
Re: (Score:2)
I think the analogy is valid at other levels. Like recreational drugs, people se
Re: (Score:2)
Re: (Score:2)
Re: (Score:2, Insightful)
Actually, if you look at it purely in monetary terms, spam is probably a bigger problem in the United States than terrorism. Obviously, spam rarely kills anyone, but in terms of murder, terrorism is not as significant a driver of tragedy in America as the US government would like you to think.
Re: (Score:2)
There's no probably about it. How many terrorist incidents have you had in the last 10 years other than 9/11? I'm pretty sure I could count them on the fingers of one hand.
Re: (Score:2)
Maybe we could trick the terrorists into killing the spammers (& telemarketers).
Re: (Score:2)
1 minute of 10,000,000 peoples time, once? Once per day? 10 times per day?
What happens when those spammers get the life savings of Grandma? What happens when they get the life savings of 10 people? What happens if those people get sick but can't get the meds?
My life isn't going great right now. I volunteer to take one for the team* if spam and scammers, from my death forward stopped completely once and for all.
*As long as it's something awesome and painless.
Re: (Score:2)
Re: (Score:2)
What's worse, a murderer or someone who willfully wastes 1 minute of 10,000,000 peoples' time?
I dunno, if one of these people who keeps buying stuff from spam gets killed by fake/off-spec pills does that make the spammer a murderer?
Re: (Score:2)
Actually, if you look at it purely in monetary terms, piracy is probably a bigger problem in the United States than terrorism. Obviously, piracy rarely kills anyone, but in terms of murder, terrorism is not as significant a driver of tragedy in America as the US government would like you to think.
If you remember from all those piracy and P2P stories, most people say that police should rather be investigating real crimes like murder, rape and terrorism. Spam and piracy are both crimes, but I would think that most people think to those the same way. They're inconvenience or money lost, but they don't hurt people. If we go by monetary terms, I think piracy is a lot bigger problem.
Lets re-word the GP too...
They use whatever resources are needed to track down and bust the kidnappers, however long it takes. We need that kind of will in the fight against piracy. It is expensive at first, but less expensive as people get out of the business [and P2P sites and networks closed].
Except that piracy is generally not a crime. It's almost always a civil tort.
Re: (Score:2)
I think he means the type of piracy that takes place off the coast of Somalia. If you have to sail your American owned ship the other way round Africa to avoid them, that costs a lot of money.
Re: (Score:2)
Sopssa's post would make a lot more sense that way, but I've never heard of the term P2P being used in relation to steal-your-boat piracy.
If you remember from all those piracy and P2P stories
(wait, am I getting whooshed?)
Re: (Score:2)
Re: (Score:2)
Re:If One Person Clicks, We All Lose (Score:5, Informative)
I don't think you realize just how much time, energy (electricity to run the infrastructure, cool said infrastructure etc), and manpower is wasted because of spam.
Lets put it this way.
To deal with spam at my company, we use a 10-server cluster. This cluster may seem excessive to you... but note that we get alarms once or twice daily that the load on one of the nodes has exceeded critical levels.
Now, comes the fun part.
These servers use about 3 amps each, at 110v RMS. If left without cooling, they would quickly melt down - so add on the air conditioning. I won't factor the AC into this calculation because it cools many other things too, but just be aware of it's presence.
So, we have 30 ampers at 110v 24/7/365. Now P=VA (where P = watts) so:
3300 = 30 * 110
These servers are responsible for a total energy use of 3.3 kW on average. Every day has 24 hours, and lets settle on say 29 days/m. This comes out to 696 hours per month. 3.3 kW * 696 = 2296.8 kWh per month.
Holy shit! This is a fairly small datacenter too.
So, you see... take this little anecdotal calculation and scale it up worldwide... and you begin to see the problem.
Re: (Score:3, Insightful)
So?
The cost that I just figured is pure loss.
Not a loss cut from a greater profit - this is stone cold 100% loss... and this is just to keep the stuff that deals with it ON. It gets even worse when you factor in the cost of people to manage/administer them, cost of bandwidth, cost of the equipment itself...
The list goes on, and the tally grows larger. Piracy is peanuts on this scale.
Re: (Score:2)
Piracy only causes losses equal to what pirates would buy if they couldn't pirate, not equal to what they pirated. Think of it as opportunity costs - sure, it's money you might have made if you'd done things differently, but actual cost is what comes out of your pocket.
The trick for measuring the value of opportunity costs, similar to measuring the cost of piracy, is determining how much of that speculative loss could be turned into income.
Re: (Score:2)
You make the classic, giant "mistake"* of assuming that 1 piece of pirated media = 1 lost sale. If I make short films and sell them for $300 a copy (say I'm an "edgy" beret-wearing European independent filmmaker who feels my movies are worth this much), and 1 million high school kids all around the world torrent it instead, do you think I "lost" three hundred million dollars? I'd say it would be the height of narcissistic self-entitlement to call any of it losses. If a crate of them was stolen from a wareho
Re: (Score:3, Insightful)
Re: (Score:2)
According to the GP, neither did terrorism... directly. National airspace being shut down for three days was an overreaction due to the outrage of the public. Now, if the terrorists had somehow disabled critical aviation controls so that no planes could fly, you would have a point.
I'm not saying that I agree with the GP's perspective, I'm just saying that your response is off the mark.
Re: (Score:2, Insightful)
Doing something extra for airplane security in the time immediately following a multi-plane incident makes sense. It should have been business as usual the day after.
It's very understandable that American leadership chose and continue to ch
Re: (Score:2)
While I don't wish to belittle the work of people who are literally saving lives, you do realise the only reason anybody's email account is even remotely usable is because all they have to do is "mash the delete key a few times"?
If your email address has been in the wild for any length of time, it's safe to assume that at least 90 spams are being discarded behind the scenes for every legitimate email you receive - and that's assuming the system in use is not very good at dealing with the risk of false posit
Re:If One Person Clicks, We All Lose (Score:4, Insightful)
Yes, because the inconvenience of mashing the 'delete" key a few times is exactly comparable to the inconvenience of having a family member kidnapped and held against their will.
You have heard about scaling factors sometime during your education, haven't you?
A small crime done to millions sums up. The math has been done before. The "few seconds" times the amount of spam just one of the major spammers sends out in a month comes to easily an entire human lifetime.
Re: (Score:3, Insightful)
Traffic is a crime :-)
The difference is that in one case, someone is making a commercial profit off your expense. A spammer is essentially someone who steals half a cent from you and everyone else, every day. Sure, it's not much, but for him it adds up. And so does it for society as a whole. The damage to each individual is small, but to us all as a group, it is huge. Easily higher than a kidnapping.
Traffic jams, OTOH, are not something that someone has intentionally create in order to make a buck.
Re: (Score:2)
Interestingly, if the same person managed to transfer $0.005 from each bank account in the U.S. just one time, the FBI would hunt him to the ends of the earth. If he did it every single day, they'd mount the biggest manhunt in history.
Re: (Score:2)
Unfortunately, even if the income shrinks to negative or so little it's not worth the time, the spam will keep flowing - because someone will thi
Re: (Score:3, Interesting)
In fact, on the topic of profitability, I seem to recall reading that renting out botnets to spammers is much more lucrative than the actual spamming nowadays...
Yep... the spammers themselves are getting suckered just as much as the people they’re trying to sucker.
But as long as there’s another spammer who’s eager to make a quick buck, there will be people ready to rent him a few million cheap e-mail addresses and a botnet to send the spam with.
Re: (Score:3, Interesting)
Massive botnets for rent to the highest bidder are a threat to national security. Send the army out to find and kill the bastards. Unlike terrorists living in caves, they have to have regular contact with banks and other aspects of the modern world, so they CAN be found.
Re: (Score:2)
The battle for clean e-mail should be fought on a number of fronts. Public awareness is the key weak link in the chain in my opinion. And as a new net savvy generation arises, that will come naturally.
That is a good idea, but it won't solve the problem - or even make a huge dent in it - on its own. Even with the new "net savvy" users, there are still plenty of users (including new users) who are uninformed and don't want to be informed. There are still plenty of technophobes who are getting on the internet because junior's teacher wanted him to look something up on wikipedia. And when mommy and daddy are both technophobes, junior won't likely be that much different.
That said, you almost hit the cor
Re: (Score:2)
Re: (Score:2)
If you are successful at combating spam, you will see a rising volume. Here is the chain reaction that takes place:
Now, maybe he makes that two grand back in his push and maybe he don't. Maybe your new method reduced his clicks from five hundred to five per month. Either way the best we can hope is that at some point that income shrinks to negative or so little it's not worth his time. The problem is that even if 0.0001% of his spam messages generates a click, he's making bank. The battle for clean e-mail should be fought on a number of fronts. Public awareness is the key weak link in the chain in my opinion. And as a new net savvy generation arises, that will come naturally. No matter how much I tell my friends and family to be safe on the net, my friend in Cairo had ten credit cards opened in her name and I had to help her clean it up over here. To make sure it didn't happen again we went over smart procedures like if your bank sends you an e-mail you should read it and then open up your browser by hand and type in the bank's URL as you know it by hand and look for the corresponding information on the site. Yeah, it's a pain in the ass but if you can't find it you can always just call them. Don't click the e-mail link and drop your username and password into some site you don't trust. If I had to guess how she got tripped up, it was when she went to Cairo for school she couldn't afford to talk on the phone and had gotten lazy and careless with doing all her banking online.
That's why spam has become an arms race, an exchange of measures and countermeasures. The only real solution is to get the word out and equip the average Internet user to identify spam and understand why it should never be responded to. That would remove the profits from the spammers and force them out of business. Then and only then will the spam problem end.
Re: (Score:2)
Re: (Score:2)
This description is from the spam merchant's POV, not the spammer who operates the spamming equipment. The merchant wants to get his message out to X people. The spam operators charge money per address.
What'll happen here is the spam operators will find it more difficult to operate in conditions of continual crackdowns. Taking down a 100,000 bot net does not suddenly create 10 10,000 bot networks. The laws of supply and demand will kick in, meaning the price-per-address will rise. And spammers are going
Re: (Score:2)
Ten grand a month sounds a bit high. I'm willing to bet these people make about minimum wage. Enough to keep up with rent in a trailer park and fill the fridge with Miller High Life. That's why it's so hard to get rid of. These are people with no other prospects, and nothing to lose.
Re:If One Person Clicks, We All Lose (Score:4, Insightful)
Learn to use the internet safely or stay off it.
Unfortunately, staying OFF the net completely is becoming more and more difficult. From making your homework at school to searching for products for your job, it becomes increasingly hard for Joe Average NOT to use the Internet.
I think that we eventually will get most people aware of how to act safely on the Internet. But as in real life, there will always be fools who can't be educated.
What about... (Score:3, Interesting)
...the amount of spam that actually makes it to an inbox, instead of being dumped into a junk folder or blocked outright?
Re:What about... (Score:5, Insightful)
It still has to travel thru email servers & routers costing money via electrical & bandwidth costs.
Comment removed (Score:4, Insightful)
Re: (Score:2)
I don't think anyone claims that bandwidth doesn't cost money.
My guess is you're referring to articles where telecom giants try to get a company like Google to pay for transferring their content. In those instances people here argue that Google has already paid and the consumer has paid their ISP too so why should the ISP company get extra money for nothing.
Re:What about... (Score:5, Informative)
Network bandwidth taken by emails is indeed nearly free -- a typical piece of spam is just around 5KB (median). Yet, with more and more complex processing needed to run spam filters, you need quite a bit of CPU to weed them out. Looking at my logs, SpamAssassin runs are around 8 seconds each. Part of that time is spent for DNS queries, but there's a number of CPU-intensive tests as well.
And servers are certainly not free.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
If this is a chronic problem, you're better off just getting some cheap host and quickly setting up bind or tinydns to serve the requests. Heck, I ran a DNS server that served about 100 domains off of a P2 350 with 128MB of ram for over 10 years. It's really not CPU intensive. And there's plenty of docs out there for typical setups that you could probably set up your own DNS server in the time it takes you to deal with just one of these provider-caused outages.
Let's face it, blocking off large swathes of th
Re: (Score:2)
I was referring more to how much spam blocking technology has increased compared to the increase in spam volume...
Re: (Score:2)
I don't see much spam in my inbox, but I occasionally get lots of backscatter in my inbox - maybe 10 messages a day for a week, and then nothing for a few months.
1 : 10.000 (Score:2)
Still important to the count (Score:2)
...the amount of spam that actually makes it to an inbox, instead of being dumped into a junk folder or blocked outright?
That spam is, at the very least, equally as costly as spam that makes it to the inbox. Sure, it uses less of the users' time, but it still takes CPU time, network bandwidth, and storage (somewhere).
People who rely on their filters (or similar practices) upstream of their inbox to deal with the spam problem often overlook that very important point. That is part of why filters will never be the real solution to the spam problem.
email is broken. It doen't scale. (Score:2)
what i mean by that is that it doesn't scale for the individual, the technology does scale.
It is far too easy for people to get in contact with me via email. My time is wasted reading their junk, and this includes corporate spam as well. We can try lots of technical solutions, but i think i'll go down a subscription model.
You paypal me a dollar a year and i'll whitelist your email address, otherwise, go away. A few trusted friends and family get whitelisted for free.
Re: (Score:2)
spam will be with us forever (Score:3, Insightful)
constantly fighting it is just one of those maintenance functions of civilization
you don't declare a war on spam, win it, and then spam is forever gone. thats not the nature of the problem. its forever reborn as some "brilliant idea" in the mind of some asshole out there who has no problem abusing the commons for selfish gain. it requires constant eradication. additionally, you can't completely automate the process of spam destruction. spam is created by creative human beings. human beings always find away around any locked door. and therefore it will require the constant effort of creative human beings dedicated to police work to forever fight these other creative beings who have no decency. that's just the way it is. its stasis: good guys versus bad guys, forever
the same applies to hard core drug addicts, pedophilia, terrorism, etc: you don't declare war on terrorism, pedophilia, or hard core drugs, win it, and then those phenomena are gone forever. thats not the nature of those problems. they will always be low grade problems that always reassert themselves. unless you stop fighting them: in which case they metastasize into worse problems
as long as civilization exists, certain classes of utterly intolerable problems (problems that you cannot in any way reclassify as tolerable problems) will continually reassert themselves in every generation, and, for the sake of the health of society, require constant hard effort to simply keep them as low grade issues that don't expand into worse problems
Re: (Score:2)
True, the same way we can never completely abolish burglary. However, we CAN cut it down to the point where spam is not the majority of email much like we make sure that burglary isn't the majority of visits to a home.
Re: (Score:2)
you don't declare a war on spam, win it, and then spam is forever gone
Why not? It worked on drugs, terrorism, obesity and poverty.
What are you, some kind of fat, poor, scary junkie?
Hey, wait a minute. I know some people like that.
Re: (Score:2)
Re: (Score:2)
Drugs like Meth, Coke, etc shouldn't be legal for the very reasons you outline...but the users of those substances shouldn't be treated like criminals either.
Rehabilitate the users, imprison the dealers.
That being said, I think "designer drugs" aren't too far off in our future (2-3 decades at the most). Think about it...pharmaceutical companies already develop a huge number of different substances...so why not synthesized drugs made for a specific experience?
I certainly wouldn't take them, but I know plent
Re: (Score:2)
For facts showing that it works: http://www.time.com/time/health/article/0,8599,1893946,00.html [time.com] :)
One of the few things we can be proud of
Well, if they enable us to travel in time [wikipedia.org], I'd take it!
Re: (Score:2)
Interestingly, we have historical proof that heroine addiction doesn't create the state you propose when it's legal. WWI made many otherwise normal people into heroine addicts (back when we thought it was less addictive than morphine). Many of those unwilling addicts lead productive lives after the war.
I certainly don't advocate heroine addiction, but evidence suggests that junkies are what they are through being dysfunctional to begin with and then unable to support their habit legally due to the war on dr
which is of course bullshit (Score:2, Troll)
because people are constantly getting emails from people they never got email from before, and they WANT that functionality, for a million reasons, from registering for a site to getting a query from an old classmate to getting a reply from a stranger about a blog post
the whitelisting you describe is obviously not the solution
collateral damage (Score:2)
I've felt the pain of this battle myself. I moved to a new host, and Google rejected every message sent by my mail server as being spam. They redirected me to their "bulk email policy," which is absurd. My server has never sent anything even remotely similar to bulk email. I spent days jumping through Google's hoops (by enabling SPF, etc.) and their mail server started ACCEPTING mail from my server at least, but it still routes it all to the Spams folder in GMail.
The worst part is that Google doesn't even l
Re:collateral damage (Score:4, Insightful)
Sounds like you switched to a less-than-reputable host...
Re: (Score:2)
I am not sharing my IP address with anyone else. Google is inarguably falsely implicating my mail server as being a spam source.
I can't afford a lawyer yet, but it is only a matter of time until someone a little bigger runs into this problem.
Re:collateral damage (Score:4, Insightful)
Contact your host, or switch. It isn’t Google’s fault if you signed up for a host which got its entire IP range blacklisted by allowing its customers to send spam and ignoring the subsequent spam complaints. I’m not saying that’s definitely what happened, but there’s a good likelihood it’s exactly what happened.
It’s unreasonable to expect Google to start white-listing customers from a sleazy host on an individual basis. Screening customers is the host’s job and they failed; now they got blacklisted and all their customers suffer. Yell at the hosting company, not Google. If enough of their customers leave because they aren’t cracking down on the spammers, they’ll suddenly realise that not doing anything about the spam is hurting them economically just as much as terminating a few spamming customers would. And if they don’t realise this, or if it wouldn’t... that isn’t the sort of host you want to be associated with.
Re: (Score:2)
Re: (Score:2)
If they were up to snuff they’d do something about that.
It's all about the Benjamins... (Score:2)
Re: (Score:2)
Worse yet, the business model ensures this is the case.
Business needs marketing, so they pay $100 for a million spams. Spammer takes $100, sends out million spams. Spammer gets $100 from next business and so on ad naseum.
It doesn't matter if the guy paying the spammer gets $100 worth
Anti-Spam Networks (Score:2)
I don't know why the superior resources of spam recipients aren't harnessed to overwhelm spammers and their spam.
Whenever a message is identified as spam, either by a server or by a recipient, that message should be registered in a database network shared among servers and recipients. Then all those servers and recipients in the network should automatically identify that message as spam.
The automarking should also mark messages very similar as spam. And the "votes" from immediate identifiers should count to
anti-spam resource allocation (Score:2)
Whenever a message is identified as spam, either by a server or by a recipient, that message should be registered in a database network shared among servers and recipients. Then all those servers and recipients in the network should automatically identify that message as spam.
So it sounds like you are advocating for devoting more resources to fighting spam - specifically more network and CPU resources.
Which leads me to the question of who will pay for this? As it is, companies are already buying dedicated anti-spam hardware, and individuals (and some companies) are paying for anti-spam software as well. But who would want to pay for a distributed collection of servers to spend their CPU time and bandwidth on processing email? And whose email would be processed? Would you
Re: (Score:2)
No, the network is just interconnecting the resources used by existing antispam applications. Which already scan entire mail queues - however much work and intrusion that might be.
I'm talking about making the existing resources vastly more efficient by eliminating the redundancy of separate recipients each scanning the same message to determine whether it's spam. And closing the percentage of missed spam by allowing multiple different scanners to spot it their way.
And indeed I also explicitly specified the
Re: (Score:2)
No, the network is just interconnecting the resources used by existing antispam applications. Which already scan entire mail queues - however much work and intrusion that might be.
Which would generate more network traffic than letting the last mail host scan it in whatever way it is configured to do so. Simultaneously you would be increasing the work load of each system that scans, as it would be scanning more mail than it did before.
I'm talking about making the existing resources vastly more efficient by eliminating the redundancy of separate recipients each scanning the same message to determine whether it's spam. And closing the percentage of missed spam by allowing multiple different scanners to spot it their way.
Those sound like two different aims there. You want to work at "eliminating the redundancy" while also "allowing multiple different scanners to spot it their way". I don't see how you can do both.
And indeed I also explicitly specified the FBI and other cops should go after the root of the problem: spammers.
Sorry, wrong answer. The FBI and other US police fo
Re: (Score:2)
No, you don't understand what I wrote. Or maybe you don't understand what is the load of the actual processing and transmission in the different cases.
Instead of each machine scanning the same message, only a few machines that get it first scan it. They generate a hash and distribute it to the other machines receiving messages. Those machines need only generate a hash of incoming messages, which is not as intensive as scanning it for spam (like bayesian algorithms). The hashes do increase network traffic a
Re: (Score:2)
Instead of each machine scanning the same message, only a few machines that get it first scan it
Which still requires that message to be distributed to several different servers. How does this not generate additional network traffic?
They generate a hash and distribute it to the other machines receiving messages. Those machines need only generate a hash of incoming messages, which is not as intensive as scanning it for spam (like bayesian algorithms).
So does your hash then match the entire message, or some part of the header instead?
The hashes do increase network traffic a little, but not nearly as much as the reduced spam effect decreases traffic.
So are you then proposing that an upstream server filter the messages before they get to their second-to-final destination (as in, some sort of "post office" intermediate)? Otherwise the email still needs to get to that last server (generally prior to the user's system) to be filtered.
The hash is probably something like 16 or 32 bytes, while the average spam is hundreds or thousands of bytes, in each message.
There's actually a proven solution ... (Score:2)
Re: (Score:2)
Wouldn't that be a proven non-solution, since it was shutdown by the spammers?
Re: (Score:2)
The only way it's going away ... (Score:2)
The only way you'll ever see email spam or any other highly irritating marketing ploy go away is if it stops be profitable. And email spam is pretty damn cheap for the people pumping it out.
Spam hit a legibility critical mass (Score:2)
All of the obvious spam messages that seem to have a practical chance of garnering hits is getting detected now. The only way to get through is to use some obfuscated content that a reader is much more likely to either detect as spam or so obscure that the email doesn't interest the reader. I can't imagine the spam business is very good anymore.
GDSA (Score:2)
Re: (Score:2)
Sending host IP doesn't resolve? Not good. No sender address? Not good. Se
Simple solution (Score:2)
I just block e-mail from gmail.com accounts. That clears up most of the spam.
For a company that whines so much about spam. Google sure seems unable to clean up their own act.
Wrong focus (Score:2)
In fact, is GOOD that they send spam, as could be used that traffic to identify the hosts and accounts, and do something with them, like ISPs redirecting them in a san
Re: (Score:2)
I've had my account for at least 3 years I'm currently at 679. I've maybe given the address out to less than ten family members.
But my email address contains my name, which is quite common. When I ran servers, I would see guess attempts at email addresses every day (every 10 minutes, really) in the logs, so I would imagine the more common your name/email address, the more spam you're going s