A Rare Peek Inside the Battle Against Spam
By Ken Magill
The numbers are staggering.
In 2011 Yahoo! Mail received an average of 1.25 million signups for email accounts from spammers each day, according to a study released last week.
Yahoo! Mail experienced an average of 2.5 million new signups overall per day, according to the study “The Economics of Spam” by Justin Rao and David Reiley, researchers at Microsoft and Google, respectively.
Of those, Yahoo!’s anti-spam team deactivated 25 percent immediately because of clearly suspicious patterns in account creation, such as sequentially signing up account names like JohnExample1, JohnExample2, etc., the study said.
Yahoo!’s anti spam team then typically deactivated another 25 percent within a week because of suspicious outbound activity, the study said.
As a result, of the 2.5 million new signups Yahoo! receives in an average day, the ISP’s anti-spam team determines half of them are spammer accounts within a week.
The report also noted how spammers have attempted to game the “report spam” metric to get their messages delivered.
Spam complaints are one of the top metrics ISPs use to figure out whether incoming email is wanted or not. Too many spam complaints can result in the sender’s email being pushed off into recipients’ spam folders or blocked altogether.
However, in a six-month study of 1.3 million active Yahoo! Mail accounts, just 6 percent of email recipients ever marked messages as spam while the vast majority simply deleted the unwanted mail without reading it, the study said.
Also, in four months in 2009, Yahoo! email executives discovered that 63 percent of “not spam” votes were cast by users who had never cast a “spam” vote, the study said.
As a result, the authors concluded, many “not spam” votes were being cast by spammers about their own email to make their metrics look better to inbox providers.
“After examining additional data on these accounts, such as IP address, position in the network of users, and repeatedly casting not-spam votes on a variety of emails that were receiving multiple “spam” votes from legitimate users, the authors concluded that the vast majority of these accounts were created by spammers to cast strategic votes in order to help their campaigns beat spam filters,” the study said.
Rao and Reilley—who were both working at Yahoo! when they performed research for last week’s paper—concluded that the most effective weapon in the fight against spam is IP blacklisting, such as the ongoing efforts by Spamhaus.
Such efforts allow multiple organizations to shut down spamming activity more quickly, the study said, noting 14-year-old Spamhaus covers around 1.8 billion email boxes worldwide.
In 2011, 80 percent of all emails received by Yahoo! were rejected by its servers as a result of IP blacklisting, the study said.
The high fixed cost of fighting spam has resulted in a concentration of web-based email inbox providers, according to the study.
The market share in web-based email inbox provision of Hotmail, Yahoo! and Gmail has risen from 55 percent to 85 percent in the last six years, the study said.