LISTSERV - UTCSTAFF Archives

UTCSTAFF Archives

June 2003

UTCSTAFF@RAVEN.UTC.EDU

	LISTSERV Archives
	UTCSTAFF Home
	UTCSTAFF June 2003

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Spam
From:	Jeff Kell <[log in to unmask]>
Reply To:	Jeff Kell <[log in to unmask]>
Date:	Mon, 9 Jun 2003 12:43:03 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (44 lines)

Gregory O'Dea wrote:
> Mike and All:
> Yes, certainly. Since the switch to Onenet, I'd say my receipt of spam has
> increased 200-300 percent, if not more. I often get four or five offers a
> day for the same exact product (and the spam catalog is not slight, filled
> as it is with fat reducers and finance expanders, skin softeners and
> herbal...um...rigidifiers - you name it). I don't know for sure that the
> move to onenet is responsible, but it might be worth some investigation.

The reason for the increase in SPAM is two-fold:

* Spammers are getting smarter.  Most new viruses come complete with an
   "open proxy" kit that turns the victimized machine into a spamming
   slave.  Traceback of the spam after-the-fact points to the victimized
   machine.  We have had at least two machines on campus abused in that
   very way.

* The number of proxies is astounding.  Previous spam filters in use at
   UTC amounted to ~14000 lines to cover the spam sources.  The number of
   open proxies is estimated to be ~240000, growing, and on-the-move.
   The spammers divide their payload among a few thousand proxies and can
   stay "below the radar" for a time before being detected.

Prior to the OneNet problems of last week, we began testing a proxy
"blacklist" approach that was unavailable before OneNet.  Initially it
was a success, but with the recent problems with OneNet mail we have had
to delay further testing until the baseline system is working well.
I think it was the sudden withdrawal of the recent spam controls that
made things look much worse all of a sudden.  But then again, pick up
any news article or press clipping about spam and you will hear the same
story -- spam is getting worse -- period.

If you can bear with us over the next few days we fully intend to
reactivate the newer spam filtering available in OneNet mail.
Meanwhile, the traditional filters are still amazingly effective, even
if it doesn't look that way.  We turn away tens of thousands of delivery
attempts a day that you DON'T see.

OneNet has been around since March.  It was not the cause of the
increase, but it can provide assistance in preventing spam (as soon as
that testing can begin again).

Jeff

ATOM RSS1 RSS2

RAVEN.UTC.EDU