Email servers strain under doubled spam load
Email servers strain under doubled spam load:
If you have noticed a big increase in spam lately, you're not alone. My mail server is getting hammered by spammers, and half of Ihug's customers experienced a day-long delay in receiving email.
Much of the spam comes as images - that is, spammers make pictures, with the "sales pitch" text in them. Just about all the image spam I've seen is for illegal pump-n-dump penny stock scams, and they're getting through the spam filters.
I just got a press release from Secure Computing, which included the below chart that says image spam volumes have doubled lately:
This is vendor supplied information, and should be treated with as such, but everything I've seen so far points to Secure Computing being right. Other sources such as McAfee reckon image spam makes up for around forty per cent of the total spam volume now.
Stopping this kind of spam is difficult, especially since some images are rendered dynamically according the text in them and thus vary in size. I've found some useful rules for Spam Assassin at Wonko.com but have yet to install FuzzyOCR, an optical character recognition plug in for SA. Having to use resource intensive OCR doesn't seem like the right way to go. I'm going to see if I can make use of pf's ability to fingerprint connections from specific operating systems, and firewall off say Windows desktop ones.
Have also heard that "greylisting", which temporarily defers reception of email, is effective here.
Image spam takes up more bandwidth than text-based stuff, which in turn may be one reason the Internet seems to be in go-slow mode at the moment. Haven't had any confirmation about this yet though, so pure speculation on my part.
Where does the spam come from then? Well, it could be your Windows box, compromised using for instance the recent SpamThru trojan horse. The recent spam-flood has been accompanied by many more trojans being emailed out to users as well, I note. Clearly, the spammers are seeking more recruits to their bot armies.
If you have noticed a big increase in spam lately, you're not alone. My mail server is getting hammered by spammers, and half of Ihug's customers experienced a day-long delay in receiving email.
Much of the spam comes as images - that is, spammers make pictures, with the "sales pitch" text in them. Just about all the image spam I've seen is for illegal pump-n-dump penny stock scams, and they're getting through the spam filters.
I just got a press release from Secure Computing, which included the below chart that says image spam volumes have doubled lately:
This is vendor supplied information, and should be treated with as such, but everything I've seen so far points to Secure Computing being right. Other sources such as McAfee reckon image spam makes up for around forty per cent of the total spam volume now.
Stopping this kind of spam is difficult, especially since some images are rendered dynamically according the text in them and thus vary in size. I've found some useful rules for Spam Assassin at Wonko.com but have yet to install FuzzyOCR, an optical character recognition plug in for SA. Having to use resource intensive OCR doesn't seem like the right way to go. I'm going to see if I can make use of pf's ability to fingerprint connections from specific operating systems, and firewall off say Windows desktop ones.
Have also heard that "greylisting", which temporarily defers reception of email, is effective here.
Image spam takes up more bandwidth than text-based stuff, which in turn may be one reason the Internet seems to be in go-slow mode at the moment. Haven't had any confirmation about this yet though, so pure speculation on my part.
Where does the spam come from then? Well, it could be your Windows box, compromised using for instance the recent SpamThru trojan horse. The recent spam-flood has been accompanied by many more trojans being emailed out to users as well, I note. Clearly, the spammers are seeking more recruits to their bot armies.
0 Comments:
Post a Comment
<< Home