An inordinate amount of pharmacy spam is coming my way from Yahoo.com.

Why aren’t they doing any spam filtering? And if they are, why are they doing what appears to be such a terrible job?

Is it that hard to screen for millions of various nonsense email address variations all carrying the same junk spam message?

The last entity to do this was Hotmail — years ago, I added that domain to my blacklist, and my spam went down tremendously. Yahoo will soon suffer the same fate . . .

Category: Web/Tech

Please use the comments to demonstrate your own ignorance, unfamiliarity with empirical data and lack of respect for scientific knowledge. Be sure to create straw men and argue against things I have neither said nor implied. If you could repeat previously discredited memes or steer the conversation into irrelevant, off topic discussions, it would be appreciated. Lastly, kindly forgo all civility in your discourse . . . you are, after all, anonymous.

14 Responses to “Why Am I Getting So Much Spam from Yahoo ?”

  1. Trevor says:

    It’s more than likely a spam botnet spoofing the yahoo domain.

  2. tude says:

    I get more spam from my gmail than yahoo. Down to less than 5 a day in the spam folder for yahoo. 10-30+ pharm spam a day from gmail..

  3. lalaland says:

    yeah, it just looks like yahoo. look at the details and it’s not….

  4. Marcus Aurelius says:

    Apparently, BR, you are in desperate need of drugs.

  5. bergsten says:

    Four words:

    Forward spam to abuse@yahoo.com

  6. perra says:

    @tude

    “I get more spam from my gmail than yahoo. Down to less than 5 a day in the spam folder for yahoo. 10-30+ pharm spam a day from gmail..”

    Dude, the amount of spam you get to your yahoo and gmail email accounts has little to do with goggle and yahoo and everything to do with your internet usage. Your comparison is useless.

  7. perra says:

    @BR

    Limit your porn surfing

    ~~~

    BR: Then what else would I do online. . . ?

  8. AJS says:

    >Is it that hard

    Yes, considering that there are 3 billion spams *per*day* (up from 600 million a mere 6 months ago).

    And since this was on over the weekend: http://www.youtube.com/watch?v=anwy2MPT5RE

  9. constantnormal says:

    hmmm …

    Hotmail purchased by ?

    Yahoo purchased by ?

    (just kidding) .. my own experience with Yahoo indicates that it was overrun by spammers and deeply penetrated years ago. I eventually abandoned my Yahoo mail id (I automatically delete all incoming POP mail directed to this address now), and abandoned participation in Yahoo interest groups as the digests and daily mailings were overflowing with spam. Yahoo was apparently powerless to stop it.

    My own experience with gmail is pretty good thus far, as they manage to trap by far the largest fraction of the spam before sending it out to me, and what little does arrive is effectively shunted into the trash via a byzantine maze of blacklist rules (sender not in my address book, more and one cc’d recipient with the same domain, etc).

    Spam is a force of nature at this point, and trying to stamp it out is more difficult than eradicating polio.

    A Good Start would be for the FCC (or Homeland Defense, or pick your own choice of bloated, ineffectual goobermint bureaucracies) to start cracking down on botnets.

    The typical botnet node is a suborned clueless user’s PC, with no attempt made to fabricate its ip address or otherwise hide its identity (the botnet’s operators are secure, even if the nodes are identified), with the owner blissfully unaware, thinking that their antivirus or antispam software is protecting them 100% (a belief fostered by the companies selling such stuff), when AT BEST, they are attaining perhaps 80% protection. 20% of the flood of attacks means that such “protected” PCs eventually get pwned.

    Some better defenses would be if people were to use “outbound firewalls”, that monitor outbound communications and question/block those that are not from legitimate sources within your PC. An application like “Little Snitch” [http://www.obdev.at/products/littlesnitch/] seems to handle this nicely.

    But the motivation for people to get serious about maintaining the security of their personal PCs will arrive only after the owners of PCs that are part of botnets start getting fined for losing control of their machines. It’s easy enough to identify them and verify that their machines are suborned. A $100 fine per month (week?) would provide all the incentive necessary for users to get their act together. As things are, people are allowed to operate computers with no protection whatsoever, to visit websites that present high risk of contagion and subsequent spreading of the problem with no fear of consequences.

    ISPs hosting persistent botnet presence should be nicked as well, and shut down if they cannot police their customers.

  10. tude says:

    @ perra
    My yahoo account is 15 years old and is the email account I use for EVERYTHING – posting on all BB, shopping online, responding to polls, facebook…absolutely everything.

    My gmail account is less than 2 years old and I first created it to use only for friends and not use at all on the internet. Since then, mostly because of the terrible user interface, I have all but abandoned it.

    I was just making the observation that my yahoo email is almost completely devoid of spam now, and the spam on my gmail account just keeps getting worse.

    That said, I think after re-reading BR post he is actually talking about spam seemingly originating from yahoo to other email addresses. All I can say to that is I am sure an Apple/Google evangelist will most likely see it as an evil yahoo plot!

  11. This is my office address — no porn surfing, no registering for junk –

    And yet the emails have been scraped by spammers from public sites, and they are operating out of Yahoo accounts!

  12. froodish says:

    It’s actually pretty difficult to determine the _real_ source of an email – mail headers are easy to spoof. Spamcop (no affiliation, blah, blah) does a pretty good job of parsing headers and determining the source. You’ll need the full headers for it to work:

    http://www.spamcop.net/

    Blacklisting yahoo would be a mistake, better to get filtering software either for the server or your email client. IIRC, you’re a Mac user? Can’t say enough good things about SpamSieve from c-command (again no affiliation, just a happy user) for client-side filtering:

    http://c-command.com/spamsieve/

  13. philipat says:

    Regarding above comments:

    1. Not all of the bots are located in the US so domestic fines and enforcement would be ineffective. The Russians, Chinese, Iranians etc don’t necessarily want to play ball.
    2. I receive spam mails even on mail accounts that I have NEVER used. Go figure.
    3. In my experience, gmail does attract the usual componenet of spam BUT its spam filter is very good. I find that ZERO spam gets through to my inbox and that the number of false detections (ie, not spam filtered as spam) is very small but can happen, although I haven’t seen this for many months now. My solution is just to check the spam box daily and, perhaps once a month transfer a message back to Inbox) then permanently delete all spam. Doing this daily means that the volume in the spam box never accumulates, so it never becomes a chore. Takes a few seconds daily.

  14. Low Budget Dave says:

    At work, we have one of those filtering programs that learns what is junk based on what you direct to the junk folder. At first you have to send hundreds of e-mails to the junk mail folder. After a year or so absolutely nothing gets through. The advantage is that you can always check your junk mail folder if you suspect that a real e-mail got deleted.

    The only mistake I spotted in the last year was in January when the filter screened out a whole series of e-mails relating to “rollover” because a spam bot somewhere was using the term in a very literal sense.