Every now and again, I get spam delivered to my inbox from one of the leading webmail services. AFAIK, there are the big 4: Gmail, Yahoo, Hotmail and AOL.
The thing is that to my work email account where I get some of my mail (ie, I eat our own dogfood), I rarely, if ever, get spam that originated from Yahoo, Hotmail or AOL. Finding out if it came from there is easy because all I need to do is open up the message and take a look at the headers. However, I get spam from messages originating from Gmail on a regular basis.
And therein lies the rub. Across the internet, I hear quite a bit of noise that all the web services send out spam. Spammers compromise the login and send out piles of spam and then quickly jump ship and abandon the email address. However, across the blogosphere I hear that Hotmail is the worst one. The folks at Hotmail do acknowledge that there is a problem. However, I also hear that Gmail is the best filtering service.
This is simply untrue in my experience. Going by the spam I see in my inbox, when it comes to outbound originator of spam, Gmail is the worst one by far. I'm not saying that the others are necessarily better, but it certainly seems like it judging by what I'm seeing.
PingBack from http://geeklectures.info/2007/12/21/if-perception-is-everything-then-gmail-needs-better-filtering/
Let's see. I have 20 days of SpamAssassin-diverted spam archived, averaging 300 messages per day. By the crude measure of how many of those 6000 messages simply mention various ISPs (i.e., no attempt to filter for forged addresses or find the real sender):
Considering that yahoo.com has roughly 10 times the number of accounts that gmail.com has, that's a fairly high ratio for gmail.
Nice stats, Bart.
"no attempt to filter for forged addresses or find the real sender"
That means the stats are completely meaningless.
Even when a spammer wants to be contacted, they rarely put their own ISP in the From address. When they want to be contactable in order to collect drug money or whatever, they put a drop box in the body of their e-mail, but they still forge some random victim's address in the From line. The reason is that if the spammer puts their own address in the From line then there *is* a snowball's chance in hell that the administrators of Yahoo, Microsoft, etc., will figure out that the spammer is one of theirs. When the spammer puts their drop box in the body of the e-mail, administrators of Yahoo, Microsoft, etc., never understand the meaning of the spam report and the drop box continues operating.
When tracing the actual sending ISPs of spams that reach me, Yahoo and Microsoft still have their share. But I've received a total of 1 or 2 spams from Google, ever.
I recently wrote an article comparing the three with regards to spam filters. I did an informal test by signing up for all three services. I then went to a "sign up for a free ipod" website and entered the three email addresses in. That is enough to get a LOT of spam.
Gmail won, hands down. Hotmail was second, and Yahoo took a distant third place. Granted, this was a fairly un-scientific way to test this, but it's something I've always wanted to try.