Symantec Research Ousts Linux for Being Spam-Complacent

Dennis Faas's picture

Symantec Message Labs has uncovered some interesting information in light of a new research project. Apparently, Linux computers are sending a disproportionate amount of spam in comparison to other operating systems. The news comes as a surprise, since Linux retains only a small market share.

The research project consisted of Symantec taking a "snapshot" of spam rates from November 2009 through March 2010. This is done through a method called "passive fingerprinting" which involves analyzing the network traffic of a remote host, in turn revealing the operating system of that host.

Linux's Share of Spam Market 5X Higher

Symantec found that Windows maintains over 90% of the market, therefore most of the spam continues to originate on Windows machines. In total, 92.65% of spam comes from Windows PCs, with 2.22% coming from other operating systems. Surprisingly, almost none of the spam appears to have come from Apple computers. (Source:

That said, the report suggests 5.14% of all spam online is emanating from Linux machines. Considering the fact that Linux makes up about 1.03% of the operating system market, the figures are unusually high, to say the least.

Linux Machines Top Spam Index Ratio

Symantec then calculated a spam index, dividing the percentage of spam by the market share of the operating system to get a ratio. This ratio estimates the likelihood of a computer running a particular operating system that will send spam.

Linux tops the ratio with 4.99; almost five times more than Windows at 1.01. Apple received a zero ratio.

Numbers May be Skewed

One potential explanation for the inflated ratio pertains to how Internet Service Providers (ISPs) allow their customers to send mail. In most cases, ISPs do not allow their customers to send mail directly from port 25 to the Internet, since port 25 is often abused by spammers for sending unsolicited bulk email messages. For those unaware, port 25 is a channel reserved for communicating outgoing email to email servers.

That said, Internet Service Providers primarily use Linux as part of their network of servers which manage Internet connections and emails of their clients (which are typically connected to Windows machines). Thus, if a Windows PC on an ISP's network is spamming, the spam would fist be routed through the ISP's Linux servers, contributing to the high Linux spam ratio. (Source:

Rate this article: 
No votes yet