nanog mailing list archives
Re: The Geography of Spam
From: sgorman1 () gmu edu
Date: Tue, 02 Mar 2004 11:43:54 -0500
I should add that I meant to say it matches the fact we gets lots of spam from hijacked machines - not the 30% number. We have just been looking at a few machines, but would love to see or hear about anyone who has bigger datasets to work with. ----- Original Message ----- From: Brian Bruns <bruns () 2mbit com> Date: Tuesday, March 2, 2004 11:23 am Subject: Re: The Geography of Spam
On Tuesday, March 02, 2004 11:11 AM [EST], sgorman1 () gmu edu <sgorman1 () gmu edu>wrote:Thought folks might find this blurb from Sophos on the geographyof Spaminteresting. 30% of Spam, they report, comes from hijackedPC's. Matchespretty close to what we see across our network - i.e. all sortsof stufffrom swbell.net o U.S. Routes More Spam than World Combined, Study Shows Paris -- Intentionally or not, the U.S. routes more spam e-mailtraffic> than the rest of the world combined, according to a new study byanti-virus firm Sophos. The study concludes that most of theunsolicited> junk e-mails originate in Russia and then passes through hacked computersin the U.S. "More than 30% of the world's spam is sent from these compromised computers, underlining the need for a coordinatedapproach tospam and viruses," said Charles Cousins, Sophos' Asia managingdirector .The U.S. accounts for a whopping 56% of the global spam pie,followed byCanada with 6.8%. Europe did not fair very well in the reporteither, withthe Netherlands (5th), Germany (7th), France (8th), the U.K.(9th) andSpain (12th) all making the list. http://www.sophos.com/spaminfo/articles/dirtydozen.htmlI guess I can say, that I can somewhat agree with what they are saying, but the percentage seems to be a bit lower then what I would have said. With the recent round of viruses that seem to be designed to help spammers hijack end user machines, I'd say the percentage is more towards 45-50%. Sometimes its very hard to tell the difference between an open proxy, and a drone running an open proxy (take the AHBL's proxy list, which is over 410,000 proxies listed, and our infected/hijacked machine count comes nowhere near that). Part of the reason why alot of the spam comes from outside of the US is because US spammers need to hide their actual locations in order to avoid getting snared by CAN-SPAM and similar. This is why Ralsky bases his spamming campaigns out of China, where the laws are more relaxed in terms of this stuff, and is less likely to get yanked off of his net connection. This is also why spammers have 'fronts'. :-) -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org
Current thread:
- The Geography of Spam sgorman1 (Mar 02)
- Re: The Geography of Spam Brian Bruns (Mar 02)
- Re: The Geography of Spam Michael Airhart (Mar 02)
- Re: The Geography of Spam Joe Abley (Mar 02)
- Re: The Geography of Spam william(at)elan.net (Mar 02)
- Re: The Geography of Spam Joe Abley (Mar 02)
- <Possible follow-ups>
- Re: The Geography of Spam sgorman1 (Mar 02)