I went through my computer’s log files and looked in detail at those 1,699 rejected messages. Many of the e-mail addresses were completely made up by the spammers-names like donna, jim, john, and others that spammers guessed in the hopes of finding a lucky match. This is what spamfighters call a “dictionary attack.” A little more investigation and I started finding bugs in the software that the spammers were using to send out their e-mail. For instance, one spammer tried over and over to deliver a message to the same address: “nekpdqs.” There were 30 individual attempts to deliver to this between 1:40 and 1:42 a.m. Each of these attempts had the sender of firstname.lastname@example.org. When I clicked through to www.oshirase.biz, I saw some Japanese characters and a “403 Forbidden” error; the spam originated somewhere in Japan.It’s no surprise that my server is being hassled by spammers from Japan. At the Spam Conference, Geoff Hulten from Microsoft’s anti-spam technology and strategy group said that much of the spam that Hotmail receives comes from China and Japan-in fact, those countries are now the second and third largest senders of spam. The United States is still Number 1, of course, but our Asian cohorts are moving up fast. What’s particularly troubling is that while spam from the United States runs roughly 50/50 with legitimate e-mail, spam from Asia outweighs legitimate e-mail by nearly 10-to-1.
These increasingly sophisticated spam attacks are one reason that e-mail providers like Yahoo! and Microsoft are moving full-speed ahead with their next generation anti-spam tools. But this new anti-spam technology could do more than let a company distinguish spam from “ham,” as good messages are sometimes called by folks in the e-mail filtering biz. It could also help the large providers maintain and even solidify their market dominance, by making it increasingly difficult for small businesses to operate their own e-mail systems.
Yahoo!’s idea is a system called “Domain Key,” which the company plans to release later this year. Domain Key is a set of programs and procedures that e-mail providers like Yahoo! and Hotmail would use to digitally sign all outgoing messages. Signatures of non-spamming companies could be digitally registered. An e-mail system receiving a digitally signed message could use the signature to verify the sending company. Anti-spam systems would need to be look only at unsigned mail.
An important feature distinguishes Domain Key from other digitally signed e-mail proposals: Instead of creating a key for each person sending e-mail, Domain Key has a different key for each company or e-mail domain. In theory, this makes the system easier to deploy, since only mail servers-not individual e-mail users-need to be upgraded to support the Domain Key system. But some people I spoke with at the Spam Conference are angry that Yahoo! is not going through the Internet’s standards committees, but is instead just going to roll out Domain Key on its production servers.