ISP Spam

I

One thing I do not talk about very often is the amount of spam that comes out of ISP smarthosts. Generally this is because many of the major end user ISPs do a reasonable job managing their spam and the ratio of spam to not-spam mail coming out of their IPs is heavily weighted towards the not-spam end of things.
This has not always been the case, and there have been instances where ISPs particularly those providing webmail have been exploited by spammers, often Nigerians, and used to send tons of spam. It can take months to fix, and requires the ISP employees to actively seek and destroy problem accounts, block access from some IP ranges and change their security to prevent future compromises.
We know that spammers exploit webmail services and that there are things that the webmail services need to do. Recently, there seems to have been a massive uptick in the amount of spam coming through Gmail’s servers.
This is not a problem unique to Gmail, most of the other webmail companies have had similar infestations of 419 spammers in the past. The Nigerians figure out how to exploit some part of the webmail infrastructure, create tens of thousands of accounts and send spam through those accounts. Once the ISP fixes the problem, the Nigerians move on to the next webmail provider to abuse. Meanwhile, receivers can block some or most of the Nigerian spam by blocking on the X-Originating-IP. Much of the spam is blocked, but non-spam email from the ISP gets through.
In the Gmail case blocking is not so simple. As a matter of policy, Gmail does not put an originating IP address in email sent through the Gmail interface. Not having originating IPs puts receivers in the position of only having the option of blocking Gmail’s IPs, not the abusers who are using Gmail. This has been an unpopular policy decision by Gmail, and they have been approached by numerous groups to convince them to provide this level of information so receivers can make more selective blocking decisions.
It remains to be seen how quickly Gmail gets their outbound 419 spam under control. The rumblings I am hearing from people about the problem are getting louder. The supporting data quietly being handed around are astonishing and point to a genuine problem at Gmail. Hopefully, Gmail will take action now and stop spammers from abusing their system before the extent of their problem becomes more public.

About the author

1 comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Just want to share my experience on spam coming from the webmail provider. Recently (actually more of like 4 months ago), I’ve got a list of spam email from one of XXXXX free email user (I can’t put the name here as I no longer have the email reply i got from the “search engine who provide free email account” as proof). I called it spam simply because he did not provide any opt-out link and he sent to my sales, accounts, support and the whole lot of email addresses under my domain, but I know he’s a small business owner who are trying to find new business, so I decide to email him and remind him that what he did is wrong and that if he want to promote his company he must at least have an opt-out link.
    To my surprised he DID reply to my email BUT challenged me to report him to the authority, see if I can do anything to him and that if he want to email me, there is no way for me to stop him. Imagine how frustrated I get after reading his reply. Here I’m sending a friendly email from one small business owner to another to remind him of the danger he’s putting his business in, and that’s what I get.
    So here I am thinking that if he wants me to report him, I will do just that. Go to XXXXX (yah, it is a search engine), postmaster and an email was sent over complete with the email header.
    Now this is my biggest surprise. I got a reply from XXXXX to tell me that they cannot do anything about it as they do not “police” their user and that all their user are supposed to abide to their Terms of Use and provide me a link to their Terms Of Use.
    Imagine this, they kick you out if you “spam” them but they will not do anything if the spam comes from their side.
    So I sent to my country CAN-SPAM body just to be informed that they only set the rules but does not act on any spam report. Good Bye.
    No suggestion on who I can report the spammer to….

By laura

Recent Posts

Archives

Follow Us