Channels ▼
RSS

Spam: Made In The U.S.A.


Proof that the United States is capitalism's capital, a survey released Thursday said that nearly all the world's spam is spewed by a limited number of hard-core spammers within the U.S.

Based on analysis of the spam it blocked for its 1,000-some clients during May, June, and July, message filtering firm CipherTrust said that a whopping 86 percent of all spam originated in the U.S.

Although U.S.-based IP addresses accounted for only 28 percent of the total addresses used to spam -- tying South Korea for the top spot -- spammers overwhelmingly favor U.S. domains. Messages from Korean IP addresses, in comparison, accounted for a paltry 3 percent of all spam mail. Similarly, China and Hong Kong, where about 23 percent of all spamming IP addresses reside, account for just 2.6 percent of all spam messages.

"That was quite a surprise," said Dmitri Alperovitch, a research engineer with CipherTrust. "The percentage of spamming IP addresses within the U.S. is in line with other surveys, but in the actual number of messages, the U.S. is responsible for the vast bulk of spam."

CipherTrust's numbers run counter to those in other surveys, which claim that a much larger percentage of spam comes from outside U.S. borders. Commtouch, for example, recently estimated that the U.S. accounted for only 56 percent of the world's spam.

Alperovitch defended his company's data by pointing out that other studies rely on spam-gathering honey pots, while CipherTrust tallies only those actual messages it intercepts. "Those two approaches are quite different," he claimed, "because some spammers are actually targeting specific companies with messages that the honey pots wouldn't see."

CipherTrust's numbers also bolstered the long-held theory that a few kingpin spammers are responsible for most of the spam. "The bulk of U.S. spam is coming from a very limited set of IPs with high-bandwidth connections," said Alperovitch, who estimated that the high-volume spamming addresses number fewer than 10,000 and the number of spammers at under 200.

The U.S. is the origin of choice for spammers, said Alperovitch, because of the plentiful supply of cheap high-speed bandwidth here. "Spammers need big pipes, and they don't want to pay much for it," he said.

That explains the low percentage of spam messages originating from overseas' IP addresses. The lack of cheap bandwidth outside the U.S. is stymieing spammers' attempts to scale up the volume of their mailings to U.S. sizes.

In fact, the majority of spam that does come from countries other than the U.S. originates with zombies, hijacked computers typically with high-speed, high-volume access to the Web, giving spammers a free ride, bandwidth-wise.

Zombies are less of a problem in the U.S., said Alperovitch, because of the inexpensive access spammers can buy here, as well as some recent efforts by major Internet providers to clamp down on zombies.

Cable provider Comcast, for instance, launched an effort in May to block its members' cable-connected machines from being used by spammers, and claimed a one-third reduction in spam coming out of its network. "We also saw a significant drop-off in spam from Comcast after May," said Alperovitch, who added that the decrease was in the 30 percent range.

Although the U.S. had anti-spam laws in place at both the states and federal levels -- the latter through the CAN-SPAM Act which went into effect this January -- critics have said that fighting spam locally doesn't do any good when the problem's global.

CipherTrust's numbers may mean it is possible to put at least a partial lid on spam through laws and enforcement solely within the U.S.

"Enforcement of CAN-SPAM could go a very long way toward reducing spam," said Alperovitch.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video