Over a period of just over one week, just over 500 pieces of spam got through to my last spam filter, and were autodeposited in a "is this spam?" box.
My primary e-mail account is buried behind three layers of spam and virus filtering, and my mailer has a Bayesian junk mail filter.
At least five different aliases forward to this account and I have at least three other accounts that receive e-mail and do not forward, some of which are public and some of which are never shown on web pages or readable Net sources.
My primary e-mail has been visible for 20 years, and the current address has been valid for 8 years.
I remember (and received) the very first commercial e-mail spam, and the first web spams... a lot of people realised immediately that this meant very serious problems.
Two of the filtered messages were not-spam (and one was a recommendation letter - any e-mail consisting of a Microsoft Office document only and no plain text is almost certain to be spam filtered unless it is from a whitelisted address [ie someone who mails me regularly]).
A worrying fraction of spam got through all the layers to my primary mail box, I just deleted 29 messages, as opposed to about 50 autofiltered messages - a 1:2 ratio is unworkable, it needs to be at least 1:20 for filtering to work.
The spammers are learning faster than the filters.
Interestingly spam composition has changed. Porn spam seems to be almost 100% filtered (I'm informed it still floods in and is trapped at the higher levels). Nigerian letter scam spams are also down as is bank account/web account phishing.
Pharm spams are still coming through but the big spike is in pump'n'dump penny stock spams, which I presume are being done professionally by organised crime affiliates for the most part.
As was recently noted in the media, the spam situation has got worse, with something of the order of 90% of e-mail traffic due to spam.
Something has to be done, and has tempting as it is to lynch the bastards, the small possibility of error makes that option distasteful. There are also hypothetical extreme instances where common law would dictate suspending the punishment for spam for exigent circumstances, which complicates things.
The simplest local implementation would be to go to a true whitelist - only accept e-mail from known addresses, with all other mail assumed to be junk. This would still be vulnerable to spoofing though, which is significant (and really should lead to lynchings, except I do approve in principle of anonymous re-mailers for various reasons).
So... encryption protected, handshake confirmed whitelists, anyone?
Even then, that leaves a significant fraction of important e-mails in limbo: namely e-mail from new students (why, no, I don't trust psu.edu addresses, too easy to make syntactically correct unique account IDs); e-mail from prospective students - especially from prospective graduate students from abroad; e-mail from people who might actually have something important to tell me (as distinct from people who think they have something important to tell me); and people whose address changed...
This is a non-trivial problem.
It needs solving.
I do not want the solution to involve Microsoft or certain other entities receiving money, I'd rather delete spam by hand.
- Log in to post comments
Spam is a perfectly fine canned meat product that is "crazy tasty"! The Spam Museum is filled with interesting displays, and it's free!
Filtering spam will always be a losing battle, since the filters are only as clever as the last piece of junk that got through them. Harsh regulation is probably no good either, because that's exactly what makes the internet no fun anymore. As long as spammers are just as motivated as the people trying to stop them, I see no good way out of this.
I say we scuttle the internet.
I have multiple email addresses. Some NEVER are seen by the public ... only to trusted friends. I've got a couple of throw-away accounts that I give out, and then ditch when the spam becomes too great. My personal email is not totally whitelisted. Only those on the list can send me email. That has the problems that you mention above. I can handle an occasional commercial email, say from a book store that I visit routinely sending me a 40% off coupon, or some such. Several per day, though, would be annoying. But, before I whitelisted my personal email, I was getting 50 spams per day. Now, I think it is more, but I never see them. I have been getting MASSIVE amounts of comment spam on my web site, but that is caught over 99% of the time by the filters. The few that get through are annoying. I don't know what the best solution is, but with such a massive amount of spam running back and forth across the internet, the economic damage is mounting. Something needs to be done.
Violence. Once a few spammers get lynched, the demonstration effect will be powerful.
After all, it worked with the terrorists...oops, looks like I mixed up the crazypills and the vitamins again!