Spammers Grab a "Pass" into your Inbox - Spammers crack CAPTCHAs to steal free e-mail providers' reputations

    OTTAWA, July 9 /CNW Telbec/ - Roaring Penguin Software Inc. analyzed
three weeks worth of data collected via its RPTN data-collection system and
revealed a worrying trend: Spammers are increasingly using free e-mail
providers to avoid IP address-based reputation systems. These systems track
mail sent by various IP addresses and assign each IP address a rating. Some
anti-spam software operates largely or exclusively on the basis of the IP
address rating.
    Roaring Penguin's data shows that over the three weeks from June 13 to
July 3, 2008, the percentage of US-originated spam originating from the top 3
free e-mail providers (Yahoo, Google and Hotmail) rose from about 2% to almost
4%. We believe that spammers are using Google's service in particular to send
spam, relying on the fact that blacklisting Google's servers is impractical
for most organizations. According to our data, the probability that an e-mail
originating from a Google server is spam rose from 6.8% on June 13 to a
whopping 27% on July 3.
    A CAPTCHA is a test designed to tell humans apart from computers. It
typically involves typing a word seen in an image or heard on an audio
recording. CAPTCHAs are designed to prevent automated creation of e-mail
    David Skoll, CTO of Roaring Penguin Software, said: "The effectiveness of
IP address-based reputation systems has increased the market value of a good
IP address, making spam gangs concentrate their development efforts on
breaking CAPTCHAs to create free e-mail addresses from which to spam. We
predict a gradual but long-term decline in the effectiveness of IP address
reputation systems."
    Roaring Penguin Software's anti-spam Software relies on a variety of
techniques to detect spam including keyword search, header analysis, message
format analysis, Bayesian statistical analysis, blacklists, whitelists,
greylisting, open proxy lists, DNS verification, content-filtering rules,
sender policy framework (SPF), custom rules and more. By not relying on IP
address reputation exclusively, Roaring Penguin has been able to retain its
98 % + effectiveness in detecting spam.

    About Roaring Penguin

    Founded in 1999, Roaring Penguin Software Inc., specializes in e-mail
filtering. The company focuses on fighting spam at the mail server, with the
acclaimed CanIt and MIMEDefang product lines. Today, Roaring Penguin's
anti-spam products are used by customers that include enterprises, ISPs,
campuses, web hosts, and government offices. For more information visit

For further information:

For further information: Bill White, Roaring Penguin Software, (613)

Organization Profile

Roaring Penguin Software

More on this organization

Custom Packages

Browse our custom packages or build your own to meet your unique communications needs.

Start today.

CNW Membership

Fill out a CNW membership form or contact us at 1 (877) 269-7890

Learn about CNW services

Request more information about CNW products and services or call us at 1 (877) 269-7890