Spam Out of Control
I think I might need to send all my clients a service note to warn them that the increase in spam in recent months is beyond my control. Indeed, it is now being reported — in this PC World article as well as the mainstream media — that spam levels have gone up 80 percent since early October. My clients are understandably getting annoyed, and some erroneously believe it’s because those who maintain the server where their site is hosted are not doing their job.
Lately, I’ve gradually been updating the server-side mail scanning rules in selected domains to see if doing so would help. The updated, stricter rules don’t seem to be having much effect, though, and there’s now an increased risk that legitimate messages are being filtered out as spam. According to this other, earlier PC World article, the problem is that spammers are increasingly placing images in their bile, thus thwarting filtering tools which are designed to scan for text.
Another tactic on which spammers rely, according to Craig Sprosts who is quoted in that second article, is to register new domain names just long enough to send their trash and then abandon the domain name.
Of the 35 million domains registered in April , 32 million were never paid for and expired after five days…… [M]any of those domains were used by spammers to send out their unsolicited e-mail during that five-day grace period…… Traditional blacklists and whitelist approaches just can’t keep up with how fast they’re registering new domains and changing the URLs in the e-mail.
Generating and countering spam has always been a game of cat and mouse, but it’s more brutal today than it ever was. It’s becoming an industry of its own on the Internet.
E-mail is not the only channel for spam. For instance, this WordPress-driven blog receives easily 10 times more spam comments than legitimate comments, thus why I’ve taken to closing comments on posts after so many days online. Fortunately, because I have WP set to queue comments from unknown addresses, messages take a while to appear on this blog so that I can manually reject all the trash comments. But it’s annoying nonetheless. Similarly, I have the phpBB bulletin board installed on one of my domains, and there too, I have set the software to require my approval before the supposedly new user becomes active on the board, thus allowing me to delete the 50 or so new users that register each week. It’s not an onerous task — I only need to select those users and delete them all at once — but it’s a source of unnecessary work. I could leave them all there since they’re effectively harmless, but it’s messy to leave them there.
I’ve been around the Internet and the Web long enough to know that spam spikes come and go. Eventually, I’m sure, the cat will find a way of countering the mouse’s latest antics and everything will be better again. Until the next round.