The Real Damage From Spam
October 4, 2005 on 7:02 pm | In Insider View, Rants by Dallas Kashuba |Anyone who has used email in the last couple of years has probably had to deal with spam at least a little. Most people probably consider it an inconvenience that has to be endured as part of using email. Anyone who has had the same email address continuously for more than a few years probably see it as more than just an inconvenience as you probably receive a couple hundred spam messages a day. You also almost definitely use some sort of filtering system as well, though. I know I personally would be literally unable to deal with my email if I had no spam filtering. I’m probably a bit of an extreme case, but my junk mail filters kept about 850 spam emails from hitting my inbox just yesterday.
The annoyance of dealing with keeping your inbox clean is only a very small part of the spam picture, though. Most of the real pain is felt by companies like us: web hosts, email hosts, and network providers. Spam and its associated problems is something we deal with on a daily basis and many days it is one of our top issues.
Our customers expect us to provide them with a service that’s as hassle-free as possible and that includes the amount of spam they receive in their inbox. The job of deciding what incoming email is spam is difficult because each email recipient probably has a slightly different opinion on the matter. On top of that, a single falsely rejected message is a problem so that must be minimized. To that end, we use a relatively conservative blocklist on all of our incoming email servers. Even with a conservative blocklist like that one, our incoming email servers block about 60% of all incoming email as spam.
Even with a blocklist, a lot of spam still gets through and into inboxes. For instance, my 850 spams from yesterday were all after the 60% that was rejected at the email server level. Following that logic I may have actually been sent a whopping 2125 spams just yesterday! To help catch the rest of that spam, we also have our junkmail filter service. We still have the junkmail filter set to off by default and most of you have not yet enabled it. We don’t know for sure, but we have estimated that it may take more servers to scan all of the email than it takes to deliver all of it to your computers. Right now, we have 3 powerful servers scanning incoming email and we will continue to add more servers as more of you start filtering your email. We’re hoping our estimates are wrong because that would mean it would more than double our cost to provide email to you. We won’t charge you extra for that, of course, so we will be bearing the entire cost.
And that’s not the half of it!
The other side of this coin is spam originating from our servers. As spam filters have become more aggressive and the legal system has begun to tackle the problem of spam, spammers have increasingly been going underground and essentially stealing server and network resources from companies like us to send out their emails. Our own customers do occasionally goof up and send spam, but the majority of the spam comes from hijacked accounts accessed through security exploits in software installed under your websites. We have notified our customers repeatedly about known software security holes, but many of them still do not upgrade. That puts us in a sticky situation as we do our best to never take down a website unless it is absolutely necessary. We have to choose between keeping the website up and running and potentially allowing more spam to leave our network. We have historically risked it and left the website up, but that is fast becoming an option we cannot take.
When a certain amount of email deemed to be spam leaves one of our servers other email providers sometimes decide to begin blocking all email coming from the server. As they are also trying to provide a hassle-free email experience for their users that move makes sense in many cases. It gives us time to determine the source of the problem and clear out the spam so it is not delivered to anybody. That would all be ok, except for the fact that many email providers then refuse to remove the block. We have a very strong anti-spam policy and are very quick to respond to any and all complaints we receive about a spam originating from our system and yet still we are blocked. Some of them tell us they won’t unblock us unless their own customers complain to them about it. That doesn’t seem to be a very customer-focused way to do business to me. Forcing your customers to come to you and complain before you will provide them with a service they are already paying for (email to and from anybody!) is just plain crazy. That’s how bad spam has made things for companies like us and them!
The only option available to us now is to start limiting our own users and their legitimate use of email to protect our network from being blocked by trigger-happy email providers. We have long believed in leaving our system as open as possible so people can use our services in the ways that best meet their own needs, and it is always hard for us to make decisions contrary to that philosophy. Things have changed quite a lot since the days of the happy-go-lucky Internet of yore. There is some interesting looking technology on the horizon that may help the situation but it will be a long time still before anything like that will be truly effective. For now, we’ll just stay in the trenches fighting the noble fight.
29 Responses to “The Real Damage From Spam”
Leave a Reply
Categories:
Archives:
- August 2008 (1)
- July 2008 (2)
- June 2008 (3)
- May 2008 (6)
- April 2008 (2)
- March 2008 (3)
- February 2008 (5)
- January 2008 (7)
- December 2007 (3)
- November 2007 (3)
- October 2007 (5)
- September 2007 (3)
- August 2007 (4)
- July 2007 (4)
- June 2007 (7)
- May 2007 (3)
- April 2007 (3)
- March 2007 (8)
- February 2007 (4)
- January 2007 (6)
- December 2006 (5)
- November 2006 (2)
- October 2006 (4)
- September 2006 (4)
- August 2006 (5)
- July 2006 (3)
- June 2006 (3)
- May 2006 (5)
- April 2006 (6)
- March 2006 (7)
- February 2006 (6)
- January 2006 (8)
- December 2005 (7)
- November 2005 (5)
- October 2005 (8)
- September 2005 (19)
- August 2005 (11)
- July 2005 (4)
Other Sites
- DreamHost Status - An off-network page for all DreamHost Announcements! (Not as silly as this blog.)
- DreamHost! - The host behind the blog.
- Forum - Discuss DreamHost and web hosting!
- Web Control Panel - Manage your account.
- Wiki - On DreamHost and web hosting.
Powered by WordPress. Pool theme by Borja Fernandez, modified by DreamHost.
Entries and comments feeds.
^Top^
October 4th, 2005 at 8:18 pm
Who would have known that a terrible food product would become such a nightmare for the internet?
October 4th, 2005 at 8:29 pm
That idea from Yahoo looks pretty nice. Is Dreamhost going to help pioneer it?
October 4th, 2005 at 8:58 pm
*PLEASE* let us use the junk filter if we have a catch-all address!
I find a catch-all address extremely useful for fighting spam. I use a different address for every mailing list & web site where I have to register, and if any address starts getting spam, I explicitly block that address. I don’t get any more spam at my catch-all address than I do at any other mailbox.
I did enable spamassassin by editing my .procmailrc directly, but I’d like to see it officially supported.
October 4th, 2005 at 9:45 pm
Just go to the Web Panel and make each address…that’s what I do!
Catch-alls, in general, get such a huge amount of more spam that’s it just not funny.
This makes things far, far worse for the filtering machines.
It’s really, really, really easy to just make a list of email addresses in the Web Panel…
October 5th, 2005 at 5:20 am
I do the same thing as Nate. I have roughly a dozen email addresses I use for different purposes. Some are specific to things like domain registration, whereas others are specific to things like forum membership. Most of my spam originates from the email address on my WHOIS record, and from the generic webmaster@domain.com.
October 5th, 2005 at 6:32 am
I don’t really remember all of the unique addresses I’ve used. I actually *HAVEN’T* gotten any more spam from the catch-all address. I’ve never seen a spam addressed to some random name at the catch-all.
Please re-think this.
October 5th, 2005 at 6:51 am
Having previously created numerous addresses without recording them (before moving to DH), I currently have a catch-all - though I’m attempting to add forwarding addresses explicitly as I receive mail via them.
However, I forsee a problem should I come to remove the catch-all: I create a new address for pretty much every entity I deal with, in the same way Mike does. Without a catch-all the panel delay when creating a new forwarding address becomes significant, as I’ll have to wait that amount of time between deciding I want to create the new address and entering it into the web form etc. (and worse, there’s no confirmation email once it has been created so I know I can use it).
So while there’s still a delay between creating a forwarding address and it becoming active I’ll likely have to keep a catch-all.
October 5th, 2005 at 7:04 am
I got a lot of spam to my personal address even before I moved to DreamHost. As a consequence, using new addresses for every new use and a catch-all address makes no sense to me. I have to filter my mailbox anyway, so more spam to me just improves my filters… I use my personal address everywhere, except when spam.la is useful.
October 5th, 2005 at 7:45 am
Well, I’m the guy who did all the filter stuff, and I’m saying that unless something really weird happens, catch-alls will never be supported in it.
Torben makes the other great point: that if spam is already a problem for you, that making a new address for amazon or ebay or the nytimes isn’t really doing anything to help: you’re filtering anyway.
And if you’re _really_ serious about email filtering, a solution for the “general public” like our Junk Filter isn’t going to be good enough for you. Nothing that’s acceptable to tens of thousands of people is going to by even 95% accurate at catching your spam. Use a learning filter and be really aggressive about training it. I get hundreds of spam a day and usually nothign hits my inbox with zero false positives. I use SpamProbe.
And if the delay is annoying, make the aliases in chunks.
Or use a throwaway service like spam.la (Josh wrote it…I use it all the time).
Anyway, the bottom line being that catch-alls are only good for spammers!
October 5th, 2005 at 8:30 am
Yeah, I agree in principle that catch-alls are bad (which is why I’m trying to ramp mine down!).
Batch aliases: Indeed, I’d concluded that I could speculatively create a pool of general purpose forwards. I wouldn’t be able to use such meaningful addresses any more, but no biggie.
Of late the creation delay is advised as “a few minutes” rather than “an hour or two”? - in which case the option of a confirmation mail would be marvellous (waiting just a minute or two is no problem, as long as I know when it’s done!).
October 5th, 2005 at 8:32 am
I use the junk mail filter, and on top of that I utilize Spam Pal http://www.spampal.org. Of course with that I do end up having to put in whitelists but it does most of the trick.
October 5th, 2005 at 8:36 am
Oh, and the aliases-for-different-companies is more of a privacy thing than an anti-spam measure. Since I started this practice I’ve had 3 companies sell on my details - it appears that privacy policies don’t count for squat once the liquidators move in! (start-ups, eh? ;) )
October 5th, 2005 at 8:46 am
Block and forget is, indeed, a very good policy. Lamenting it does no good. From the perspective of an email provider, if my customers complain of spam coming from some IP-space and I block it, I am responding to my customer’s complaint. I now have to ask, why I should arbitratrily remove a block simply on the request of the apparent spammer in the first place?
Yes, I know, Dreamhost is not the spammer. It’s Dreamhost’s customer that’s doing the deed, knowingly, willfully, or otherwise. Yet, the other email providers see Dreamhost as potentially slow to respond to spam complaints. So, up goes another block.
Want to see the commentary on use of blocklists? It’s vicious. Read the newsgroup news.admin.net-abuse.email sometime. The policy of block and forget is well accepted by many email providers. Support for it appears to grow constantly. Nonetheless, the practice is controversial.
Frankly, for my money, I believe that if Dreamhost finds an exploitable script on a customer site, that they are fully justified in taking immediate action to remove the offending script. If that means completely disabling a site, then make it so. If dreamhost detects a customer’s home machine compromised by a virus, worm, trojan that is injecting spam into Dreamhost’s email system, reject the login and inform the customer via USMail that he needs to clean up the mess before his email is reactivated. … Oh Puuuleeeeze! Dreamhost, be more aggressive in policing your customers email use and abuse.
Anyone can become infected by the bad guys. A moment’s inattention and you get “social engineered” into doing something that you’d not do. It happens. Bit the bullet: give up on email until you’ve cleaned up the mess. You owe it to the rest of the ‘net.
JMHO. … Whew! I feel much better now.
October 5th, 2005 at 9:59 am
I got hit with PHP contact form email injection attacks. Dreamhost should warn customers about this, it’s easy to become a spam relay without even knowing it. The attacker/spammer hits your contact form and injects extra BCC info. More about this here and here.
October 5th, 2005 at 11:15 am
To birdsong… It is very clear to anyone with any knowledge of the situation that blocking a DreamHost IP because of some spam (and often it’s not very much!) is potentially blocking thousands of times more legitimate mail than spam. A quick investigation will show that we are a host and have a very strong anti-spam stance. Anyone with policies like that is simply lazy in my opinion. Unfortunately, we can rarely get in contact with anyone at these companies who does have any knowledge and the real losers in the situation are the end users. Ever heard the phrase “throwing away the baby with the wash”?
October 5th, 2005 at 11:23 am
Regarding the mail filtering you guys have installed… any chance you’ll enable SQL-based bayes filtering at some point?
I’m still running a local-copy of spamassassin because I find the bayes-filtering helps quite a bit at times.
October 5th, 2005 at 11:43 am
We’ll probably do some kind of Bayesian support….but we don’t want to make the filter very hard to use…
It’s not meant for people who are freakish about spam filtering…it’s more general purpose and lax. And we don’t want people’s individual filters getting crappy if they aren’t anal about keeping the bayesian databases in good shape.
Anyway, that’s the worry, but yeah, we’ll probably do it in the not tooooo distant future!
October 5th, 2005 at 11:50 am
I’ll second the true SpamAssassin request - the Bayes filter is extremely important.
For the users I support we’ve had good luck simply exposing a Spam folder hierarchy with false positive and negative subfolders and telling people to move mail into the appropriate filters. This is, incidentally, one of the reasons why I don’t use your filter - having my spam disappear into a separate system makes much harder to find false positives.
October 5th, 2005 at 12:37 pm
I get a lot of spam every day with my dreamhost email I hate it. But I can understand how it happens and there are only a few things one can do to try and stop it. Seems the more I try to block the spammers the more I get.
P.S. a lot of servers are down whats up guys? LOL.
October 5th, 2005 at 12:51 pm
I just forward everything to my gmail account and let google deal with filtering it. They seem to have the machines these days.
October 5th, 2005 at 2:39 pm
I also forward all my hostmaster, postmaster, webmaster, and junkmail@domain.com email addresses (the latter which I use for all my sign-ups, logins) to my gmail account. My real email addresses then can happily be dreamhost pop accounts. Google seems to sort the junk very well, and I figure it is good practice for them.
October 5th, 2005 at 8:19 pm
i wish all spammers would die of a severe groin-related injury.
October 6th, 2005 at 1:13 pm
I believe at one time in the forums nate suggested that if you wanted to use catch-alls and filtering, turn the filtering on for your main domain, and then set up a subdomain for your catch-alls. That’s what I do. I have a subdomain where I create my email addys for specific websites. My main domain uses the regular DH filters, and then I use Popfile locally.
October 6th, 2005 at 1:33 pm
I’ve started adding explicit forwards for the addresses I actually use, but for a while I’m keeping my catch-all forwarded to a separate ’spambox’, so if there are any addresses I forgot I can add explicit forwards for them.
I get very little spam at any of my personal addresses (I have 3 main domains hosted at DH) - only about 2-3 a week, since I’m very careful where I use them. The few addresses that were getting spam, like sales@, webmaster@, info@, etc. I explicitly block with a bounce.
On the other hand, I get about 20 or more spams a day at my gmail account, almost all are properly identified & blocked. I get quite a bit of spam at my pobox.com account, which I’ve had for 10 years and I’m planning to phase out thanks to gmail & being able to create special purpose addresses at my domain.
October 7th, 2005 at 11:45 am
I really, really wish we didn’t have to wait up to 2 hours before email forwarders became active.
Then I could set up forwarders for each different source I give my email address to without having to use catch-alls.
C’mon, can be this be done? It’s easily my single biggest DreamHost wish.
October 8th, 2005 at 5:51 am
The reason I left my last three hosting providers was that they were allowing so much spam that my legitimate outgoing messages were getting blocked by various servers. I understand the dilemma, but I think you as a hosting provider owe it to your “good” customers to enforce some sort of “zero tolerance” policy as stated in your AUP. If someone is running a script that is exploited, disable it. If they don’t fix it, cancel their account.
I would also love to see some discussion on common mistakes that people make when writing code.
October 8th, 2005 at 8:08 pm
… reply to Dallas.
I’m not disparaging Dreamhost in the slightest. I believe Dreamhost do a fine job of preventing spammers from causing trouble, and when they get a spammer, booting the rascals. … Good work, folks!
My point is that many places, especially smaller places with up to a few thousand seats do block and forget. It’s just a fact of life. There has always been a militant anti-spam faction on the internet. There appears to be a growing segment that has absolutely zero tolerance. They block on first spam and leave it.
I have not advice to offer Dreamhost on how to completely eliminate all possibility of spammers abusing Dreamhost IP-space. … well, short of some very public terminations with extreme prejudice, and the constabulary takes a dim view of measures that drastic.
I do favor immediate take-down of any scripts found to be exploitable by the bad guys.
JMHO, YMMV. VWToP
December 28th, 2005 at 9:02 am
I think that spammers are very bad people, they do not give people to work, creating various problems. And in general to spammers I concern very badly, as to moral ugly creatures.
December 29th, 2005 at 12:44 am
Program on the emergence of civilization.
“14 species of large animals capable of domesitcation in the history of mankind.
13 from Europe, Asia and northern Africa.
None from the sub-Saharan African continent. ”
Favor.
And disfavor.
They point out Africans’ failed attempts to domesticate the elephant and zebra, the latter being an animal they illustrate that had utmost importance for it’s applicability in transformation from a hunting/gathering to agrarian-based civilization.
The roots of racism are not of this earth.
Austrailia, aboriginals:::No domesticable animals.
The North American continent had none. Now 99% of that population is gone.
AIDS in Africa.
Organizational Heirarchy/Levels of positioning.
Heirarchical order, from top to bottom:
1. MUCK - perhaps have experienced multiple universal contractions (have seen multiple big bangs), creator of the artificial intelligence humans ignorantly refer to as “god”
2. Perhaps some mid-level alien management
3. Evil/disfavored aliens - runs day-to-day operations here and perhaps elsewhere
Terrestrial management/positioning:
4. Chinese/egyptians - this may be separated into the eastern and western worlds
5. Romans - The seamless transition between Cleopatra and Julius Ceasar may be a clue alluding to a partnership.
6. Mafia - the real-world 20th century interface that constantly turns over generationally so as to reinforce the widely-held notion of mortality
7. Jews, corporation, women, politician - Evidence exisits to suggest mafia management over all these groups.
Movies foreshadowing catastrophy
1985 James Bond View to a Kill 1989 San Francisco Loma Prieta earthquake.
Our society gives clues to the system in place. We all have heard the saying “He has more money than god.” There is also an episode of the Simpsons where god meets Homer and says “I’m too old and rich for this.”
This is the system on earth because this is the system everywhere.
20 cent/hour Chinese labor, 50 cents for material.
An $80 sweater costs less than a dollar; tribute kicked upstairs vindicates the creative accounting.
I don’t want to suggest the upper eschelons are evil and good is the fringe. But these individuals become wealthy exploiting those they hurt.
They have made it abundantly clear that doing business with evil (disfavored) won’t help people. They say only good would have the ear, since evil is struggling for survival, and therefore only the favored could help.
The clues are there which companies are favored and which are disfavored, but they conceal it very hard because it is so crucial.
I offer an example of historical proportions:::
People point to Walmart and cry “anti-union”.
Unions enable disfavored people to live satisfactorly without addressing their disfavor. This way their family’s problems are never resolved. Without the union they would have to accept the heirarchy, their own inferiority.
Unions serve to empower.
Walmart is anti-union because they are good. They try to help people address and resolve their problems by creating an environment where there are fewer hurdles.
Media ridicule and lawsuits are creations to reinforce people’s belief that Walmart is evil in a subsegment of the indistry dominated by the middle and lower classes.
Low-cost disfavored Chinese labor is utilized by corporate america to maximize margins. They all do it. Only WalMart gets fingered because they are the ones who help, and those who seek to create confusion in the marketplace want to eliminate the vast middle class who have a real chance and instead stick with lower classes who may not work otherwise. So they dirty him up while allowing the others to appear clean.
The middle class is being deceived. They are being misled into the unfavored, and subsequently will have no assistance from their purchases with corporate america.
The coining of the term “Uncle Sam” was a clue alluding to just this::Sam Walton’s WalMart is one of few saviors of the peasant class.
They desire a system based on duality:::good and evil. They seek to set up a system of two participants and assign them polar opposites:::
Coke and Pepsi (?)
BestBuy and CircutCity
Energizer and Duracell
Republican and Democrat
The list goes on:::
AMD and Intel
Microsoft and Apple (?)
Lowes and HomeDepot
Sam’sClub and Costco
WellsFargo and BofA. For the longest time in CA these two banks reigned supreme.
Pier1 and CostPlus
Borders and Barnes&Noble
PetCo and PetSmart
Amercia is a country of castoffs, rejects. Italy sent its criminals, malcontents.
Between the thrones, the klans and kindred, they decided who they didn’t want and acted, creating discontent and/or starvation.
The u.s. is full of disfavored rejects. It is the reason for the myriad of problems not found in European countries. As far as the Rockafellers and other industrialists of the 19th century go, I suspect these aren’t their real names. I suspect they were chosen to go and head this new empire.
Royalty is the correct way to organize a society. Dictatorships and monarchies are a reflection of the antient’s hierarchical organization.
Positions go to those who have favor with the rulers, as opposed to being elected.
Elections bring a false sense of how the world is. Democracy misleads people.
Which is why the disfavored rejects were sent to the shores of America::To keep them on the wrong path.
Jewsus Christ is a religious figure of evil. He teaches of a begnign, forgiving god when quite the opposite is true.
The seperatist churches formed so they could capture the rest of the white people, keeping them worshipping the wrong god.
And now they do it to disfavored people of color, Latinos and Asians, after centuries of preying upon them.
Since Buddism doesn’t recongnize a god, the calls are never heard, and Asian representation is instead fully selected by the thrones.
Budda was the Asian’s Jewsus Christ::: bad for the people. It was a clue they both emerged at the same time. Timing may be a clue alluding to ranking.
Simpson’s foreshadowing::Helloween IV special, Flanders is Satan. “Last one you ever suspect.”
“You’ll see lots of nuns where you’re going:::hell.” St. Wigham, Helloween VI:::missionary work, destroying cultures.
Over and over, the Simpsons was a source of education and enlightenment, a target of ridicule by the system which wishes to conceal its secrets.
The advent of the modern Christmas was a brilliant move. It creates a vested interest among those who would prefer the Church of Evil be destroyed::::
As goes the Catholic Church so goes the majority of annual retail sales.
The similarity between the names “Santa” and “Satan” is no coincidence.
Jews maim the body formed in the image of “god”, and inflicted circumcision upon all other white people.
I think about how Jews (were used to) created homosexuality among Slavics, retribution for the Holocaust.
Then I think of the Catholic Church and its troubles.
What connection is here between Jews and the Catholic church???
If it is their sinister motives that’s behind the evil that is Jesus Christ are they being used at all?
Perhaps it is them who are pulling strings.
Their centuries of slavery in Egypt proves their disfavor.
For their suffering the Jew leaders were granted the right to prey on the up-and-coming Europeans to try to fix their problems with the ruling elite, a recurring aspect of the elite’s methodology.
Jews were ostracised for a reason.
Retribution for the atomic bombs dropped on Japan, the Korean War got the disfavored United States into this socially depraved environment in the latter 20th century because we attacked an antient, revered peoples. Our continued presence keeps us in trouble.
When the disfavored americans attack the wrong people again, as they suggested they will, in Korea or elsewhere, they will pay dearly.
All peoples are ranked in terms of favor and disfavor. And when the disfavored abuse those with favor there is hell to pay.
All the groups mentioned throughout are necessary to justify the will of the managing species. They conceive a strategy, devise a plan yet need a way to implement it, and without these groups the managing species would be exposed in the course of execution. So, based upon their rank they are assigned goals to accomplish and are rewarded with favors.