Blogs

RedMonk

Skip to content

The Coming Spam Pandemic

One of the other things most people don’t know about me is that I have a minor obsession with plagues. Stemming from my background in European history, I’ve had a morbid fascination with both the epidemiological and societal aspects of pandemic agents for quite some time. As a result, I read a lot of weird books like “In the Wake of the Plague” (so-so), “The Great Influenza” (excellent, if a little melodramatic at times), “The Coming Plague” (a friend of mine’s Dad is included for his discovery of Toxic Shock syndrome), and yes, a couple of plague oriented blogs (conveniently grouped under the “plaguefeeds” tag).

If you’ve studied the subject, pandemics are typically triggered by a change of some sort that makes an existing virus or bacterium more communicable, more lethal, or both. This is the fear that many have with respect to the Avian Flu; the influenza virus that causes it, H5N1, has elevated mortality rates but fortunately for us has yet to be able to infect human hosts as easily as some of its influenza cousins. If H5N1 is able to swap some of the sugars that coat the virus with those from human infecting flu strains, it’s possible – even likely – that we’d be facing an outbreak, a pandemic.

What’s becoming apparent to me, through a variety of channels, is that we appear to be poised for a similarly debilitating and difficult to combat outbreak of spam.

As you’re all far too aware, we at RedMonk have struggled with absurd volumes of spam over the past year, and the frequency and severity of attacks is only increasing. What was once merely a nuisance is becoming a legitimate threat to our business. On at least a half dozen occasions, the spam attacks have been sufficiently high volume to paralyze Apache. To put that in context, we run on a box that under normal circumstances would be hosting hundreds, perhaps thousands, of sites. And yet spammers are able to bring our few properties to a grinding halt because their attempts to spam us become, effectively, distributed denial of service attacks.

It would be one thing if we were an isolated case, but we’re clearly not. David’s site, hosted by Cape.com, had its commenting facility knocked offline by persistent high volume spam attacks. And Alex’s web presence, meanwhile, has been bouncing up and down under similar assaults. His load is so obscene that even removing or renaming the file in question doesn’t remedy the situation: the attackers continue requesting the missing file at such high volumes that Apache cannot help but buckle under the load.

I’ve got virtually no experience with networking at the ISP and/or backbone level, so I couldn’t begin to comment on what the potential solutions for this problem are. But I do believe that the loads are growing aggressive enough that it’s just a matter of time until it’s an ISP level problem. There’s only so much you can ask Akismet, Bad Behavior, et al to do, after all.

Categories: Spam.

  • http://nomorejargon.blogspot.com/ Danno

    Sog, is this to your email server or your comments?

    Because if it’s your comments, it seems like simple CAPTCHA tests like “add together these two values” work pretty well for stopping most spams.

    As for ways to solve Spam… I recommend making it a capital offense punishable by the death of you and everyone directly related to you.

    It basically costs more than terrorism.

  • sogrady

    Danno: it is comments, but unfortunately in the volumes we’re talking about CAPTCHA won’t solve the problem. the issue, both w/ Alex and w/ us (can’t speak for David), is that we’re receiving so many requests that Apache freaks out. it’s not the mechanics of how it handles the requests.

    Alex actually has a spam prevention strategy in place similar to CAPTCHA that captures the request pre-processing, and he’s still getting buried.

  • http://alexking.org Alex

    Correct – once the request gets to Apache (or your web server of choice), you’ve already lost.

  • http://www.redmonk.com/jgovernor James Governor

    the coming Spamdemic

  • http://channel3b.wordpress.com Andy Fundinger

    I had to take down my wiki-based personal site because the spammers got onto it and wouldn’t let go. My hosting provider started sending me notes about processor usage and it just wasn’t worth the work to keep it up. I wonder how much of the net we’re loosing to spam.

  • http://www.frenchguys.com Erik Dasque

    I absolutely concur with your post. While I don’t suffer much from comment spam (Akismet does a got job of getting rid of them on my low volume site), email spam is just rampant. It is actually something that frightens me when I think of the future, a real pandemic that we have little hope to eradicate.

  • weskom

    the request sent but no response received!!!

  • weskom

    no response from Aphace