...oh, how I dream of such low levels of spam! Just doing a quick total of the messages received at the (7-person) company I work for, I can say we're seeing more like 90.5 percent spam inbound. Of that, only about 3 percent of classified spam reaches users inboxes, but that's still several hundred messages a week!

Bah Humbug!

/me wanders off to the cloakroom muttering about wasted bandwidth...

Since when did they want either? Whenever I open a spam it either has a link in it or a dodgy binary; for the latter kind I guess the last thing they'd want is any obvious return-path to the puppeteer.

Spam levels at 74.6% - who are they kidding?

Personally, I'd be rather pleased if they were that low. Of 100 attempted mail deliveries on the servers I manage, only 5-10 are not obvious spam (sent to non-existent addresses that have been scraped here and there, or coming from obvious infected machines in dynamic pools). That's a 90%-95% spam level.

That figure is definitely low.

We're seeing more like 98-99% junk, and that is backed up by different offices/countries.

It's been getting worse since just before Christmas...

Oh dear! Did I say "Wee"? I meant "Wii". Yeah, that's the ticket. "Wii"...

Implementable? all you do is list email addresses you want to be able to send-from with your ISP, via some nice clunky text field on their website. they tag that text field to your IP#, and for the majority of botnet compromised users, wouldnt that massively reduce spam?

thats assuming its even viable, though.

Idea w/out technical knowledge, feel free to slam.

"As a result, "the spammers themselves aren’t getting the replies or even the bounces to the spammed messages they sent," writes Mary Ermitano, an anti-spam research engineer at Trend Micro."

Er. Spammers don't want replies. They forge the from: header (protip: this is known as spoofing). They don't care about bounces -- if it's spam, they'll have a link on a page (or embedded HTML) to know if an e-mail is valid or not. If it's phishing, they'll have an e-mail to reach them back at. This is elementary stuff.

Who's the genius who thought it was a flaw? that's how spammers usually do. Of course they don't want the bounce or the replies. If they want an e-mail answer, they include "please contact me on my private e-mail tw@tincredible.com.ck" in the body. If not, they just put in a website's adress (which is the case in this campain). I am no "spam researcher", but AFAIK the Reply-to and From field are ALWAYS spoofed because NO-ONE wants the bounces or the replies. The _contrary_ would be a mistake in design (how do you get the 5 juicy answers out of several million bounces and/or automated replies? Where do you store the lot before sorting?)

So, either Mary Ermitano is really the spam researcher's godson's mother's hairdresser's neighbour, or you misunderstood what she said...

I've been "lucky" enough to have a fictitious user@mydomain used as the forged "From" address on a few spam-runs in the past couple of years.

How do you like 7000 non-delivery reports coming in in 2 hours, and then another 1500 trickling in over the next 48 hours?

As a result I now route most standard "non-deliveries" to /dev/null by default. Of course this means that if I genuinely mis-type an email address I might not get to know about it... Small price to pay.

My gmail spam folder currently has about 7,000 messages in it. A month or two ago it dropped down to 2,000 from a fairly persistent 3,000 for two years or more. Then recently there was a rash of spam-filter failures followed by the current rapid increase. The bulk of the recent stuff is English-language and seems to be mostly about grants/funding/get money, whereas before I was getting stuff in a variety of languages including Chinese and Hebrew.

....is for the CIA to round up all these spammers, line them up against a wall, and open fire

Filtering - Either a hard content filter at the "mail server end" that does it by header checking only

or software like Mail Washer / Mail Washer Pro. Pro has a few more features but isn't free - the features being the ability to send spam to spamcop, after you've registered with them, let it detect your ISP mailservers and it's good to go can tell it's spoofed.. I don't get any in my gmail account, loads in my ISP based one worst I've see was 100/106 spam some were from "me" as well, which is the annoying part.

ISP is getting good at marking the spam as spam, my address book is all in Mail washer's "friends" list so it's marked as ok even if my ISP get's it wrong, also lets me check to see if they mark e-mail wrong so I don't dump something I shouldn't :D

My Yahoo e-mail - I clear it out often loads of spam in it too.

My Hotmail - a few what I hate is it doesn't tell you if you have new mail if you've got a rule to send it to a folder, then again it is free :P

Spam levels did go down but are back up again seems very variable at the moment...

I'll check my counters and see how bad it really is.

mailwasher pro has cut spam getting to my inbox to zero.

i hope the spammers read this.