Slashdot wrote:In October Commtouch reported an 18% drop in global spam levels (comparing September and October). This was largely attributed to the closure of Spamit around the end of September. Spamit is the organization allegedly behind a fair percentage of the worlds pharmacy spam. Analysis of the spam trends to date reveals a further drop in the amounts of spam sent during Q4 2010. December's daily average was around 30% less than September's. The average spam level for the quarter was 83% down from 88% in Q3 2010. The beginning of December saw a low of nearly 74%.
I have noticed that my own spam folder seems to fill up a lot less quickly than it used to... but I predict that it will only be a temporary reprieve. (On a related note, I seem to be killing a lot more forum spam bots lately.)
My spam bucket fills up rather quickly - at least 20 + a day. Google's spam filter is brilliant though - it catches everything and on there I get about 50 a day. Many on how to increase size and how to pleasure the ladies.
I spoke too soon. It seems like I'm getting spam via my youtube account. Where they send me a notification that someone sent me a video and in the notification they display the message along with the video which wants to give me money. So now youtube has been added to the spam filter :/
"Friends are a lot like potatoes. If you eat them they die." - Stuart
Symantec appears to believe that spam is declining, according to a recent Slashdot posting:
Following a two-week dramatic decline in spam levels, spam now accounts for 78.6 percent of all email traffic, the lowest rate since March 2009, when the global spam rate was 75.7 percent of all email traffic, according to Symantec's January 2011 MessageLabs Intelligence Report, released today. The volume of spam in circulation this month was 65.9% lower than for the same period one year ago, in January 2010, when the spam rate was 83.9% of all email traffic.
Ironically, in light of Symantec's findings, our institution's ISP informed me yesterday that we were blacklisted with SAIX for sending spam ("intentional or unintentional"). They aren't able to give me any other details, other than our IP was identified and the ISP "thinks" that SAIX also uses the DSL account to trace the "culprit". SAIX's e-mail clearly states that it uses the IP (period).
I asked the ISP to make sure of their facts and to get back to me. They phoned again today to confirm that the blacklisting is effective on all outgoing e-mail. Google mail via pop & smtp still works fine and it seems that only the e-mail account(s) listed with the ISP is affected, which is a bit of a thorn in my side, as the ISP (and SAIX, apparently) cannot confirm that one of the many Google accounts can be the problem. So, I can't pin-point the problem for certain. SAIX, via our ISP, instructed me to run SUPERAntiSpyware (no version specified, so I obviously opted for the Free Edition, 10 mb download) on all PCs and I must also sign a three page document (AUP & TOS) to certify/agree that we will not use our internet for any illegal activities & blah-blah-blah, before our ISP will ask SAIX to remove the so-called blacklisting. Nice! So, I happily hop away to scan 75 workstations! I should finish by mid-day tomorrow... Jeesh!
Apparently SAIX counts the number of mail messages sent per hour. If it exceeds 300 messages per hour, per site (DSL connection), or 25 per hour, per single mail account (?!), a blacklisting is imminent. If you score three blacklistings in a row, you can be banned from the network for a year or forever. (?!) Ironically, SAIX and my ISP (and I) now know that we are spamming the greater good into oblivion, but they have no other details. No IP packets. No nothing. *sigh!*
Since we don't have a static IP with the ISP, I asked them how they could be certain that the spam was originating from our network. Duh?! No answer to this question yet, other than speculation.
We have a hard-capped DSL account (for business use), as the ISP suggested that uncapped would be too slow for us during the day. (?!) I keep running out of data on the cap, probably because of this "spam" issue. I have now taken everyone off the network by (temporarily) changing the IP address range of my wireless and cable network, including WEP key (WLAN APs).
1. Is there any malware that could possibly still propagate through TCP/UDP ports or via any MAC Addresses, untill I have completed the scan?
2. Does anybody here know for certain how the decision and/or enforcement of the blacklisting works on SAIX's side?
3. As a consumer, can I contact SAIX (do I have the right) to request more info, without risking a "perma-ban"?
4. Anything that I forgot, except disabling system restore?
5. If I were to purchase a complete antivirus/spyware/malware solution for my network, what would be best? I am running Windows Server 2008 Enterprise R2, Exchange Server 2007 and Windows XP/7 workstations. The oldest PCs have 3.0 GHz Intel Pentium 4 CPUs (single core), 512 mb RAM and 80GB HDDs. I will be running all network segments linked via CAT6 (unshielded cable) over 1 gbps network switches shortly.
6. Does anyone have any pointers for me, please? Any advice would be appreciated, as I am touching around a bit in the dark here.
The keyboard is mightier than the pen!
When the last guitar string goes "Ping!", that is when Death will stop to sing...