back to article Spamquake subsides: less than half of email is now processed pork

Spam levels have fallen to below 50 per cent of all email sent for the first time in a decade, according to security firm Symantec. The milestone comes from a 1.8 per cent decline in spam rates from last month, when spam accounted for 51.5 per cent of sent email. Threat bod Ben Nahorney said it was the lowest rate since …

  1. Ralph the Wonder Llama
    Meh

    portk?

    Is that like Spatm?

  2. Pascal Monett Silver badge

    Phishing

    I just received a few days ago a mail posing as PayPal urgently advocating that I should do something to my account because it was going to be closed.

    I actually like getting those mails : it's always the hunt for the detail that proves it's just horseshit that amuses me. This one had a return address on a russian domain. Come on guys, you can do better than that.

    Then there are all the idiots who send me a RE: mail. You fail automatically because I always put a subject in my mail. The ones with RE: and a word are not better off because the word they choose is never one I would choose, plus I have no Eric in my contact list. I might have an eric.something@somewhere.com, but I never enter anyone with just their first name.

    Then there's the spam in German. That really kicks my funny bone because I have never written to anyone in Germany and I couldn't read German to save my life.

    It seems that just a bit of organization is enough to defeat almost all phishing attempts and reveal spam for what it is : a load of bollocks.

    Oh, and spammers, please never learn how to spell. That would make your trash a lot more difficult to filter.

    1. John H Woods Silver badge

      Re: Phishing

      "Oh, and spammers, please never learn how to spell. That would make your trash a lot more difficult to filter." -- Pascal Monett

      There's a theory they do this on purpose as per this pdf: you think you're screening them out for bad spelling, but actually they're screening you out for critical thinking.

    2. This post has been deleted by its author

    3. VinceH

      Re: Phishing

      "Then there are all the idiots who send me a RE: mail. You fail automatically because I always put a subject in my mail. The ones with RE: and a word are not better off because the word they choose is never one I would choose"

      Usefully, these can be defeated by a very easy filter, provided you know your message-ID format. Your filter checks if the subject begins "re:" (or variations) and if there is a References or In-Reply-To header that ends with a message-ID that matches your format. If you're worried about the possibility of false positives, drop the results in a spam folder for the occasional once over.

    4. Doctor Syntax Silver badge

      Re: Phishing

      "Oh, and spammers, please never learn how to spell. That would make your trash a lot more difficult to filter."

      Sadly, that's not a valid differentiator.

      1. Pascal Monett Silver badge

        Re: Sadly, that's not a valid differentiator.

        It is for me. The people I know who write me emails know how to write.

        But I'm not a tween anymore, far from.

  3. Anonymous Coward
    Anonymous Coward

    Broader analysis may be interesting

    Just an observation and not applicable to the wide metrics of the report, but it seems that the spam factories that are out there at the moment are more geared up than the easy-to-catch distributed sender scripts, never RFC-compliant, that used to dominate. One sender, successfully getting spam through on several domains here, uses multiple correctly set up domains, changes content and meta-content constantly and so on, but is obviously the same sender as the spams are laid out the same way. Interestingly spamassassin had difficulty with these, but dspam catches them.

    Anyway, what I was going to say is that some analysis of spam methods in addition to content may be an interesting addition to that report. Also, I wonder why spear fishing is especially targeted at small companies.

    1. Ian Michael Gumby
      Boffin

      Re: Broader analysis may be interesting

      I don't know if spam is really down.

      Most gets dropped thanks to Spamcop and other spam databases, and those that do get by, I report and filter out.

      What I noticed is that there was an uptick of spam using .ninja and .xyz domains which I could easily just filter out.

  4. Doctor Syntax Silver badge

    Does this take into account Google's false positives and Microsoft's inability to spot phishing pretending to be from them?

  5. Thought About IT

    I wish ...

    The volume of spam going through my mail server is still over 90%, so I'm dubious about their statistical methods.

    1. Charlie Clark Silver badge

      Re: I wish ...

      Yep, I'm not seeing much change. Spamassassin on the server and a learning filter on the client (are you listening Microsoft?) mean it's a low level nuisance: about 10 spams a day get through spamassassin, the mail client recognises 80% of them.

    2. Anonymous Coward
      Anonymous Coward

      Re: I wish ...

      Agreed, I would go further and say that we are seeing a slight upturn in spam - so much so that we have to empty the spam filter once a day rather than the every two days of the past.

      At least our bogo filters are doing an excellent job - let through one spam in the last two months and only dumped three legitimate mails in six months (senders trying to be 'smart and cool').

  6. Anonymous Coward
    Anonymous Coward

    meh

    I think its more likely to be the case of spammers avoiding symantec's honeypots.

    My spam reporting tool reports spam of 99.86% in the last 7 days (email volume for that time period is 14175 emails checked)

  7. Alan Brown Silver badge

    Alternatively...

    ...Spammers are identifying Symantec's honeypots.

    This press release has been discussed on a couple of spamfighting lists. The general feeling is that the claims are horseshit - noone else is reporting substantial declines.

    FWIW any time someone does report a decline, others usually don't see it and the original poster usually follows up later saying it was a blip.

  8. techmind

    Last week maybe

    I did see a marked lull in spam last week (or maybe for 10 days), but since Sunday I think it's back to normal service :-( Maybe the chief spammer just took a summer vacation.

  9. Voland's right hand Silver badge

    Neah, it has gone legit, that is all

    95% of SPAM I get is generated by two "legitimate" UK spamvertising companies which will sue you out of existence if you mention them anywhere near the word SPAM and which even Spamhaus does not dare to blacklist.

    Once you add these you get back to the real numbers. The problem is that if you are a security vendor and list the content networks originating these as SPAM you are looking at a lawsuit for libel under UK jurisdiction the next morning. As in the UK the loser does not pay you cannot afford it so you let them be.

    1. Anonymous Coward
      Anonymous Coward

      Re: Neah, it has gone legit, that is all

      Mmm, this is the source I was talking about, above. But even saying that, having a look at the last year's rrd mailgraph, spam for three domains shows a fairly dramatic downward trend. The differences may depend on the method spammers used for email harvesting, but that's a guess.

    2. Anonymous Coward
      Anonymous Coward

      Re: Neah, it has gone legit, that is all

      "95% of SPAM I get is generated by two "legitimate" UK spamvertising companies"

      Sounds made up to me.

      Extraordinary claims require extraordinary evidence.

  10. Anonymous Coward
    Anonymous Coward

    Spam nuisance or spam malicious?

    But what about Phishing emails?

    Are they on the decline too?

    Couldn't care less about most of the crap we define as Spam - its the phishing emails that can do the damage and I don't see any decline in these in our network!

  11. Anonymous Coward
    Anonymous Coward

    The unfortunate news however...

    ...is that many ISPs can't differentiate legitimate e-mail from SPAM. As a result clowns like Google mark a bunch (say 30% of Linus Torvald's e-mail), as SPAM and he never sees it unless he goes looking for it. Other miscreant ISPs like Comcast Cable block all e-mail from white listed servers, even when it's proven the servers are not sending out a bunch of SPAM. So Comcast customers don't even get a chance to review the e-mail like Google customers can. Comcast sends a bogus error message to the sender of legitimate e-mail telling them their ISPs server is being blocked because of excessive SPAM, which is shown by industry SPAM monitoring groups to be untrue. These are the little secrets unscrupulous ISPs forget to mention to their customers.

  12. Winkypop Silver badge
    Meh

    "according to security firm Symantec."

    Maybe this is just marketing by media release.

    I'm not knocking the article, but Symantec seem to have been seeding the media with similar stories recently. (as most companies do)

  13. F0rdPrefect
    FAIL

    Well nearly a week on from the article, I haven't noticed any decrease in the number of spam messages being caught in various spam traps nor much in the way of them being from "wo "legitimate" UK spamvertising companies"

    Most seem to come from idiots that have been recently sold a mailing list including names (ones that never existed) for a company that I recently closed, the majority of the rest come from some outfit in Henderson, Nevada, United States.

    Oh and together with a fair sprinkling of companies that I once bought from, or did some business with who seem incapable of taking notice of an unsubscribe.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like