Farelf Posted November 25, 2008 Share Posted November 25, 2008 Ð…pam stats may be showing the beginnings of the restoration to previous levels. If that proves too protracted, if there are those who miss their daily spam, here is The Verge of Meaning: A Small Anthology of spam Poetry No, no, don't thank me. Link to comment Share on other sites More sharing options...
Geek Posted November 25, 2008 Share Posted November 25, 2008 Who'dda thought spam would spawn a legit industry - spam poetry Link to comment Share on other sites More sharing options...
Farelf Posted November 25, 2008 Share Posted November 25, 2008 Who'dda thought spam would spawn a legit industry - spam poetry I'm reasonably certain spammers themselves would be recyclable, the only real question to my mind being the amount of processing required. Composting would be the most energy-efficient but the little devils keep climbing out of the bin. {sigh} Plan B ... shredding first, check the decibel levels, etc., etc. Sure enough, I too seem to be back to 'normal' spam levels. The Chinese-registered, botnet-hosted redirectors are resolving just fine now though. Link to comment Share on other sites More sharing options...
Lking Posted November 26, 2008 Author Share Posted November 26, 2008 The zombies are coming back! Washington Post artical FireEye report on how they got control of the botnet again. Link to comment Share on other sites More sharing options...
rconner Posted November 26, 2008 Share Posted November 26, 2008 The zombies are coming back! The SpamCop monthly graph seems to bear this out -- week 47 rate has gone up by about 50% over the very quiet week 46. I couldn't say what the impact is in my own case, I let my ISP filter most of mine out before it goes to SpamCop or my computer. -- rick Link to comment Share on other sites More sharing options...
Lking Posted November 27, 2008 Author Share Posted November 27, 2008 I must be on some weird lists. My overnight spam load has doubled 100-200 vs 50-100 for the last two weeks, with about 1/2 the increase in cyrillic. The lull lasted longer than I would have guessed. Link to comment Share on other sites More sharing options...
Geek Posted November 27, 2008 Share Posted November 27, 2008 Yup! I had an increase yesterday and today a HUGE jump in spam. You'd think ICANN would not allow automated, bulk domain registrations for just for this reason. Link to comment Share on other sites More sharing options...
Farelf Posted November 28, 2008 Share Posted November 28, 2008 ...You'd think ICANN would not allow automated, bulk domain registrations for just for this reason.Definitely reason to feel more sanguinary than sanguine about the whole thing. But then M$'s live.com is being used for the same purposes (redirection) as the botnetted Chinese 'alphabet soup' domains and in considerable volume from what I can see, even more cause to be aggrieved about that. Apparently microsoft.com made it to #5 in the SpamHaus top 10 list of dreadful ISPs yesterday-day before but by the time I looked they weren't even in the top ten anymore. All a dreadful mistake or some re-arrangement of deckchairs? The internet continues to founder in the same old sea of spam. But yeah, it was nice while the botnets were down. Just hope the goodguys learned more about beating them than the bothearders learned about recovery (for next time). Link to comment Share on other sites More sharing options...
michaelanglo Posted November 29, 2008 Share Posted November 29, 2008 I must be on some weird lists. My overnight spam load has doubled 100-200 vs 50-100 for the last two weeks, with about 1/2 the increase in cyrillic. The lull lasted longer than I would have guessed. Same but different here with the lull starting 8 November with a drop from 180/d to 130/d and cyrillic spam way down and remaining that way. From 18 November and currently 120/d. Link to comment Share on other sites More sharing options...
dra007 Posted November 29, 2008 Share Posted November 29, 2008 The drop has been consistent a few weeks now, I will keep my fingers crossed. Seems for the most part I am pestered by a Russian spammer who is pretty bullet proof. I also saw an increase in spam rallied via Turkey server at the expense of south American and Korean spam. The Japanese spam has dropped to near 0. Hard to tell who the real spammers are without doing further research but the trends I see are consistent and considerable. Link to comment Share on other sites More sharing options...
Farelf Posted December 3, 2008 Share Posted December 3, 2008 The stats are showing things are returning to 'spam normal' with the Srizbi botnet's reactivation. The sophistication of that operation's built-in contingency planning is breathtaking (noted various places, including): Srizbi Botnet: Life after McColo (thanks for the link vark). In any even, the botnet's operations are not exactly as they were - yesterday was far lower than usual for me, after days of having bounced back to pre-shutdown levels. ISP filtering comes into the equation, making it hard to guess all that is happening. Link to comment Share on other sites More sharing options...
Geek Posted December 3, 2008 Share Posted December 3, 2008 My forum spam is going through the roof and yet the IP board only showed Googlebot and MSN.... here's an interesting story that may explain that: http://boycottnovell.com/2008/12/02/microsoft-bot-cracked/ I popped one of the IP's into Google and it seems to confirm forum *posts*, not just spidering :confused: Link to comment Share on other sites More sharing options...
DavidT Posted December 4, 2008 Share Posted December 4, 2008 That "story" (blog post) is pretty weak and misleading....read the first comment below it....the author thinks that Windows runs on mainframes. I googled some of the IPs and didn't come up with posts...just a lot of stat logs. DT Link to comment Share on other sites More sharing options...
Geek Posted December 4, 2008 Share Posted December 4, 2008 Hi, The IP was from my IP panel at the time. WHOIS pointed it to MSN bot and I popped it into Google and found over 600 results, including the honeypot project, stopforumspam and the first two hits were that article. Cheers! Link to comment Share on other sites More sharing options...
Farelf Posted January 27, 2009 Share Posted January 27, 2009 More on "the resumption of normal service" at http://www.theregister.co.uk/2009/01/26/spam_trends/ Link to comment Share on other sites More sharing options...
Farelf Posted April 2, 2009 Share Posted April 2, 2009 The most significant spam-related event in the first quarter of 2009 occurred when spam volume returned to pre-McColo takedown levels. By the second half of March, seven-day average spam volume was at the same volume we saw prior to the blocking of the McColo ISP in November 2008. http://googleenterprise.blogspot.com/2009/...ds-q1-2009.html (thanks to Rooster for the link). So, in the Postini world it's official, back to taws - but with some interesting 'adaptations'. And noting the world awaits Cornficker/Downloadup to 'drop the other shoe'. The anticipated April Fools' day activation of same seems to have been a non-event (though my local network users reckon there was a huge upsurge in port scanning, possibly related - they are a 'sometimes excitable' bunch but reliable enough about such observations). Link to comment Share on other sites More sharing options...
kae Posted April 20, 2009 Share Posted April 20, 2009 I'm really getting a lot more spam now than I was before the big drop. I guess the spammers have found new ways to get their spam through and they're making up for lost time. Link to comment Share on other sites More sharing options...
Farelf Posted April 20, 2009 Share Posted April 20, 2009 I'm really getting a lot more spam now than I was before the big drop. I guess the spammers have found new ways to get their spam through and they're making up for lost time. Thanks kae, useful observation - the tendency over time is certainly for continual increase, somewhat masked by silent ISP filtering of an increasing proportion of total messages and the growth of greylisting. As some have long said, the key to retained sanity is sanitation - keep the stuff out of your intray. Link to comment Share on other sites More sharing options...
kae Posted April 21, 2009 Share Posted April 21, 2009 Thanks kae, useful observation - the tendency over time is certainly for continual increase, somewhat masked by silent ISP filtering of an increasing proportion of total messages and the growth of greylisting. As some have long said, the key to retained sanity is sanitation - keep the stuff out of your intray. Yes indeed that is so true. I am thankful that the growth that I've seen has all been in the "Held Mail" folder. It would be such a pain to have all that spam in my Inbox. Spamcop does a fine job of filtering spam out of my Inbox. Link to comment Share on other sites More sharing options...
Geek Posted May 6, 2009 Share Posted May 6, 2009 I was just chatting with my webhost in the UK and it appears there has been a stupid-massive increase since the botnets cameback, so it's not just a local phenomenon to me. My email was sporadic last month and I sent a trouble ticket. The response was there was such a flood beginning in April (that hasn't stopped), it collapsed their email servers. They tripled the capacity in the meantime and it's *just* keeping up. So they had to write their own algorithm to drop any with a deformed header (idicitive of relays) to keep it from coming down again. So I hopped on the phone to my ISP in Vancouver again with that info to find it confirmed, but my ISP had already taken preventative action. In all cases, unlike the pre-McColo takedown, they can't pin down one, or even a regional source - it's distrubuted and it's "vengeful", as the term was mentioned Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.