Where spam comes from

Have you ever wondered where the content of your junk-mail folder (or inbox) comes from?

Published 2007-08-19. Read 3,722 times. 0 Comments. Tagged: security spam

Spam isn’t the most harmful things on the internet, by any means but it does account for a large chunk of a lot of everybody’s online time, unless they’ve taken (or allowed somebody to take) extensive measures to clean out their inbox.

It is estimated that 90 billion spam emails are sent every day. With all the blocking, 5% of that still hits the inbox. On the assumption that it takes you 5 seconds to switch to your email client, notice the message is spam and delete it, collectively, as a species, we waste 713 years of life every day. But where is the spam coming from?

By location

Graphical breakdown of where spam comes from

Based on Spamhaus’s TOP10 Spam Origin Country list.

It should be noted that botnets (see below) are responsible for the vast majority of spam sent. One conclusion to be drawn from these figures is that America has the highest number of infected computers participating in botnets.

By server type

Graphical breakdown of what types of server spam comes from
  • 10% — Valid email
    That’s right. Only one-in-ten emails are not spam.

  • 15% — Open relay servers
    Open relays servers are mail servers that allow anybody to connect and send email through it. Although the vast majority of ISPs and email providers patched things up years ago, a few have either forgotten to do so or just don’t care that anybody can use their server to push email onto the internet. Many open relays are connected to via botnets but some spammers use them directly.

  • 5% — Spam-friendly ISPs
    These are hosting companies that don’t give a damn. Some sell themselves as "bullet-proof hosting", meaning they think they cannot be touched by anti-spam laws and will therefore never respond to take-down orders from another country. They are expensive and easy to block out so their popularity with spammers is low.

  • 70% — Botnets
    These are oceans of computers (many of them normal desktops) that have been infected with a trojan allowing its writer to remotely control them. These zombies, as they’re also known, can perform several tasks including: sending spam, hosting trojans for people to download and performing network attacks on other online systems.

The figures are an amalgamation of several statistics including those from the Messaging Anti-Abuse Working Group, Sandvine [via BBC] and ZoneLabs. They’re by no means 100% accurate but they do offer a rough picture of what we face in terms of the network infrastructure for spammers.

I’ll develop this topic at a later time and update this post to show it.

About Oli: I’m a Django and Python programmer, occasional designer, Ubuntu member, Ask Ubuntu moderator and technical blogger. I occasionally like to rant about subjects I should probably learn more about but I usually mean well.

Stay updated: Subscribe by RSS or Subscribe by Email.