MailStripper - Spam Filter for Linux, FreeBSD and Solaris

News: Spam levels hit record high

According to an article in eSecurityPlanet, a new record has been set in the world of email: 82% of all email in the U.S. is spam.

Throughout last year, the volume of spam has been on a steady increase, going from every other email in the mid-2003 being spam, to nearly two-thirds of all mail in January of this year being spam. Unexpectedly, in February and March this year the volume of spam dropped sharply to 59% and 52.8% to the relief of mail server administrators the world over.

This was too good to last.

In April, the volume of spam bounced back up and overtook the level in January to 67.6%, and 82% in the USA - outdoing even the worst predictions of most analysts, who predicted that the US 80% barrier would be breached later this year.

With rates this high the obvious question now is how will this affect people's usage of email. So far the signs are that it has not affected current levels of usage, but users themselves are already asking themselves whether it is worth continuing using email, with their important messages getting caught up amongst the sea of junk in their inboxes.

Last year saw a shift in spammers' tactics. By teaming up with virus writers they have created a dangerous combination. By preying on users with inadequate virus protection and those not keeping their machines up to date with system patches, they are creating an army of compromised machines which can be remotely controlled, able to send out more viruses, distributed denial of service attacks and inordinate quantities of spam. This technique also hides the spammers' identities as the message headers upon arrival only point back as far as the compromised machine, making tracking down the actual spammer nigh on impossible.

"You can all do your part to keep the spam down", says Michael McConnell, developer of MailStripper for the UK-based Eridani Star System. "If you run a mail server make sure it cannot be used as an open relay from the outside world", he adds. There are numerous free tools available on the Internet to help with this, the best known and fairly thorough one is the relay test at mail-abuse.org. Michael adds, "Ensure that if your web server has any CGI scripts capable of sending mail, such as FormMail, that they are locked down so cannot be called from outside web pages and are limited to whom they can send mail."

It's not just server owners who can help. Michael goes on to say "Owners of client machines connected to the Internet also have a part to play. Make sure you keep up to date with software patches for your operating system, run an anti-virus package and keep the signatures current at least once a day, and if you are online less often, update every time you go on line and especially before you download your email. I don't believe that last point has been emphasised enough. I've seen machines where signatures are more or less current but the mailbox is teeming with nasties and the owner wonders how they got past the virus scanner. Running a personal firewall on your machine is also highly recommended, as this will stop crackers* from trying to break into your machine and viruses that work in a similar way to the old SQL Slammer worm and the more recent Sasser worm, neither of which use e-mail to spread."

1995 this is not. The days of the internet free-for-all are long gone.


* Crackers? Yes, the media always gets this one wrong. See the proper definitions of hacker and cracker at ESR's Jargon Dictionary.