Broadband S*p*a*m

He has: 286 posts

Joined: Mar 2003

It's time now, unfortunately, to report on the rising phenomenon of broadband spam. In my case, this involves the vast network that is Comcast. It's not that I'm picking on them, it's just that their problems are so annoyingly typical of what can happen as computer networks become faster and more efficient.

For several months, AOL was actually blocking all email from Comcast. AOL's software checked the domain name in the email address of the sender, then checked the IP address. Next, the software did a reverse DNS check to see if the IP address matched the domain name. If it didn't, the software assumed the mail was spam. The alleged spam was then dropped into a special folder and eventually deleted. The sender on Comcast received no bounced mail. Conversely, the receiver on AOL had no idea that he or she had been sent an email from the Comcast user. (As of this writing, the two companies have corrected this arrangement, but there might be other ISPs that haven't cleared things with AOL.)

Comcast believes that much of the spam is being sent by zombie programs that have been surreptitiously installed on users' PCs. Because the broadband network has so many users, it's easy for tons of spam to propagated.

Some Spam Stats

Most of the spam I get has nothing to do with money. It's usually just a lot of nonsense words strung together. I guess the purpose is to annoy people and waste their time. What sort of moron would take delight in doing that? A bored teenager is the usual answer, but there are no actual statistics to prove that.

However, here are some of Pew Survey's stats on what email users are doing to halt spam:

  • 73% of email users avoid giving out their email addresses;
  • 69% avoid posting their email addresses on the Web.
  • 62% say their employers use filters to block spam from their work email accounts; half of them get no spam at all in those accounts.
  • 27% of those who have a personal email account apply their own filters to their email system; 21% of those with filters say less than a tenth of the email they receive is spam.
  • 86% of email users report that usually they “immediately click to delete” their incoming spam.
  • 59% of email users describe spam as “annoying, but not a big problem”; 27% of email users say spam is a “big problem” for them; 14% say it is no problem at all.

Some Ways to Stop Spam

I've clocked my spam at about one email per hour today, which amounts to 24 per day. That's enough for me, so I've decided to take action. Here are some things you can do as well:

  • Unsubscribe from any newsletters you don't read.
  • Unsubscribe and delete your profile from any forums you don't visit any more. Some people think that in order to publicize your site, your name and URL have to be all over the Internet. Actually, they only have to be in specific targetted areas. (This is a grey area, of course, and is a judgment call.)
  • Delete any unnecessary files or programs, but be careful if you think will disable any programs that you need.
  • Cancel any affiliate programs that aren't bringing in any money.

ISPs that knowlingly relay spam, even if they don't originate it, should be penalized. If you suspect your ISP is doing this, give them a call. If they tell you there's nothing they can do about, then they're probably lying or incompetent. (On the other hand, it's been said that " the bulk (80%) of the spam are sent by compromised cable/DSL machines." )

(For a list of IP addresses of spam originators, check www.spamhaus.org )

According to the Pew Surveys:

  • 25% of email users say the ever-increasing volume of spam has reduced their overall use of email; 60% of that group says spam has reduced their email use in a big way.
  • 52% of email users say spam has made them less trusting of email in general.
  • 70% of email users say spam has made being online unpleasant or annoying.
  • 30% of email users are concerned that their filtering devices may block incoming email.
  • 23% of email users are concerned that their emails to others may be blocked by filtering devices.

If you think you are being blocked, you can check out Spamhaus's Block Listof IP addresses.

This week, I finally got on the phone with a Comcast technician who suggested I activate the anti-spam feature from the ISP's web page.

The problem is, it's been activated for months!

I also use MailWasher Pro 4.1 on my XP workstation, and that does isolate the spam. However, I'd prefer that the spam be isolated on the ISP's servers and not reach me at all.

(I also have Adaware and run it about once a week, but the spam rages on.).

"'We're the biggest spammer on the Internet,'Comcast network engineer Sean Lutner said at a meeting of an antispam working group in Washington, D.C., last week.

"Lutner said Comcast users send out about 800 million messages a day, but a mere 100 million flow through the company's official servers. Almost all of the remaining 700 million represent spam erupting from so-called zombie computers--a breathtaking figure that adds up to six or seven spam-o-grams for each American family every day."

Zombies:

Many of Comcast's spam problems emanate from "zombie" software which is installed when spammers and crackers slip through holes in operating systems, or when unsuspecting users click on graphics in emails. The zombie program is then executed and turns PCs into spam bots. About one third of all spam comes from zombies with broadband connections, according to CNET. The owners of the PCs, of course, are unaware
of what's happening. Comcast has approximately six million customers, so it's not hard to imagine thousands of bots sending millions of spam mails daily through the ISP's cables.

Actually, there are zombie machines on every broadband provider's network - AOL, RoadRunner, SBC, etc.; however, the spam from Comcast is more than the next two providers combined. (One of the reasons many ISPs aren't permitting servers to be run on their networks is because they can be used as spam generators.)

There are organizations that are keeping track of all this, like Spamcop.org , which shows Comcast as the #1 spammer, with Roadrunner as #3, and Mindspring as #6.

There have also been some legislative attempts to ban and prosecute spammers as well. The best-known of these is the CAN-SPAM act passed by Congress in December of last year. Five months later, however, it's been as an example of good intentions gone wrong because, unfortunately,the CAN-SPAM act overrrides any state's laws. Wired has an article on the probable ineffectiveness of this national anti-spam law:

"In many states, preexisting antispam legislation included the rights for citizens to sue spammers directly or through class action lawsuits. Under the new federal law, U.S. citizens no longer have those rights."

(To see what one state legislature is doing about spam, you can read about Maryland's current anti-spam law.)

(To see if your PC is on a blacklist, another good reference is senderbase.org. It's an exhaustive listing of blocked IP ranges from various broadband providers.)

Some Possible Solutions:

There are solutions that the broadband providers could provide, but they're all expensive, so spam problems will no doubt be with us for a while longer.

On a recent forum on Slashdot, a correspondent suggested this possible anti-spam scenario for ISPs:

1. Notify the user by email and give him or her 48 hours to clean the computer. If no action results:

2. Notify the user by email, snail mail or telephone and give him or her 48 hours to clean the computer. If still no action:

3. Cut the user's Internet access and notify the user that until his system is cleaned, access will not be restored.

This solution would be labor intensive, and therefore expensive, and that expense would probably be passed on to the subscribers. "It costs a lot of money to chase down, warn, clean, monitor and expel users. Only when action is less expensive than inaction will things change. When a significant portion of Internet users get so ticked that they block IP addresses from Comcast ports 25 and 80, will Comcast do something real." (So writes a recent correspondent to Slashdot.)

Blocking Port 25

Another solution would have ISPs blocking port 25 to stop all the spam. (As most of you know, port 25 is the SMTP port through which email servers send and receive messages. POP and IMAP,on the other hand, transfer mail only between your client and your email provider's mail server.)

If a huge amount of spam is being sent from a network the size of Comcast, a port block is definitely warranted. Some users, in fact, feel that ISPs owe it to the Internet to halt the spam traffic that is currently making the 'Net slower and less stable.

A provider could route all packets with a destination port of 25 to an authorized SMTP server that is owned and operated by the provider. The provider could then monitor the mail and delete any spam. Spammers hijacking home computers with zombie software would then be out of business. Blacklist operators could then concentrate on direct spammers.

In other words, a provider could force all outgoing mail from its users to first go through its own mail servers before leaving the network. This would make the mail leaving the ISP network easier to monitor by the ISP's technicians.

Or, mail could be transmitted on a port other than 25.

Or, Providers Can Monitor Users for Zombies

This would be expensive, but ultimately worth it. Some users might object to ISP technicians inspecting their hard drives, but, on the other hand, if ISPs make security a selling point , inspecting users' PCs might be worth the expense and occasional complaints from users.

Or, ISPs could stop the self-installation hookups (with the CD installation programs), because the computers might already e compromised before attaching to the broadband network.

Or, the user could be advised to change the mail server to some port other than 25, but how many users are going to know how to do that?

Another way of monitoring outgoing mail from ISP servers would be to have a quota for each user. If you detect 10,000 emails coming out of one account all of a sudden, the chances are it's the work of a zombie installed on that user's PC.

When trying to sell technical services, you stress the benefits and not the features - because the average user isn't going to understand the features. So why doesn't Comcast, AOL, etc., push security as one of the benefits of their services?