Google Named No. 3 Spam Provider

By Larry Seltzer  |  Posted 2009-01-06 Print this article Print

New forms of spam and similar abuse find a welcome home at Google, and the company doesn't yet seem up to the security task of fighting them. Perhaps it's a responsiveness issue.

Much has been made of the recent revelation that Google had reached No. 4 on Spamhaus' list of "The 10 Worst Spam Service ISPs." In fact, as I check now, Google is No. 3.

It's no secret why Gmail is such a big spamming source now: Spammers have had success cracking the CAPTCHA tests and creating Gmail accounts from which to spam. Because the spam comes from a domain reputation systems can't block because it's so popular, spam from these accounts has an advantage in getting past many anti-spam systems.

But some other ISPs and mail service providers with lousy reputations, in the older sense of the word, are not in the top 10. Microsoft had been a fixture in the Spamhaus list and Comcast was once known as a happy hunting ground for botnet herders. Both of these companies seem to have turned the corner.

I could tell Comcast had changed its ways when I saw a discussion on a mailing list I'm on (I'll protect their reputations by not mentioning the name) where users were all steamed that Comcast had blocked access to external SMTP connections through TCP port 25.

This is the single most effective way that ISPs can block spam from coming out of their networks from botnets, and in fact there are other ports that need to be blocked nowadays, like SMB networking. Bots usually send e-mail directly out port 25 to the recipient domain, which usually works because, by default, port 25 is unauthenticated. If you want to use an non-Comcast mail server, you have to use TCP port 587, which is authenticated by default. I don't know for sure, but I'll wager the conventional ISPs on Spamhaus' list, headed up by (that's Systemnet Telekom in Turkey), give unfettered access to port 25.

Richard D G Cox, CIO of The Spamhaus Project, says the real difference these days isn't just stuff like port 25 blocking ("That's such a 'nineties' (or should that be 'eighties'?) issue"), but responsiveness to complaints, and not just from well-known complainers like Spamhaus.

Cox said, "You see, one of the most difficult things for any organization to accomplish is to see their own operation as it is seen from outside the organization. And that is especially true of IT-related organizations." It's easy to relate to this. And it's not just having the right perspective; lots of organizations probably figure they have their hands full going after the problems they know about. But if they're falling behind, it means they're not dedicating sufficient resources to the problem.

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel