Every day when I check my three e-mail boxes, the crammed spam folders are the last place I would like to click open.
But it's a different story for Ye Hao.
The computer whiz delves into the domain very few would want to enter he opens the spam folders in his e-mail boxes, analyzes the senders and contents, and finally documents them.
Luckily for us, the man does this in order to fight back those pesky spammers.
A mail maintenance manager at 263.net, China's popular e-mail provider, Ye has been keeping an eye on the evolution of junk e-mails for about three years since he started his career in the mail group in 2003.
"The year I joined 263.net was when spam began to burgeon," said the man in his 20s.
Statistics from the Internet Society of China show that the number of spam globally has accounted for 70 per cent of the total e-mails today, a surge from 7 per cent in 2001.
Each week, 900 million junk mails messages reach recipients in China, occupying 64 per cent of the total e-mails, the society said.
Specifically at 263.net, 93 per cent of e-mails in the daily flow were spam, eating up eight hours of 1.5 technicians' time on average a day, Ye said.
To curb the deteriorating situation, the government has laid out the Internet E-mail Service Management Regulation which will take effect in China tomorrow.
Ye owns more than 20 e-mail boxes, mostly out of a job necessity to experience different services. He collects no less than 100 spam a day from these boxes, and spends most of his working hours conducting sample analyses.
In his eyes, spam nowadays is a hodgepodge of commercials, viruses and frauds. Moreover, they have evolved into a big family of plentiful strains.
The most common types are still those hawking various products and trainings, or offering invoices, sex services and business co-operations.
Chen Lian, a 26-year-old human resource manager based in Guangzhou, said her company's e-mail account is full of such junk, as many as about 50 a day.
"They are all about seminars, invoices and transportation," she said. "They don't really hurt you, but waste your time and put you in a bad mood."
Netizens may find junk mail annoying, but the e-mail operator actually mostly pays the price of spam attacks. It has to spend a huge amount of resources to dispose of junk mail.
Last year at the China Internet Conference held in Beijing, Zhang Daqing, vice-president of 263.net, proclaimed that 85 per cent of the server's capacity and 50 per cent of the storage space in its mail delivery system are used for spam disposal.
More notably, in the last two years, phishing e-mails have witnessed a sharp increase in China as it has globally, according to Ye, who founded the China Anti-spam Alliance with his friends in 2003 to combat the increasing number of spam.
"Phishing" is a slang IT word combining "phreaking" and "fishing." It refers to fishing for information usually personal information such as credit card, bank account or social security numbers.
Scammers "phish" for personal information through fraudulent e-mails claiming to be from a bank or another institution that already has the recipients' personal details.
"The recipients are asked to click onto the fraudulent website in the e-mail and enter their account information and password for a confirmation," Ye said.
In 2004, the National Computer Network Emergency Response Technical Co-ordination Centre of China gathered 223 complaints on fraudulent websites, most related to financial service or e-commerce, while in 2003, it only received one complaint.
Although there are still fewer cases in China compared with the other more developed countries, probably because a lot of Chinese still do not trust the Internet, the rapid growth rate of phishing e-mails is posing a threat to people's lives.
Furthermore, compared with other types of spam, phishing e-mails can result in greater harm to netizens, and thus call for more advanced anti-spam technologies.
Anti-spam efforts
Sending spam is no longer a complicated technique. Along with a computer and access to the Internet, all you need is a bulk e-mail marketing tool that can be easily googled, such as Advanced Emailer, and an e-mail list. The list, which can also be purchased easily online, sells at an extremely low price ranging from 100,000 to 160 million addresses per 100 yuan (US$12.5).
But to stop these e-mails is a more complicated job.
Not only e-mail operators but also net security software developers are continuously upgrading their technologies against the growing spam family.
Usually the anti-spam system runs analyses beginning with the sender's IP (Internet Protocol) address, scanning potential viruses, and finally matching banned keywords.
What's more, technologies today have enabled a really high filtering ability. The spam spotting error ranges between 0.5 thousandth to 0.1 thousandth per 1,000 e-mails, according to Qi Jun, senior technology supervisor of Trend Micro (China), a leader in the Internet security software and services.
"IP filter is the first hurdle for spam," Qi said. "E-mails from unreliable IP addresses will be blocked before a real e-mail transmission starts."
However, the majority of spammers today duck the blows of anti-spam attacks by adopting mobile IP addresses. But the anti-spam fighters punch back with the creation of real-time blacklists.
On the website of the alliance of anti-spam fighters (anti-spam.org.cn), netizens can submit suspicious IP addresses to webmasters. "We compare them with our four real-time Chinese blacklists, which we outlined through a month's work," said Ye, one of the website initiators.
The website receives more than 4,000 queries every minute on average. "And we update our lists with visitors' reports," he added.
Once the e-mail lands in recipients' boxes, the anti-spam system will begin a new round of filtering by scanning viruses and banned keywords.
In terms of keyword matching, most of the e-mail system currently adopts Bayesian spam filters, which calculate the probability of a message being spam based on its contents.
And unlike simple content-based filters, Bayesian spam filtering is a highly intelligent technique that picks out spam from legitimate e-mail. The more spam samples it gets to study and analyze, the more efficient the filtering becomes.
E-mails with keywords implying violence, pornography, drug dealing and possible fraudulent information are usually filtered into spam folders or deleted at once, said Qi.
But spammers today have also figured out plenty of new ways to avoid detection.
For example, Ye said, keyword filtering fails to work on pictures. "I have to write down the codes for each picture I found in the junk e-mails and include them into the database," he said.
Adding a huge volume of normal information to interfere with the anti-spam scan is another trick. "Spam filters usually follow a section-on-section step to scan the e-mail. If the normal information in an e-mail is found to have outnumbered the banned words inside, the e-mail may be regarded as non-junk mail," he explained.
Some spammers even insert many normal characters between the banned keywords, and then highlight those keywords using different colours to put their real information through.
"Machines cannot see the difference," the spam fighter explained. "For them, all are simply codes."
Future road
Like most people, I let the e-mail providers do the dirty job of filtering and clearing junk e-mails. Thanks to the mature anti-spam technologies today, my inboxes see fewer junk mail. Still, a new problem arises in that sometimes I have to go back to the spam folder to rescue some normal e-mails.
Ye said that is a concern that must be tackled in the development of future anti-spam filters, which will be tailored to individual needs.
"In the future, people can have personalized spam folders based on what kind of information they need," he said.
For instance, he explained, some businesspeople may choose to have some certain e-mails about new products or cheaper ferries delivered into their inboxes instead of spam folders.
Or, there is another option: You can have the bulk spam folders hidden from the webpage so that you do not even need to bother about witnessing the increasing number inside.
Ye also envisions an integrated anti-spam system which can realize data sharing among e-mail operators to reduce the filtering time. "It is like an anti-spam centre, an enlarged website like what our alliance is doing now, where the globe can join to combat the spam," he said.
(China Daily 03/29/2006 page13)
