Security

Spamming on the rise reports security firms


Spam on the riseHere's a despicable statistic, 66 to 88% of all e-mail is spam, and attachments-based spam is on the rise. Security firms have the figures for the various measures of spam floating around.

This ItWeb article talks about Greeting Card-based spam along with Symantec's statistics regarding image and attachment-based spam. These mails contain a link to a downloader program that installs a Trojan on the system. This article at USA Today further details the types of spam that are rampant today.

While spammers seek more intricate techniques to fox spam filters, this PC World article quotes David Salbego, UNIX and operations manager of computing and information systems with Argonne National Laboratory, a division of the Department of Energy (DOE) operated out of the University of Chicago. "Ultimately, filtering spam at the content level will become less and less effective. A better way to control spam, in my opinion, is by considering the source of the message -- the IP address of the mail server attempting to deliver the message."

Newer and better techniques are indeed a necessity at these times when Social Networking and other collaborating media are making information mining all that easier for the dedicated hacker. There are many effective spam filters, but perfection in this area has been a far call so far. What is your experience with the various spam filters?

7 comments
AndyTRowe
AndyTRowe

We use a spam appliance called Deep Six. (www.deepsixtech.com) It's a funny little linux device dedicated to blocking based on Realtime BLs. We've had some pretty good success with it. It blocks about 70% of ALL incoming mail connections before it even hits our servers. Better yet, I haven't had a single complaint of ever blocking anyone that should have gotten through. It's not a perfect solution as all the home-based Zombie spambots still get through until they are added to the black lists but it does a pretty good job while being very fast and placing no drain on your other servers to do filtering and wasting clock cycles. We've been running it for about for about 8 months and I've probably touched it twice since the initial config just to check in on it. It just keeps ticking. It would probably be best paired with a good content filter or other solution, but it's a good door greeter. They have a yahoo group with lots of good information at groups.yahoo.com/group/deep6tech

mthomas
mthomas

We use a Barracuda model 300 spam filtering appliance. Since it's installation 2 years ago, it has effectively filtered (blocked)more than 20 million spam messages from our domain. We have less than 500 email addresses in our organization, and the total volume of email entering the appliance daily is approximately 70,000 - 80,000. Of those, less than 5,000 are legitimate email messages. The remainder are spam. There is very little administration of this machine, and it provides short term archiving for incoming email. It has paid for itself many times over since it's purchase and installation. I'd recommend it highly.

mford66215
mford66215

Using IP address of sender? RDNSBL lists have been around for a long time. Long enough that all the major anti-spam packages and core mail systems can use it. The issue is determining which list is the most effective. I'm a spamhaus.org fan. What do you use?

nfritsch
nfritsch

We also use Deep Six as our SPAM solution. It works great for us and as mentioned, puts no strain on the e-mail server. Also, there's no quarantine so we don't have to weed through thousands upon thousands of emails a day trying to determine what is SPAM and what isn't. The only problem we've run into is problems with blocking clients who are using GoDaddy as their domain provider. GoDaddy outgoing mail servers show up on many black lists and therefore, clients who use them are being blocked by our Deep Six boxes. Any Deep Six users out there who have had similar problems with GoDaddy? Other than that, Deep Six works great.

chiefywiggum
chiefywiggum

i've been using barracuda for the last year or so, it does a decent job - probably blocks or quarantines 95 percent of spam. it does require some time each day to search for legitimate mails getting flagged as spam but i'm sure users would say it's worth the effort

pr.arun
pr.arun

How has been your experience with other spam filters ?

bzimmerman
bzimmerman

Since adding SQLgrey to the standard set of Linux tools, we are filtering close to 99% of the spam and one in ten million ham, a very satisfactory result.