subject:"Re\: \[mailop\] Historical spam loads \- was Re\: Google rate\-limiting more aggressively than usual\?"

Re: [mailop] Historical spam loads - was Re: Google rate-limiting more aggressively than usual?

2023-11-19 Thread Michael Rathbun via mailop

On Sun, 19 Nov 2023 19:02:04 + (GMT), Andrew C Aitchison via mailop
 wrote:

>That is a surprise to hear. Reading this list has given me the impression
>that the spam volume is worse now than it was then. Spamming is a much bigger
>business now and the internet is faster, so I would have thought spammers
>would be sending more messages, even compared to the increase in legitimate
>email.

"Better" can be an elastic concept.

On the one hand, from the script that ran this morning, I see that only 4.2%
of the SMTP dialogs registered in the logs qualified as "not hostile".  These
were communications that were consensual -- multicast from lists like this
one, broadcasts from sources that users had given permission to, and various
unicast messages from sources known and unknown.

The rest were relay attempts, false authorization attempts (often laughably
inept), messages to "sudden death" spamtraps, messages to "Nadine" and all of
the contact addresses that briefly appeared on http://www.honet.com/Nadine,
and a vast array of spammed addresses both valid and never valid.  A
significant percentage of these offenders are immediately identified by the
Spamhaus advisory lists, and other such public services.  There were also the
usual attempts to wake up resident malware.

>If they are sending comparatively fewer messages I can only imagine
>that is because their strike rate is better, which is *more* worrying.
>What have I misunderstood ?

Compared to what we were trying to deal with back in, say, 1997, the volume of
unsolicited broadcast email has gone up by several orders of magnitude. Simply
based on raw volume numbers, the spammers won the war over a decade ago.  From
the standpoint of my users, things are much as they were back around 2005 --
volumes up, detection and suppression also up commensurately.

>> but I wouldn't be at all surprised if some sites still have a 90%+
>> spam burden.

Much of the current evolution of intake evaluation strategies is governed by
the numbers describing what percentage of a major provider's resources are
consumed by messages that nobody will ever see, but which must be evaluated,
tested, examined, classified, and eventually stored/delivered to an account
that is never accessed.  

Expect upheavals for some cohorts of mail senders.

mdr
-- 
The hits just keep on coming for poor "Nadine". See the sad tale 
of email lists gone horribly wrong at 
F - IWAA #2157 GEVNP

___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Historical spam loads - was Re: Google rate-limiting more aggressively than usual?

2023-11-19 Thread Bill Cole via mailop

On 2023-11-19 at 14:02:04 UTC-0500 (Sun, 19 Nov 2023 19:02:04 + 
(GMT))

Andrew C Aitchison via mailop 
is rumored to have said:


On Sun, 19 Nov 2023, Bill Cole via mailop wrote:


On 2023-11-19 at 06:59:37 UTC-0500 (Sun, 19 Nov 2023 12:59:37 +0100)
Alessandro Vesely via mailop 
is rumored to have said:

I don't think someone can drop almost all mail and still call itself 
a mail server.


Were you running a mail system in the early-mid 2000s?

At that time, I tracked the performance of a mid-sized spam control 
system for a business that handled around a million inbound SMTP 
sessions per day. The proportion of mail we rejected as spam was 
persistently over 90%, and at times broke 98%. We never had a 
significant FP problem.


Although the server I ran at that time did listen to the whole 
internet,

our MX pointed at a service that spared me from much of that spam,
though I was aware of it and knew the folks stopping it for me.


The state of email is better today,


That is a surprise to hear. Reading this list has given me the 
impression
that the spam volume is worse now than it was then. Spamming is a much 
bigger
business now and the internet is faster, so I would have thought 
spammers
would be sending more messages, even compared to the increase in 
legitimate

email.

If they are sending comparatively fewer messages I can only imagine
that is because their strike rate is better, which is *more* worrying.
What have I misunderstood ?


The biggest contributor to the reduction in spam:ham ratio from what 
I've seen is a decline in the volume of blatant spambots operating on 
compromised personal devices. Right behind that would be how much more 
B2C marketing mail people are eager to receive. Years of nominally 
legitimate businesses sending bulk mail with marginally acceptable 
practices have conditioned people to accepting more mail as "ham" today 
than they did 15-20 years ago.



And that could of course be particular to the SMB mailboxes of my users. 
Maybe non-business mailboxes are seeing more garbage, but my 
junk-catchers at GMail, Yahoo, Outlook.com, iCloud, and GMX haven't seen 
it. (They suffer from the flaw of having absolutely zero legit exposure 
to commercial entities, so they are not 'typical' freemail accounts.) 
The volume of junk hitting those mailboxes (both Inbox and "spam folder" 
delivery) has dropped over the past few years.



--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
___
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Re: [mailop] Historical spam loads - was Re: Google rate-limiting more aggressively than usual?

Re: [mailop] Historical spam loads - was Re: Google rate-limiting more aggressively than usual?

2 matches

Site Navigation

Mail list logo

Footer information