[go: up one dir, main page]
|
|
Log in / Subscribe / Register

A decline in email spam?

By Jake Edge
July 7, 2011

One of the biggest internet irritants over the last decade or two clearly has to be email spam. It has collectively taken billions of hours of users' time to deal with, consumed countless terabytes of wasted disk space, burned bandwidth better spent on kitten videos, and used up vast quantities of developer time to come up with new ways to filter it out or come up with other technological fixes. So, recent reports that email spam is in decline are certainly welcome, if true, but even with the 90% decline over the last year that is being reported, the amount of spam being sent is still staggering—and likely to be with us for a long time to come.

I haven't heard friends and colleagues extolling a reduction in the amount of spam they receive but, as they say, the plural of anecdote is not data. One would think that such a precipitous drop would be noticed by email users, however. In any case, Cisco, Symantec, and others are reporting numbers like 34 billion spam emails per day for April, down from 300 billion in mid-2010. That's an enormous drop in the volume, even if 34 billion a day is still huge. Without any hard data to the contrary, some significant drop-off in spam volume is a reasonable conclusion—and one worth exploring a little bit.

Spam has always been driven by its economics. In the early days, it cost almost nothing to send out huge volumes of email, and the chances of getting caught and meaningfully punished were quite small. That led to various "spam kings" who made outrageous amounts of money by spamming the world. If sending spam is, for all intents and purposes, free, you don't need a very high response rate to the pitch in order to bring in substantial sums. But that led to a backlash.

Users quickly tired of digging through email that was 90-100% spam, ISPs got smarter about not allowing their systems to be used for spam transmission, and, eventually, governments decided to ramp up the punishment side of the equation. Spam filtering became ubiquitous, blacklists that identified sites sending spam started to pop up, prosecutions of those sending spam were successful to some extent, and so on. The cost of sending spam has risen substantially over the years.

That's not to say that there aren't some folks still making lots of money sending spam, but these days there are bigger phish (so to speak) to fry. The most lucrative schemes today don't rely on sending enormous volumes of email and are more targeted instead.

It would be nice to think that users are getting a bit more sophisticated—or just running out of body parts to enlarge. It's hard to say whether that's true or not, but, even with the growth in new internet users, one might hope that the negative publicity about internet scams is making users more wary. Unfortunately, one doesn't have to search very far to find a news item about someone taken in by email claiming to be from a foreigner who wants to send them "EIGHT BILLION DOLLARS". So, it's probably overoptimistic to attribute much of the spam volume drop to users being less likely to respond to the pitch.

Filtering has certainly gotten better over the years, and moved from something users had to fiddle with to "the cloud" (or at least their ISP). Spammers have routinely run their emails through tools like SpamAssassin to try to evade filters, but there are limits to that approach, especially when individual Bayesian filters are factored in. It's difficult for even gullible users to respond to a spam pitch they don't see, so filtering has likely done much to reduce the effectiveness of spam.

Another factor that may be at play here is that many folks have moved beyond email for much or all of their communication. Text messages, instant messaging, and the services provided by various walled gardens (e.g. Facebook, Twitter) have replaced email for a lot of people, especially those darn kids, these days. Spam has, of course, evolved to assail those media as well. That kind of spam is not reflected in these recent statistics, however.

So, while it is somewhat heartening to hear that some folks are probably receiving less email spam, it's unlikely that it's really going to change things for most people. Users will still need filtering, ISPs and governments will still need to be vigilant, and clicking on links in dodgy email will still be a bad idea. While likely mind-numbing, seven days of reading all the email you receive might also prove somewhat eye-opening.

Like it or not, spam has become part of our culture. From the origin of the "spam" name to the various terms for different kinds of spam (419 spam, phishing, etc.), spam has used and been used by internet culture. Over the years, various folks have imagined horrible demises for spammers—e.g. Rule 34—usually involving the products they pitch in some bizarre fashion. So, at least we can get a chuckle from spam now and again, even as it is an extremely annoying—sometimes dangerous—phenomenon. In fact, it would be nice if junk (snail) mail filters were even half as good as email filters are these days.


Index entries for this article
SecuritySpam

to post comments

A decline in email spam?

Posted Jul 8, 2011 2:22 UTC (Fri) by tshow (subscriber, #6411) [Link] (8 responses)

I've actually got scam spam via snail mail. My wife and I live in Canada, and we've received two letters from Spain, apparently with properly canceled 0.80 EUR stamps. Both letters are addressed to us personally, though it looks like whoever sent them probably harvested our name and address from a phone book.

The two letters are nearly identical, describing themselves as coming from a barrister in Spain. Apparently my distant relatives are filthy rich and dying like flies in Spain. One of them left $10M USD in chancery after a tragic death, while the other (in the second letter) had the good taste to leave $10M EUR in chancery when they met their inevitable end.

In both cases the pitch is that the barrister presents me as the legit heir, and we split the money. So, yeah, more or less your classic Nigerian email scam.

Except they mailed two of them to me with 0.80 EUR stamps. That's where it gets weird for me. Are enough people falling for this scam that the economics actually make sense through snail mail? Or is this some sort of psych experiment?

Beyond that, I thought a lot of countries had some fairly nasty laws with regards to "wire fraud" and the like. I know there's been some question as to how those laws apply to email, but the rules are pretty clear (and severe, IIRC) when it comes to physical mail.

A decline in email spam?

Posted Jul 8, 2011 4:51 UTC (Fri) by jzbiciak (guest, #5246) [Link]

I got a Spanish Lottery scam spam through snail mail once myself, it too with proper postage. Weird.

And on a completely different topic, I never thought I'd see the phrase "rule 34" on LWN. *chuckle*

A decline in email spam?

Posted Jul 8, 2011 13:34 UTC (Fri) by oak (guest, #2786) [Link] (3 responses)

> Except they mailed two of them to me with 0.80 EUR stamps. That's where it gets weird for me.

Maybe somebody's very cost-efficient & good at forging stamps? Checks on cheap 0.80 EUR ones probably aren't that rigorous (does anybody know?)...

A decline in email spam?

Posted Jul 8, 2011 21:54 UTC (Fri) by blitzkrieg3 (guest, #57873) [Link] (2 responses)

You can send any canceled stamp through the post and the machines that route it will read it as "already canceled" (presumably by the first machine to process it) and if it isn't found by the letter carrier, it will be delivered as normal.

The reason people don't do this is because there isn't %100 chance of delivery, and you can land yourself in trouble if you do.

A decline in email spam?

Posted Jul 8, 2011 21:59 UTC (Fri) by dlang (guest, #313) [Link] (1 responses)

>The reason people don't do this is because there isn't %100 chance of delivery, and you can land yourself in trouble if you do.

also, most people are honest and do the right thing, even then they can probably get away with stealing.

A decline in email spam?

Posted Jul 14, 2011 5:12 UTC (Thu) by slashdot (guest, #22014) [Link]

It's also expensive to figure out whether they can get away with stealing or not.

A decline in email spam?

Posted Jul 9, 2011 5:58 UTC (Sat) by geuder (subscriber, #62854) [Link] (2 responses)

Yes, I have also received snail spam from Spain at least once, maybe twice here in Finland. Yes, the address was taken from the phonebook, because my address appers in the phonebook in unique form not used anywhere else.

I have also received a lottery scam by SMS. The number shown was an Irish one, but that has to be taken with caution. If you have access to a short messages center, the sender can be written like the From: header in SMTP. I'd guess the price of a mass SMS could be somewhere around 2 - 4 Euro cents.

(Interesting enough the spam SMS did not come to my postpaid mobile subscription, which is even publicly listed and where I receive all kind of "legal" telemarketing calls. The scam message came to an unregistered and unlisted prepaid number, which I hardly ever use. But I remembered that I had used this number to get one more Google account, after they had made confirmation by phone mandatory. So has Google been hacked or did they sell my number?)

Anyway about "costly" spamming. It's all about probability. Not too many people should respond to email spam/scam these days anymore. But still it must be profitable.

Stamped snail or SMS scam must be much more credible to many people. If the fraction is high enough you end up with profit even if your "marketing" costs are higher. (Actually that shows that the senders were not very professional. There are much cheaper bulk postage rates available even in other European countries, and real stamps are known to be a quality factor by marketing professionals and postal adminstrations alike)

Anyway it seems that the fraction of responders to "high quality" scam was too small for a profit. Otherwise we would have all seen more of the nonsense and it would no longer be fun at the family dinner when such a letter is being opened.

A decline in email spam?

Posted Jul 9, 2011 19:56 UTC (Sat) by anselm (subscriber, #2796) [Link] (1 responses)

So has Google been hacked or did they sell my number?

Do mobile phone providers charge you for non-deliverable SMS? The spammer could just send SMS to all the telephone numbers in a particular range, starting at, say, 0000000 and finishing at 9999999, and see which ones get through. This is being done for e-mail addresses, so why not for SMS?

A decline in email spam?

Posted Jul 9, 2011 20:26 UTC (Sat) by geuder (subscriber, #62854) [Link]

Yes, SMS is store and forward. Charging happens immediately when the message is sent. They don't care what happens after that. (This has been discussed especially for premium SMS services. If the user mispells the search, order or what ever service she was trying to use, she well end up paying for service that was never fulfilled.)

We have 5 mobile subscriptions in the family. Only one "won in the lottery" Of course I cannot be 100% sure that the number came from my Google account creation, but it was definitely the closest use of this phone in relation to spam. As I wrote the subscription is very much unused. Not saying that Google themselves do it, but certainly they are interesting for spammers.

A decline in email spam?

Posted Jul 8, 2011 5:23 UTC (Fri) by eru (subscriber, #2753) [Link] (4 responses)

As another anecdotal data point, I really have noticed a huge drop in spam beginning some time last year. My spam folder (filtered into by my ISPs Spamassassin installation) that used to be bulging ever day, now receives only a small trickle, and is even totally empty on some days, which used to be unheard of. I have long wondered what has caused the drop, which was quite sudden. A bust of major spam-sending botnets?

A decline in email spam?

Posted Jul 8, 2011 19:39 UTC (Fri) by dlang (guest, #313) [Link] (3 responses)

I've also noticed a significant reduction in the amount of spam.

some of it may be the breaking up of some botnets (some of the declines did correlate directly to high-profile breakups), but given that new botnets are being created, I wonder about that being the long term cause. I suspect that the profits from spam have been on the decline and the people who lost their spam botnets haven't bothered to replace them (or are concentrating on more targeted approaches rather than just blanket coverage)

it's gotten to the point where I don't bother with a spam filter on my home e-mail any longer, and I don't have more than a dozen or two spam messages in a day (out of 500-1000 messages a day this isn't significant)

A decline in email spam?

Posted Jul 8, 2011 19:40 UTC (Fri) by corbet (editor, #1) [Link] (2 responses)

Some people are so lucky; I'm still running 3-4,000 spams/day. How do I get onto that "reduced spam" list? :)

A decline in email spam?

Posted Jul 11, 2011 0:28 UTC (Mon) by giraffedata (guest, #1954) [Link] (1 responses)

I wonder what kind of spam it is that has been eliminated. It must be some particular kind.

I too am no where near being able to live without filtering. Last month it was about 350 a day, compared to 500-600 last year. But the amount that I have to filter seems to have gone up in that time; from around 60 a day to 80. The legitimate emails are at most 10 a day.

Like Jon, I distribute my unobfuscated email address widely. Not as widely as Jon, though.

One thing I've noticed is the mail to guessed email addresses on my mail server has stopped. (But the counts above are just for mail addressed to me).

A decline in email spam?

Posted Jul 11, 2011 13:39 UTC (Mon) by lutchann (subscriber, #8872) [Link]

Just as another data point, it looks like my spam volume has gone from 1000+/day to less than 300/day over the past two years. Very interesting, and surprising that I had not noticed until now.

Of course, a spam message just made it through my filters as I was typing this... :-)

A decline in email spam?

Posted Jul 8, 2011 10:28 UTC (Fri) by Thue (guest, #14277) [Link] (2 responses)

> In fact, it would be nice if junk (snail) mail filters were even half as good as email filters are these days.

That is possibly a US problem. I get less than 10 pieces of spam snail mail per year here in Denmark.

A decline in email spam?

Posted Jul 8, 2011 12:04 UTC (Fri) by spaetz (guest, #32870) [Link]

Thanks Jake for a hillarious text. Informative AND amusing at the same time, I think I would be willing to pay money to read this. Oh wait, I do...

snail mail spam

Posted Jul 11, 2011 0:17 UTC (Mon) by giraffedata (guest, #1954) [Link]

I don't think anyone gets something that is truly spam in physical mail. Due to its cost, it's targeted beyond the level that I associate with spam. I think they need something like a 1% response to make it worthwhile, so they make sure they're selling something at least slightly useful and at least make sure people who use it live in the area they're sending to. I don't think email spammers make any attempt at all to target it.

Some actual data presented anecdotally

Posted Jul 8, 2011 20:36 UTC (Fri) by felixfix (subscriber, #242) [Link] (18 responses)

I have a home server with its own domain name, been using it since uunet! days, and it has only one real user account, along with the usual *masters.

Up until the early 2000s, it ran fine over dialup. Somewhen in the 1990s, the amount of spam to non-existent accounts (bill123) began increasing, and once it hit 40,000 a day, dialup was no longer good enough. By then I could get satellite internet for my location in the boonies, and spam to those non-existent accounts kept increasing, hitting an average of around 600K messages a day, occasionally going over 1M. Yes, one million individual messages, all thrown out as soon as the nonexistent account name was given during the envelope phase, just drop the connection and wait for another. But sometime last year it did drop, and has been fairly steady at around 40-50K a day for several months.

I don't run any IP address blacklists. All I do is drop the SMTP connection if the account is not known.

My personal account by contrast has gone from 20-30 a day to 200-300 a day. These are messages to my one and only real account, but from unknown senders. I don't use any specific spam filters. I do white list email, with unknown senders going to a junk mailbox which I review every couple of days. Most are easy to confirm as spam, such as when I get 10-20 messages with the same silly subject (I doubt PayPal is going to send me that many dups of a warning message!).

Some actual data presented anecdotally

Posted Jul 8, 2011 21:49 UTC (Fri) by geuder (subscriber, #62854) [Link] (17 responses)

Mentioning PayPal. This week I received a genuine mail from PayPal, the first for years, because I don't use them regurarly. Gmail put it into the spam folder, obviously the word PayPal is nearly equivalent to spam.

Generally Gmail spam folder receives several false positives each week, maybe some 5% of all detected spam.

Even more worrying is that both gmail and IBM hosted mailservice reject legitimitate mail before SMTP is complete. (I have seen this in logs often enogh, although I don't follow them systematically)

Obviously they have overlooked in their spam filters that mail can be forwarded automatically. So if a Paypal message is forwarded and arrives from a non-paypal server, it must be spam. If your forwarding server forwards a couple of spam messages, subsequent legitimite message might be rejected, because this server sends too much spam.

Yes, spam is down from 20 a day to maybe 5 a day for me. But how much much is caused by rejection during SMTP, I really don't know.


Some actual data presented anecdotally

Posted Jul 9, 2011 19:50 UTC (Sat) by anselm (subscriber, #2796) [Link] (16 responses)

It's really a lot better to reject spam during the SMTP dialog rather than after having accepted the message. Once you have accepted the message and decided it's spam, you can't bounce it back to the purported sender since the sender address is likely to be forged. So you write it into the recipient's »spam« folder, which they usually never check, and the message is practically lost.

On the other hand, if you reject spam while the SMTP message is ongoing, the actual sender sees an SMTP error, so if the mail is really legitimate, at least they know that their message can't be delivered. Since, with spam, a large proportion of false positives results from misconfigured DNS at the sender's and things like that, this puts pressure on the senders to fix their systems. You can also try to annoy apparent spammers by »tarpitting«, i.e., putting in deliberate long delays before rejecting their messages, so their servers can't send as much spam out as they would if everyone just accepted it.

Some actual data presented anecdotally

Posted Jul 9, 2011 20:39 UTC (Sat) by geuder (subscriber, #62854) [Link] (15 responses)

> It's really a lot better to reject spam during the SMTP

If you could trust your spam detection algorithms, yes. In practice you have false positives and then rejection is fatal.

> recipient's »spam« folder, which they usually never check,

Many users might not. I always do, and I find false positives every week (Gmail). Sometimes just mailing list messages of little value, but I've also found personal messages from a friend or a job offer (and it was not a pharmacist's job)

Some actual data presented anecdotally

Posted Jul 9, 2011 21:02 UTC (Sat) by felixfix (subscriber, #242) [Link] (10 responses)

It is safe enough to reject mail during the envelope phase. If it is spam, the sender will just discard it and may even blacklist you so as to not waste more time. If it is a valid sender, they can resend. In my case, I run no spam filter, I only drop messages sent to bogus accounts. If someone misspells my account, they can correct it easily enough, if they care.

Even if your spam filter mistakenly rejects a message during the envelope phase, a legitimate sender can obfuscate the buzzwords if they care enough. If it is a bank or such, they shouldn't be sending likely spam words anyway.

Some actual data presented anecdotally

Posted Jul 11, 2011 21:24 UTC (Mon) by lindahl (guest, #15266) [Link] (9 responses)

Most people ignore bounces these days, which means that rejecting apparent spam is the same as blackholing it.

Some actual data presented anecdotally

Posted Jul 11, 2011 22:22 UTC (Mon) by anselm (subscriber, #2796) [Link] (8 responses)

Well, if the senders don't care whether I actually got their mail, it won't matter either way. They will have wasted their time writing it in the first place, not mine.

Those people who do care, however, will at least have the SMTP error message to tell them that their mail couldn't be delivered and why (and pretty much instantly, at that), which is a whole lot better than if their mail had gone to ferment in my spam folder for a few days or even been deleted outright.

Some actual data presented anecdotally

Posted Jul 11, 2011 22:26 UTC (Mon) by lindahl (guest, #15266) [Link] (7 responses)

There is a lot of spam designed to look like bounces. It is difficult for the average user to figure out how to ignore them without ignoring real bounces.

Some actual data presented anecdotally

Posted Jul 11, 2011 22:31 UTC (Mon) by dlang (guest, #313) [Link]

not to mention all the backscatter from when the spammers are using your e-mail address as a source for their spam.

bounce messages are pretty worthless nowdays thanks to this abuse. many mail servers don't even generate them by default any more.

Some actual data presented anecdotally

Posted Jul 11, 2011 22:39 UTC (Mon) by anselm (subscriber, #2796) [Link] (5 responses)

Which is why you don't bounce spam. What you want to do is do your filtering during the SMTP dialog, so you don't even need to accept spam (and bounce it later, file it into the recipient's spam folder, or throw it away). You reject apparent spam before your MTA has accepted responsibility for it, and if there is a false positive, the sender gets a nice SMTP error message, from their own MTA, saying their message couldn't be delivered.

(People who won't look at error messages from their own MTA are beyond help.)

Some actual data presented anecdotally

Posted Jul 11, 2011 22:46 UTC (Mon) by lindahl (guest, #15266) [Link] (4 responses)

I get a lot of fake bounces that look like they come from my own MTA.

Some actual data presented anecdotally

Posted Jul 12, 2011 6:56 UTC (Tue) by anselm (subscriber, #2796) [Link]

So what alternative do you suggest?

Here in Germany, if you're handling mail on behalf of other people it is in many cases illegal to just throw stuff away that looks like spam. So you need to either shove suspicious mail into a »spam« folder – which the recipients usually look at only sporadically or not at all –, or not accept it at all in the first place, by sending error codes during the SMTP dialogue. This applies not only if you are an ISP, but also to many companies, universities, etc.

People will need to figure out how to read their MTAs' error messages. Otherwise, how are they going to deal with mistyped addresses, full recipient mailboxes, etc. – all of which can prevent mail from being delivered even in the absence of spam filtering and backscatter. Also, I personally have been a mail admin for 20 years or so, and I have never to my recollection seen a convincing fake error message from my own MTA.

Some actual data presented anecdotally

Posted Jul 12, 2011 14:04 UTC (Tue) by nye (subscriber, #51576) [Link] (2 responses)

>I get a lot of fake bounces that look like they come from my own MTA

Presumably though if you send a message, and shortly afterwards the same message comes back to you with a note saying that it couldn't be delivered to the address you specified, it's not too hard to differentiate that from fake bounces to messages you clearly never sent.

Anyway in practice people obviously do notice bounces, as they generally manage to do just fine in cases where they've typed the address in wrong, for example.

Some actual data presented anecdotally

Posted Jul 12, 2011 23:09 UTC (Tue) by dmarti (subscriber, #11625) [Link] (1 responses)

This is a good use case for SPF. If your mail server has an SPF record, you can reliably filter out real bounces from forgeries. (I read all my bounces, and would much rather have you bounce my mail than stick it in a spam folder.)

Some actual data presented anecdotally

Posted Jul 13, 2011 0:04 UTC (Wed) by mjg59 (subscriber, #23239) [Link]

You can do that without SPF - BATV solves this problem without breaking things like forwarding.

Some actual data presented anecdotally

Posted Jul 14, 2011 5:17 UTC (Thu) by slashdot (guest, #22014) [Link] (3 responses)

You could also pretend you rejected the e-mail to the SMTP client, but actually still deliver to the Junk mail folder.

Some actual data presented anecdotally

Posted Jul 14, 2011 6:26 UTC (Thu) by dlang (guest, #313) [Link] (2 responses)

not easily, because when you reject the mail to the SMTP sender, it's almost always done before the message itself gets delivered to you.

Some actual data presented anecdotally

Posted Jul 14, 2011 8:13 UTC (Thu) by anselm (subscriber, #2796) [Link] (1 responses)

You can still reject a message in the SMTP dialog after having seen the body.

However, I don't see the point of rejecting a message and filing it to the spam folder at the same time. The point of the exercise is to not need a spam folder in the first place, by simply refusing outright to accept mail that would otherwise go in the spam folder.

Some actual data presented anecdotally

Posted Jul 14, 2011 14:39 UTC (Thu) by bronson (guest, #4806) [Link]

In case a filter wants to reject it but an admin or user wants to double check.

A decline in email spam?

Posted Jul 8, 2011 21:58 UTC (Fri) by blitzkrieg3 (guest, #57873) [Link] (2 responses)

I find it surprising that no one has brought up the work of Stefen Savage, who is following the money that is earned by these spammers. Apparently, %95 of credit cards are processed by just 3 financial companies, so if the credit card companies agree to blacklist those financial firms, we'll have a much easier time stopping the financial incentive to spam:

http://www.npr.org/2011/05/26/136690513/study-may-shed-li...

A decline in email spam?

Posted Jul 9, 2011 5:19 UTC (Sat) by geuder (subscriber, #62854) [Link] (1 responses)

Interesting indeed. Shows how lame law enforcement in most "civilized" countries is. Sending spam is illegal in many countries, the related sales and financial transactions probably in even more. So even if law enforcement of the 3 "less civilized" countries in questions doesn't co-operate, I think Visa, Mastercard, our local banks issuing our cards all seem to act as an accessory to fraud as each time they process such a tramsaction.

Needless to mention the high-standing corporate ethics of Mastercard etc. They denied to process payments for Wikileaks, but they happily continue to earn with spam-related selling of illegal goods.

If media would write as much about spam as about wikileaks and show the connection we would all get rid of the pain very easily. Just a few IT guys earning their living on spam protection would need to look for new job.

Stopping spam through banking

Posted Jul 11, 2011 1:07 UTC (Mon) by giraffedata (guest, #1954) [Link]

But Savage admits it wouldn't work just for the buyers' banks to refuse to send money to the 3 crooks' banks. The crooks can just get new banks. He thinks it might be possible to set up a system that identifies crooks' banks quickly and shut them off faster than the crooks can switch, but I wouldn't bet on it.

I don't think the crooks' banks are totally crooked. I think lots of legitimate transactions go through them too and they are not violating laws of their own countries (and that doesn't make those countries less civilized -- it just means they have a different idea of how to distribute responsibility and think it's best if banks don't get involved in transactions any further than to move the money around when asked to).

Remember when some US ISPs declared the entire continent of Europe to be a spammer and blocked email from Europe for a day or so? They weren't exactly called heroes for doing that.

I think it's interesting that Savage implies that all spam-generated transactions are illegal. I know lots are, but I thought most of it was stuff people have a perfect right to buy and the sellers have a right to sell. Just not stuff any given recipient is likely to want.

And I don't think spam itself is illegal most places. I know some of the worst enablers of spam -- like fraudulent sender identity and misleading subject line are, but I myself would really resist laws broadly clamping down on a person's right to say something to me in email, and I think enough others feel the same way that spam has not been generically outlawed.

A decline in email spam?

Posted Jul 12, 2011 14:07 UTC (Tue) by nye (subscriber, #51576) [Link]

>I haven't heard friends and colleagues extolling a reduction in the amount of spam they receive

Presumably none of them admin mail servers? :P

Our mailgraph for the last year looks like this:
http://dl.dropbox.com/u/4957647/mailstats/mailgraph.html

(Ignore the spike on the rejected graph in the middle of June; that was a cascade of errors due to my making a typo in configuring nullmailer on one machine, and not noticing until the next morning)

The overall shape for the previous year looks similar, but if you go back a few years it's shaped more-or-less the other way. There are very precipitous drop-offs every now and then though - eg. the McColo takedown reduced our spam by probably about 80%, and it's never got as high since as it was just before.

A decline in email spam?

Posted Jul 18, 2011 7:10 UTC (Mon) by yodermk (subscriber, #3803) [Link] (1 responses)

I don't keep stats, but I also believe it's gone down. I've never used any filtering for my main address, and I know a lot of spammers have it. I now get maybe 5-10 spams a day. Instead of filtering I have this in Postfix's main.cf:

smtpd_recipient_restrictions = permit_sasl_authenticated, reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_rbl_client zen.spamhaus.org, reject_unauth_destination, permit

Seems to work reasonably well for me.

A decline in email spam?

Posted Jul 18, 2011 7:13 UTC (Mon) by yodermk (subscriber, #3803) [Link]

Oh, and also this line:

smtpd_client_restrictions = sleep 1, reject_unauth_pipelining


Copyright © 2011, Eklektix, Inc.
This article may be redistributed under the terms of the Creative Commons CC BY-SA 4.0 license
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds