Report: Spammers Big SPF/Sender ID Users
An anti-spam company reports spammers are big users of SPF and Sender ID, even as they depend on zombie PCs to send the majority of their messages.
A mail security company has released a report that claims most spam comes from "zombie PCs," and that spammers are the largest users of measures intended, in part, to prevent spam.
According to MX Logic, an average of 56 percent of all spam the company filtered in July was sent from broad-band connected PCs hijacked by spammers using malware. The company said June figures showed 62 percent of the spam it dealt with originated from such machines, and that in May the figure was 55 percent.
MX Logic also reported that SPF and Sender ID, two measures meant to eliminate mail with a misrepresented origin, were in heavy use by spamming domains. Microsoft recently added features to its Hotmail service that include reliance on SPF and Sender ID to validate incoming messages and warn users of potentially fraudulent mails.
According to MX Logic, of the 19 million messages it processed in a week in July, 9 percent were from domains that had published an SPF record, 83 percent of which were spam-sending domains; and that 0.15 percent was from domains that had published a Sender ID record, 82 percent of which were spam-sending domains.
"Just because an email has a published Sender ID or SPF record does not mean it is a legitimate email," said Scott Chasin, the company's CTO. "Nevertheless, widely deployed domain-based authentication is a key building block in creating accreditation and reputation services that can vouch for the domain's SPF or Sender ID record, as well as its email-sending history."
The company also reported that spammers increased their compliance with the CAN-SPAM Act to four percent in July, over 3 percent in June. The company said compliance hit a peak of 7 percent in December 2004 and reached an all-time low of 0.54 percent in July 2004.
