Why Zebedee gets less spam

The first letter of your email address could determine the amount of spam that you receive, suggests a study by University of Cambridge computer scientist Dr Richard Clayton.

One reason for the phenomenon could be the way that spammers create email address lists – specifically an approach called a ‘dictionary’ or ‘Rumpelstiltskin’ attacks. These originated when it occurred to the spammers that if john@example.com was a valid email address, then perhaps john@another.com was valid as well; so the curs then combined local parts (to the left of the @) with other domain names.

Because they are more first names starting with A, M, S, and R, the number of spams with these constitute a greater proportion of the overall total of spams in circulation, as dictionary attacks snowballed.

Based on traffic logs of 550,596,270 messages sent through ISP Demon Internet, between February and March (2008), the analysis also indicates that around 50 per cent of all the email which is being given to Demon’s spam detection system is destined for non-existent mailboxes.

Dr. Clayton believes that his findings could point the way toward techniques for more efficient screening of spam by email service providers. “Demon Internet handles emails on behalf of customer sub-domains (example.demon.co.uk or example.com) - hence it doesn’t know if elephant@example.com is valid or not. That means that it accepts email for elephant@ and then decides whether or not it is spam and delivers the non-spam. If the customer doesn't have an elephant@ email address then the delivery will fail.

Clayton contrasts this with elephant@hotmail.com, where HotMail immediately knows if elephant@ is a valid address or not: “If it is not valid then there is no need to do any spam detection; they just reject the email. This reduces the amount of work considerably.”

Clayton adds: “How much spam a particular @ receives will be all about how many web pages their email address appears on, and whether their friends have ever been infected with malware. On the individual level this will dominate.”

Further information:
www.cl.cam.ac.uk/~rnc1/aardvark.pdf

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them

Close