More spam!

Published by rich on Sunday, August 3, 2008 - 18:55:42

I’ve also been getting more of the trash in my inbox. This truly concerns me as my entire job is keep spam out of other people’s inboxes.

Is SpamButcher missing more spam? Do I need to make radical changes to how SpamButcher filters email?

It turns out the answer is yes and no.

While annoyingly I’d been getting up to about 6 pieces each day in my inbox (as opposed to 2-3 previously), the total spam caught by SpamButcher went from about 300 each day to nearly 600.

So, spam has almost doubled, and as a result missed spam has also roughly doubled.

Not the best scenario - but still it seems SpamButcher is still hovering right around the 99% kill rate.

Some of the issue seems to be that my prior call for spammers to “bring it on,” looks to have bitten me in the butt.

A lot of this spam is part of a malware distribution campaign that’s proving quite difficult to filter for a few reasons.

The spam is sent from compromised zombie computers. As a result, the messages are coming from networks not historically associated with being spam sources.

It appears the malware is actually using the victim’s email client to send the messages (not 100% sure about this). This makes the email look much more “real.”

The spam email messages themselves point to web servers that have been hijacked. This makes them difficult to recognize for the same reasons the zombie computers are.

I’d be curious how well competing programs are handling these messages. While I like to think SpamButcher is the best spam filter available - it may be a competitor has figured out how to handle these particular messages better than I have.