A cynical view of Information Security and Risk Management, along with smatterings of philosophy, metaphysics, suspect writing and good science fiction. For more about me, see http://www.gillingwater.org/.
16 December 2007
Significant Increase in SPAM leading up to holiday period
Update August 2008: even more spam...
It's August 2008, and the level of spam I get in my Gmail account is reaching record levels. The picture speaks for itself -- basically, that represents 3.6 spam messages per minute, every minute for 24 hours, for the past month.
-----------------------
I've noticed a huge upsurge in the amount of SPAM reaching my mailbox, especially in the first two weeks of December. Unfortunately, this seems to have co-incided with a Joe Job against two of my mail domains, lanifex.com and gillingwater.org. I don't see these attacks as personal, since it's unlikely any Spammers would even bother to target me, but it's irritating having to deal with all the spam.
Fortunately, most of the heavy lifting is taken care of by Gmail, whose dedication and skill at intercepting spam borders on the miraculous. My current spam count for the past 30 days (according to the Gmail Spam folder) is 29,712 messages -- which I think must be some sort of record. That's an average of 41 messages arriving per hour.
Not all of the messages are directed at me -- due to the Joe Job, many of them are simply bounces from other people's mail systems, either with a spam trap challenging for a human response, or due to the mailbox being full. Oddly, many of the messages claim to be from "jerusha.davie@lanifex.com", a name which doesn't seem to be in Google. Unfortunately, I get all the bounces because my domain will collect any unknown user mail, and forward it to me--I guess I like to know what's going on. I just wish that a lot more mail server administrators would refrain from sending Bounce Messages for mail that has already been rejected as spam, since 100% of the From: or Reply-To: headers are certainly forged.
The risk here is that some legitimate email will be intercepted, although Gmail has a very good record of false positives, so I'm happy to accept the residual risk after mitigation -- but I will occasionally trawl through the spam folder, in case something slipped by that I wanted to see. A related risk is that Gmail will start sending all bounce messages to the spam folder -- making me miss a genuine one.
If only Gmail had some form of Cacti graph, so we could see the spam versus genuine mail on a time-series display, with history. I guess I could write something, but don't really have the free time. Still, I feel that nearly 1,000 messages per day arriving as SPAM means my spam to mail ratio is around 99% -- surely some kind of record?
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment