U.S. is World Leader in Spam 398
adept256 writes "Sophos outs 'dirty dozen' spam producing countries. And the USA is in the lead by a country mile. 'The United States is far and away the worst offender, accounting for nearly 60 percent of the world's spam. Even though European countries are responsible for less spam, they are still generating millions of junk emails a day,' said Graham Cluley, senior technology consultant at Sophos."
Nigeria? (Score:4, Insightful)
While they're at it... (Score:5, Insightful)
That way, Sophos themselves might produce a little less spam...
Gee! yah think? (Score:0, Insightful)
Its no supprise. (Score:5, Insightful)
No.1 sender and hardest to block (Score:3, Insightful)
However so many European companies use the
I wish that the USA had a TLD that was only used there - it would make things so much easier...
When was this sample taken? (Score:5, Insightful)
I also wonder if there is any way to bring the issue of unprotected computers to the public. Perhaps negligence penalties of some sort? I don't want to punish the wrong people, but it would be a lot harder to hack into all of these systems if they were administered properly.
Spam from US servers (Score:4, Insightful)
I would have sworn it was CN, TW, KR and similar (Score:3, Insightful)
I guess, with the 'spam mafia' installing these zombies on Grandma's computer, the countries with the largest population of lusers online will be the larger sources of spam.
How about normalizing that data? (Score:5, Insightful)
Without having some idea of what fraction of a country's email traffic is spam, these numbers just tell you which countries have a bigger internet presence, and absolutely nothing more.
higher bandwidth = more spam (Score:0, Insightful)
Re:So much for the AXIS OF EVIL... (Score:5, Insightful)
The report isn't really valid (Score:5, Insightful)
And then there's the thing they themselves point out; their methods of determining origin only go so far, hijacked machines / email routers configured to "wash" the headers of relayed stuff also go a long way to making the numbers invalid.
I still say the ultimate revenge is to paper-spam the big spammers. Sign them up for hundreds of thousands of magazines and all the rest.
The coup de grace would be then to package and mail a spammer the contents of my cats' litterbox the day after feeding them beef 'n' bean leftovers.
So... (Score:5, Insightful)
This isn't a troll (despite sounding like one).
I'm very upset that my mail server, a very well maintained with a plethora of spam and virus filters, is blocked by asshat american sysadmins "just because we're spammers".
Re:Who Is Surprised By This? (Score:5, Insightful)
Dream on sunshine. Ever heard of the Roman Empire? Greeks? British? Germans? Even the French were more powerful in their day. You have some of North America, a little in the Middle East, and not a lot more. The greatest spammer in the history of mankind is not really an accolade to stand in the history books. In time, people will look back and say 'So they were number 1 in a well contended field for a short time... so what?'. You got a way to go yet sunshine. Don't think that one half-assed victory in the middle will make the emperors of old start saying 'Fuck me, wish we'd had that 'e-mail spam' thing to go along with our might legions'.
Damn I just realised I got trolled properly there.
An idea for curbing spam? (Score:5, Insightful)
Assuming we ever have laws in place which state that genuine opt-in lists are the only valid way to advertise products then we still cannot sue the spammers who send junk to harvested addresses because of the problems involved with tracing them.
Tracing spammers is difficult/sometimes impossible because any computer on the internet can runs its own SMTP server to send mail to anywhere on the net. 10 years ago when the net was more innocent and less commercially corrup, this was fine, but nowadays this is just too powerful.
The problem is, if some clueless person (which probably accounts for 80% of net users) has their machine compromised by a virus or trojan than their computers are used to send out the spam, and as there are no log files the spammers are virutally impossible to trace.
Now imagine if the only way to send spam was via an approved mail server. For most of us this will be our ISPs, for the rest we will simply subscribe to one of the many official trusted ones.
Now the problem of reporting spam is a lot easier - complaints will be dealt with by the trusted mail servers who keep detailed logs of which customers have logged in to send mail, what IP address they used and at what time.
It doesn't matter if the customer deliberately sent out the spam or if they had been compromised by a trojan - the trusted mail servers can deny their customers the right to send more email until they have had an assurance from their customers that the problem has been fixed.
I'm not saying this is going to end spam altogether, but it should go a long way to curbing it.
What about all the spam which originates from, say, Nigeria or Amsterdam? Simple - unless the trusted mail server takes active steps to eradicating the spam they will no longer be trusted.
Re:Much from compromised computers (Score:5, Insightful)
what % of non-spam internet traffic is in the US? (Score:3, Insightful)
let's assume the article is correct and 60% of the world's spam is US-based. in and of itself this is meaningless. if > 60% of the net's total content originated in the US, that would make the US better than average for its spam production.
My experience: China and Korea are the worst (Score:3, Insightful)
If anyone knows a contact at chinanet.net where you can actually reach an administrator (or, better yet, one that speaks English), that would be a very useful thing to have...
Re:No.1 sender and hardest to block (Score:2, Insightful)
These kind of actions render the concept of email completely useless.
You would want to allow email from other US based servers , but block emails from the rest of the world ?
Re:How about normalizing that data? (Score:2, Insightful)
However, a quick look at the numbers shows your bet is probably a bit off:
http://www.clickz.com/stats/big_picture/geograp
e.g. Compare the UK and USA, 34.3 million net users vs 182.13 million. That's a ratio of roughly 6 to 1. Spam production is about 56 to 1 taking the article data at face value. Making the (reasonable?) assumption that email volume is roughly in line with the number of net users in a country, then the numbers are telling.
The question is how much the USA spam stats should be adjusted for others hijaking US computers and other factors...
Either way, the USA probably still comes out way ahead.
Huh? (Score:3, Insightful)
Wait, so all of us are responsible for the actions of these spammers? The "United States" itself doesn't spam, spammers do. Perhaps it should have been:
60 percent of the world's spam comes from spammers in the Unitied States.
I believe the guilt would lay correctly with the spammers in this phrasing.
Wrong (Score:5, Insightful)
Read the response by the second guy to respond to me. Both legitimate and illegitimate email are going to track with the number of total servers (scaled by how many are unprotected) and number of internet-connected citizens (scaled by how many are internet-connected) among other variables he mentioned.
I mean, actually think about what you're saying. You would congratulate Antarctica for generating 0 spam. If you want to look at this without considering "ham" emails, look at the spam difference - (spam sent = spam received). I would argue that even this difference should be fractioned by how many total emails are sent received which really is a decent measure of internet presence, but even without it, you at least separate net spam "donors" from "recipients"
Honestly, if you don't normalize variables in comparing large sample sets with small, you absolutely cannot compare raw numbers. I could recommend statistical reference texts if you like.
Re:Poor research... (Score:2, Insightful)
Close the open relays and de-trojan the zombie machines and the spam problem pretty much goes away.
Re:Wrong (Score:3, Insightful)
Those two variables will correlate highly, and it's easier to count emails than servers.
A NEW UNCOVER SECRETS ABOUT ANYONES!! teheknfd (Score:5, Insightful)
I agree. Just looking at the horribly butchered English that is in 95% of the spam that I get tells me that it not written by someone who's first language is English.
Re:higher bandwidth = more spam (Score:1, Insightful)
Take Sweden, for example. 10mb connections are standard in many, many houses across Sweden. As for Singapore's national network (ethernet speeds across the whole country), I guess they don't count either.
America isn't the biggest player in many things these days, just in egos, it seems.
Re:No.1 sender and hardest to block (Score:3, Insightful)
What about English speakers living in those countries who might want to contact you in English? Right now, they email you and get a snarky reply saying you don't understand Spanish. Great, but they actually wrote in English. Your patronising assumption that everyone else is as monolingual as you is doing nobody any favours.
Population Adjusted Values: (Score:5, Insightful)
That said, hopefully this study (not my little humor below, the sophos study) begin to, ever so slightly, shut up those people who claim that spam laws are useless because they will just drive spammers from one locale to the next. while this is true at the margins, the fact is that spam, like all business, is foremost local.
Virusses (Score:2, Insightful)
I would like to know how much spam is coming from Windows users...:P
Re:So much for the AXIS OF EVIL... (Score:5, Insightful)
RTFC, 60% of spam comes from the US, but there are more computers outside the US than inside, that means that the claim that the US is only so high because it has so many computers is provably wrong.
Anonymous Proxies (Score:3, Insightful)
I personally find the web variety very useful to browse Slashdot, since Slashdot banned a large IP range in which I belong, due to some a-hole using scripts targetting this site.
I equate Anonymous Cowards with Anonymous proxies in that they enable trolls, offtopics and first-posters.
I find irony in that for all the anti-spam stance promoted by the slashdot editors and slashdotters in general, this site cant seem to find an uber-geek technical solution to thread-spamming here.
Does anyone know what metric? (Score:5, Insightful)
Does anyone know what metric was used to determine these rankings? Was it "country where the first SMTP transfer originated"? Was it "office address of the dude typing in the text of the spam"?
I hate it when dudes publish 'findings' and don't explain how they got them. So much for the scientific method and reproducibility -- they could have made the whole thing up!
[**NOTE** I am not saying they did make the numbers up, but as a matter of journalistic and scientific integrity, when you publish the results and don't publish the method used to determine those results, your cannot be evaluated as anything other than opinion. We're after facts, here, people, not truth.
Re:Its no supprise. (Score:5, Insightful)
I was born and raised in the U.S., but some of the scams I see just sicken me and the lengths people will go to to make a quick buck. Some people will even take advantage of their friends and family! Who needs enemies when your own brother or sister is trying to guilt you into their latest multi-level marketing endeavor.
ISPs, please block egress port 25! (Score:5, Insightful)
I think it is time that ISPs block, by default, all outbound port 25 traffic. Customers can either:
The problem with those statistics (Score:2, Insightful)
additionally, they do not try to find out where the spammers are but only where the messages originate from. as they say, 30% of spam comming from compromised machines is attributed to the location of said machines, not to the spammer's location.
Re:Why am I not surprised (Score:3, Insightful)
That was hopeful news, but I haven't seen a big drop in 419 scam mails. I am still getting one or two each day...
I started notifying the providers that their reply email accounts are with. The sooner those are shutdown, the less opportunity for their victims to get through a reaction.
If anyone has another suggestion to make life difficult for them I'd like to hear it!
Re:The report isn't really valid (Score:5, Insightful)
And how do you suppose is this *not* spam of US origin?
While the author of the email might not be American, the domain and the sysadmin certainly are.
If someone is using Hotmail or Yahoo to whap out zillions of spams, I see that of evidence of an incompetent systems administration in exactly the same way that I'd see someone failing to secure their mail relays in China, and as such, I'd expect that domain to be held accountable for it.
Re:Simple Solution (Score:3, Insightful)
This is a bit too restrictive though - remember, we don't want to penalise ordinary internet users, most days I might only send 10 but some days I could quite happily send more than 50... why shouldnt I be allowed to send more? What if one of my emails was urgent and I wasn't allowed to send?
I also don't like the idea of reviewing people's email traffic (time-consuming for the ISP and a clear violation of privacy), and cutting someone's email off for 24 hours for sending a virus sounds like a Police State. What if I'm emailing a new virus to Sophos to analyse?
Far better we keep the net free as far as possible...
ISP's blocking insecure system on their network? (Score:2, Insightful)
Re:So much for the AXIS OF EVIL... (Score:3, Insightful)
Re:Statistics, my dear Watson. (Score:3, Insightful)
I just have a problem with spouting information when the sample was only over a period of two days. It reminds me of what some of the people that I work with call facts, when in fact they miss the big picture by a mile because they were too lazy to collect a large aggregate of data over a lengthy time period.
Re:I HAVE THE ANSWER! (Score:2, Insightful)
Re:BZZZT! Wrong! (Score:4, Insightful)
Could you please learn basic economic terminology before posting? The national debt is the money owed by the US treasury to holders of US bonds, some of whom are foreign and many of whom are not.
Now, please to close mouth and open books. Thank you
A Workable Solution to SPAM (Score:3, Insightful)
Most SPAM is trying to sell us something. Why not go after the business itself using local and state laws and IRS audits.? If the local fire department finds a coffee pot on a frayed extension cord, shut the building down for a month. That sort of thing. At the end of the month, let the IRS step in with a detailed audit, then the state labor practices agency for worker safety issues. Give those bureaucrats some raw meat to chew on and maybe they'll leave the rest of us alone.
Word will soon go out that spamming makes life very unpleasant.
Re:So much for the AXIS OF EVIL... (Score:3, Insightful)
Why has this degenerated in to an excuse fest?
Re:Only temporary (Score:3, Insightful)
Which is why SPEWS increases the listing to encompass nearby IPs once the ISP has shows they are willing to tolerate spam. If an ISP is spam-friendly, then any email from their network has an increased probablity of being spam. SPEWS is essentially a quarantine of spam-infected areas of the 'Net.
Stop with the hysterical overreaction and namecalling. No damage is being done to anyone. If you choose to do business with a spam friendly ISP, some of your emails might get rejected. If you choose to live in a crack house, the pizza joint might choose not to deliver to you, too.
To use your mosquito analogy, if those mosquitos were infected with the Ebola virus, it would be a good idea to fumigate not only that village, but the neighboring ones too, just to be on the safe side. That's what SPEWS is; a quarantine.
One of the greatest problems with spam is not the spammer himself, but the spam-friendly networks that are happy to take spammers' money and refuse to kick them off their servers. SPEWS attacks the spam problem at the ISP level, not the individual IP level. It is as much a boycott of those businesses as it is a DNSBL.
No one is forcing you to use SPEWS. If you don't like it, don't use it. In my experience, it helps stem the flood of spam I get, and has no downside, so I'm going to keep using it.
Re:ISPs, please block egress port 25! (Score:1, Insightful)
Yeah, cuz we all know how well blocking outbound port 80 traffic is working out. In fact, why not block all outbound traffic and only allow inbound traffic, it would simplify the web greatly. The ISPs could just stream content to us, interspersed with advertisements to help subsidize the cost. If you have not noticed yet I'm being just a little bit sarcastic.
I have a counter proposal. How about we just make it illegal to forward spam and make clueless users responsible for their own bloody machines? Then, when they are tired of paying fines they can either reconfigure thier computer, or sue the manufacturer for default settings are hopelessly broken. How does that sound?
Re:ISPs, please block egress port 25! (Score:1, Insightful)
However, what idiotic posts like the above don't realize is that the Internet is not made up of home PCs that consume and uberservers that provide. This would be the 'TV consumption' mindset that people seem to apply. The Internet is a lot more diverse than that.
Sure, you pretend to address it by making vague mention of 'IT departments' but who's IT department are we talking about? Backbone providers, bandwidth resellers, large data/hosting centers, large corporations, small corporations? How does the idea of 'block everything port 25' apply to every single one of these situations positively?
As soon as you start making any exceptions to your little 'block everything' rule, everything falls apart with the first open relay or the first NAT that shares an IP with an unrestricted STMP server. I mean, really. The problem is so diverse that even though the 'block everything' idea solves the problem, it's just throwing the baby out with the bathwater.
Useless Statistic (Score:3, Insightful)