You are hereBlogs / Jay Small's blog / New wave of stock spam extra annoying
New wave of stock spam extra annoying
More than two years ago now, I changed personal e-mail addresses and gradually retired an old one that was simply collapsing under the weight of spam. Some of you may remember I even tracked spam coming to that address for a while, much like a market index.
Then I tired of it, and changed the address. After about a year, I finally felt safe to send all messages bound for the old address into the ether without scanning them.
It was sooooooo lovely to have a pristine, spam-free Inbox.
While it lasted.
Somewhere along the way, my new address either got picked up in an address book harvest or I stupidly used it to register for something -- anything -- instead of one of the working but disposable addresses I typically create for that purpose. Now I'm back to as many as 100 e-mail spam messages in one box or another.
Worse, I know many of you are seeing these same kinds of messages: more insidious than ever, usually with a payload of text typeset in an image, promoting junk stocks. The text in the body of one of these messages is randomly blended phrases containing perfectly innocuous words. It seems to fool even well-trained Bayesian spam filters, such as the one in my Mac Mail client and my wife's Thunderbird.
I recently installed a demo version of SpamSieve, and it helps a lot. But it's Mac-only and client-only, less helpful to my Windows-bound bride.
I'm already running SpamAssassin on my Web server, and would prefer to deal with this new wave of spam at the server level. I'll throw up my hands and admit I'm no expert in configuring SpamAssassin filters or weights. Anyone out there have luck with a set of SA rules that catches this new ugliness and keeps it out of Inboxes? I'd be grateful for any advice.
Update 10:10 a.m. 11/27/06: Now experts say the recent surge means as many as nine of every 10 e-mail messages are spam. As for my own SpamAssassin configuration, I've simply spent the last several days since this post shoving hundreds of new example messages into its Bayes detection database (using the sa-learn command), and it's getting much better at spotting the new wave.
Update 12:45 p.m. ET 12/4/06: More SpamAssassin advice, since I've noticed I'm getting a lot of search referrer traffic on this post from queries such as "spamassassin stock spam": If you have the ability and know-how to control your SpamAssassin configuration and install rules, try the recently updated rule set for stock pump-and-dump spam from the SpamAssassin Rules Emporium (aka SARE). I installed it a few days back and it is definitely helping.
Update 9:30 a.m. ET 12/6/06: NYTimes.com (reg. reqd.) today sports a broad overview of the new spam problem. Prospects for meaningful solutions do not sound promising -- even the big guns of antispam technology seem to be shrugging at the latest wave.
From my minuscule corner of this discussion: I thought I had a good set of measures in place against the new image-based stock spam, only to see in the last 24 hours a new wave of text-only spam spouting offers to resolve credit card debt. I'm trying to train SpamAssassin Bayes tools to spot these, but apparently I have not provided enough examples of the genre. So far the tools are scoring them too low.
E-mail as a communications method is in serious trouble, folks.
Both blogs
After years of dealing with SPAM and constantly changing my email address, I finally found a solution that has almost totally removed SPAM from my life. The solution I settled on involves creating disposable email addresses. In essence, it means giving a completely unique email address to each non-trusted source. So, for instance, for Amazon.com I would use amazon.com@mydomainname.com and for eBay.com I would use ebay.com@mydomainname.com. Once I start getting junk to a certain email address, I simply block it and viola, no more junk. In addition, since I use a separate email address for both parties, I know who sold my address. Surprisingly, Quicken was one of my biggest offenders.
There are several ways to set this up. If you own your own domain, you usually have the option of creating unlimited email forwarders. With some hosting companies this is a manual process, but some allow you to accept all incoming email and then block them individual addresses as you start getting spam. If you are the type of person that is constantly registering for new services online, the latter may be a better option.
If you don’t own your own domain name, you still have options. For $19.99 per year, you can sign up for a service like Yahoo Mail Plus (http://mailplus.mail.yahoo.com/), which allows you to create unlimited disposable email address (http://antispam.yahoo.com/tools?tool=3). All of your email can then be read online, or pulled into your current email application using POP. More options are available on Wikipedia’s disposable mail address page on (http://en.wikipedia.org/wiki/Disposable_e-mail_address).
However, with all these precautions, you still have to deal with your aunt forwarding your real email address to 200 people with her “Send this to everyone and Bill Gates will give you a free computer� weekly emails. ;-)
SMTP Delaying is the current hammer for the spam nail:
http://www.asspsmtp.org/wiki/Delaying
Most pwn3d Windows spam-relay machines do not have a robust smtp client. So if your smtp server responds with "Hey, I don't know you. Please send your message again in 30 minutes, and I'll let it through," only clients with a queueing mechanism will send their message later.
I'm sure that they'll catch on eventually. But for now, my signal-to-noise ratio is at an all time high.
Already have a gmail account, thanks! And you're right, it's good at filtering common spam (Yahoo's not bad, either).
But I still need to improve the spam management on my smallinitiatives.com and other personal accounts, for me and others in my family.
Gmail.
I leave my Gmail address littered all over the Inernet. I'm not shy about it. I'm not worried about it. I hardly ever see spam ... unless I look in my spam filter box.
I can send you an invite, if you like.
Excellent suggestions for keeping new addresses below radar, Paul.
I wish we could find ways to help people who have established addresses -- ones they want to keep, like my primary address for Small Initiatives e-mail -- already exposed to spammers.
I threw out my last primary address and attempted to keep the new one pristine, but it's almost impossible if you use an address often enough, even with people you know. That's your "aunt forwarding your address" scenario. Or even one where your aunt is innocent: worms copying address books from infected computers with their owners unaware.
A lot of e-mail client programs have settings where you automatically add to your address book any e-mail address to which you have written or replied. The combination of address-book-stealing worms and botnets that create thousands of new "innocent" sender machines may make spam an insurmountable problem Real Soon Now.