Walling off Asian E-mail to Prevent Spam

SomeoneYouDontKnow writes: "Seems there's been lots of spam news lately. This piece from Wired describes how frustrated sysadmins in the West are responding to a torrent of Asian spam by simply refusing all e-mail from that part of the world. As anyone who's ever reported spam to Asian ISPs can attest, getting a response of any kind is almost impossible, so some ISPs are simply giving up on receiving any mail from them. Setting up barriers like this is regrettable, but when the originating ISPs refuse to take responsibility for the actions of their users or close their open mail servers, there would seem to be no other choice. Has anyone ever had any kind of constructive conversation with one of these ISPs to see why they are unable or unwilling to do anything?"

Ban Asia???

[Markvs]

Sure, why not. Heck, I blocked France on principle!

Re:Ban Asia???

[Niadh]

Some good things CAN come out of Asia. I have 2 Asian friends I ICQ. They're pretty cool and good c coders but hate where they live. Won't argue with you on France thou. Banning them is just plain common sense.

Re:Ban Asia???

[Xxooss_Gemfyre]

France? Yes France is banned

Re:Ban Asia???

[Jay+L]

I don't block France... I just refuse to let them fly over my airspace.

Re:Ban Asia???

Care to explain the reasons why you do this? Do you get a lot of spam from France, or is that just plain dumb xenophobia?

(yes, I am French, and while we have our own bunch of spammers, I wasn't aware they were also annoying users overseas)

Re:Ban Asia???

[AmInParis]

I think they are just kidding. You know sort of like the Canadian jokes? (French Canadians being just as bad as the real thing)

Of course, it could just be in response to the poor treatment of foreigners in general (not just Americans) when visiting "la hex".

Americans in Paris

Re:Ban Asia???

[David+Lightman]

Pretty much everything I believe in is illegal in France, starting with Cryptography.

Re:Ban Asia???

[UberFish]

Pretty much everything I believe in is illegal in France

Ditto.

I've also known too many French people.

Ban them I say!

Re:Ban Asia???

[maggard]

Heck, I blocked France on principle!

S'allright - soon as they heard they surrendered. You're now in charge; can you do something about the dog poop?

Re:Ban Asia???

[jd142]

Actually I get attacked a lot from wandaoo.fr. So banning France here would be an option. I get attacked more from there than from Asia.

Re:Ban Asia???

Nothing new - millions(?) of users and I block all foreign language mail by diverting it straight to the trashcan. If you can't read it, why bother to have it fill up your inbox???

Re:Ban Asia???

Heh, the French always fall back on their "culture" defense, because they have absolutely nothing else to offer.

Re:Ban Asia???

[xtremex]

I have the entire Prinicipality of Liechtinstein blocked. Not that I have ever received anything from Liechtenstein, but it's just a safety measure. :)

Re:Ban Asia???

Hello guys, I'am french.

Why do you hate France ?

Is there some anti-frenchs propaganda on your TV ?

Maybe politacl issues ?

I don't know but this make me sad...

Ok, ok, that's just a joke...

--
Stephane Cocquereaumont, born in France

Re:Ban Asia???

[toupsie]

Same here. My portsentry logs are filled with wandaoo.fr. What is up with that?

Re:Ban Asia???

That's no joke.

They hate France because it is a symbol
of liberty without the capitalist rhetoric.

They like to think they are the best and
they can't stand contradictors. They
want your country to act like a lapdog.
(Just like Canada)

I think it's part of US culture.
This is why you see so many anti-french
comments coming from the US.

Re:Ban Asia???

No, it's France's actions between the Treaty of Versailles and WWII.

Weak and whimpering with too much arrogance.

Re:Ban Asia???

Didn't that "symbol of liberty" forbid their own citizens from using strong crypto until a few years ago?

Re:Ban Asia???

The Chinese Government run$ the internet. They have rea$on$ for letting $pammer$ $crew with u$

Re:Ban Asia???

[kevcol]

:0:
* ^Received:.*wanadoo\.fr
$HOME/mail/crap

:0:
* ^Message-id:.*wanadoo\.fr
$HOME/mail/crap

Re:Ban Asia???

[elroyjenkins]

Actually, its just a really easy country to make fun of. We dont have anything against france exactly, but laughing at the french make it easier for us to put up with some of the things that happen everyday here. Besides, you dont even have to leave the US before you start hearing anti-american jokes, but the difference is that they are often serious.

Re:Ban Asia???

[JimFromJersey]

No, actually it is the repulsive combination of French arrogance and cowardice that brings out the worst in us. You make no sacrifice but then feel that you have the right to authority. See France's failed attempts to regain their pre WWII colonial empire (leaving the US holding the bag after the morons retreated into a valley), after we left so many bodies at Normandy (note to Brits and Canadians - We know you sacrificed as well and the Russians who may be reading - You sacrificed more then all) and they left so few dead at Maginot(sp). Notice now how the French feel they have the right to whine about American "Unilateralism" in Afganistan after making no effort to assist. Here is a clue, you make no sacrifice, you have no say. Before you go spouting any crap about the French helping us gain our independence. You only entered the war once it becme clear that we were going to win (After the battle of Lake Champlaign (sp), iirc).

Re:Ban Asia???

Yes I'm banning all the world except my IP.

Re:Ban Asia???

[pivo]

That symbol of liberty allows its citizens to use RU486, something this symbol of liberty doesn't.

Re:Ban Asia???

[pivo]

Most Americans don't really hate the French, it's just an idea that's been promoted on insipid television programs which play to our ingraned mistrust of foreign cultures. We're a big country which most citizens never leave in their entire life, or if they do they're too busy looking for McDonalds to notice that they're in a different place.

The fact is that most Americans don't even know a single French person.

Re:Ban Asia???

[AmInParis]

Symbol of liberty without the capitalist rhetoric? Please! France is a wannabe capitalist society that is bleeding to death from an overly socialized populace!

First, strikes! These happen so frequently that they've lost all meaning. It's the boy who cried wolf. It's nothing more than a vacation day for the workers. Worse than that, the companies then pay the workers for their missed day! Strikes cost the Louvre $1.4 million last year and why the hell was one of the reasons for striking? Because, they already worked a 35 hour week and the new French law giving it to everyone would (wait for it) make everyone just...like....them. Egalite? Please!

Second, workers rights. I think it's sad the way many American companies throw away workers like chattel. However, it's just as sad to think it's a company's duty (en France) to retrain a worker who didn't keep his skills current and then cries about it when the end comes.

Third, France is every bit as capitalistic as America. I recently spent a week in Warsaw (Varsovie) and you know what I saw? Carrefour, Geant, and Hypermarche!

Another reason France isn't considered as capitalistic as America is because they simply aren't any good at it. Why are there not any French fast food restaurants (Quick not withstanding)? It's not because fast food sucks (even though it does) but because fast food requires consistency and French process lacks that. I know I can get the same crappy Big Mac no matter where I go.

Finally, France is behind in capitalism because customer service and advertising have always been a second thought if non-existant altogether. Companies like Darty, Habitat (British), and JC Decaux have realized that and are now flourishing.

Oh yeah, and anti-French rhetoric from the US? It's from everywhere just as it is against the US. Last week I was looking for some quotes about the French to put on a website. I was hoping for something about the wine, culture, etc, perhaps from Voltaire, Baudelaire, or Shaw. However, what I found were anti-French quotes and most of them European! One of the URL's I found: http://www.insults.net/html/world/france.html

This could go on all night but one last thing to think about when you wonder why people are down on France. The French schizophrenia regarding foreigners and their language! Half the population is angered if you don't speak French. The other half is insulted when you try and don't do it perfectly. Rome, Pisa, and Florence? No one spoke English but we all did our best without attitude. Belgium and Amsterdam everyone spoke English and gladly switched when they realized I couldn't speak their language. Why should there be such a stigma in France! Oh, and what's with the French law requiring a certain percentage of radio and advertising be in French (http://www.american.edu/projects/mandala/TED/engl ish.htm)? Isn't there something wrong when the goverment has to enact laws just to protect it's language? Where's the weakness?

Re:Ban Asia???

[serbanp]

I'm affraid you're dead wrong about the junk-food consistency across the world.

Go to MacDonalds in places like Singapore or Taipei (where I have first-hand experience) and you'll find a big difference in the food quality.

There the food is almost palatable, not like the junk one can buy in US. I really wonder how usians accept eating such s**t, with the shower of commercials talking about cholesterol, healthy nutritions and such.

Re:Ban Asia???

[jdonnis]

My worst spam problems originate in the US..
So CUT OFF THE US from the rest of the internet..
That'll teach them..

JMD

Re:Ban Asia???

[marcs]

Check

http://www.incidents.org/archives/intrusions/msg 02 748.html

Scroll down to 'Wanadoo.fr ISP Unresponsiveness Prompts Political Action' for more info. Action is being taken...

Re:Ban Asia???

Yea, down with the frogs.

Re:Ban Asia???

[johnnie]

"Heh, heh... No one ~ever~ says 'Italy.'"
-Hank Scorpio

I can't disagree more

[MicroBerto]

As the Ex-AbuseDesk admin at a local ISP, I must say that I wanted to do that VERY badly, but wasn't allowed to. There's simply no way to get a response from them. I have absolutely no qualms about cutting communication off from them. It's just so frustrating for EVERYONE.

On the other end, if many of those domains are in the Orbz or other blacklists, maybe just using those would be better.

Re:I can't disagree more

[rope]

i saw this on alt.freeware:

after i tried removing myself from a mailing list, this is what i got:

--------
This Message was undeliverable due to the following reason:

The following destination addresses were unknown (please
check
the addresses and re-mail the message):

postmaster@i.com.cn

Please reply to postmaster@i.com.cn
if you feel this message to be in error.
--------

um, i guess they don't know they don't exist ?

Re:I can't disagree more

Uhm well i seem to remember reading up statistics saying the vast majority of spam originates from the U.S. (more than 75% i think).

I wonder how you'd feel if the rest of the world suddenly blocked all mails from U.S. ISPs? Heck, doing so would eliminate 75% of spam compared to say *AT MOST* 25% from Asian countries.

Let's see just how well YOU would take it....

Re:I can't disagree more

[Rogerborg]

• On the other end, if many of those domains are in the Orbz [orbz.org] or other blacklists, maybe just using those would be better

Do the reading. Despite the shrieking tone of the article, what we are talking about here is Spamhaus blacklisting China Telecom, not "all Asian ISP's". That's the entire story. And Spamhaus themselves suggest that their list should be used in conjunction with an open relay list.

Re:I can't disagree more

I dont get emails from Asia, so it wouldnt bother me. Perhaps it could be left as an option for the user to select? I tend to get a lot of spam from .KR, and i know no-one there, and i`m never going to go there, so why would i be interested in receiving anything from there?

Re:I can't disagree more

[MadAhab]

A few of them were on the blacklists; mostly the open relays and smaller ones (well, when blacklists were free I noticed this). I'm pretty sure the warantee card for a ceramic knife put me on the list, and the incredible volume of spam didn't stop until I simply added tons of domains and a bunch of /24 and /16 to my access rejection... There are a lot of 163.net, 263.net in there as well as the large freemail services. They are really the most persistent spammers I've seen.

Re:I can't disagree more

[virx]

Isn't .kr Korea? And it's in Asia:)

Re:I can't disagree more

A vast majority of spam might *originate* in the US, and then a substantial chunk of that *relays* through boxes in Asia and is delivered back in the US.

The core issue is that Asian admins won't close their open relays. (This is both incompetance and in some cases intentionally aiding and abetting the spammers.)

Although my Yahoo spamtrap account does get lots of mail with subject lines like "ôô¦æ¾PWűâ"

Re:I can't disagree more

[ahodgson]

There are lots of free blacklists.

http://www.orbz.org/
http://www.ordb.org/
http ://relays.osirusoft.com/

just for starters

Re:I can't disagree more

Do the reading. Despite the shrieking tone of the article, what we are talking about here is Spamhaus blacklisting China Telecom, not "all Asian ISP's".

No, we're also talking about blocking all of China. Korea too. Our sendmail servers stopped talking to them a year ago, without any help from any distributed blacklists.

The fact is that it's happening. There are an increasing number of mail servers in the west that are refusing connections from any Chinese or Korean IP address because of spam. This may also be exactly how the Chinese government wants things.

Re:I can't disagree more

[roybadami]

That may be, but the point still stands.

I've heard of people who drop all mail from .cn domains, for instance.

Re:I can't disagree more

Every piece of spam I recieve is from the US, but what really pisses me off is that its pushing things that are only applicable to people living in the US. I personally don't mind if you guys refuse to acknowledge the existence of any places other than the US, but how fucking hard is it avoid sending that SocialSecurity Lottery shit to .co.za domains, huh??? Get a bloody clue.

day old article from wired

it is nice how people keep submitting and slashdot keeps posting day old articles from wired.com

Re:day old article from wired

[Xentax]

I bet this (the parent) gets modded to flame-bait or trolling, but I have to agree.

Not all that long ago, I often saw news on Slashdot before any of the "mainstream" news entities online. Lately, it's been the other way around.

Xentax

Easy solution around the spam

use peek-a-booty!

Increase your ejaculation by 581%

Is most of the english spam from Asia as well? Do American companies hire Asian spammers? What's going in?

Re:Increase your ejaculation by 581%

Do a search on open relay. That should answer your question.

Sadly, this is the only way to go

[InterruptDescriptorT]

I feel bad for the legitimate Asian users of e-mail trying to communicate with their comrades in the West, but it has been proven that this is the only way that ISPs will finally own up to the task of stopping spammers abusing the networks. Look what just the mere threat of the Usenet Death Penalty did to @Home--they have cleaned up their act significantly.

Strange as it is to say, this 'denial of service' is one that I think may actually have some future positive effect. The way the world seems to work is that no one will bother to do anything unless you threaten them with the loss of their service, and then they take action. Sad, but true.

Re:Sadly, this is the only way to go

[jellybear]

The sort of denial of service that you suggest is unlikely to motivate reform unless each ISP is banned on an individual basis, and can be reformed on an individual basis. The carrot of being reinstated must exist. If the whole region is banned whether regardless of that particular ISP's behavior, then that ISP will have no incentive to correct its ways.

Re:Sadly, this is the only way to go

[#if+0]

It may be necessary to eventually threaten those ISPs with being blocked, but still there are a lot of *constructive* steps that could be used to help the situation.

**Like actually bothering to translate your contact messages into various non-English languages. After all, when was the last time You, as a sysadmin, responded to an informative message to postmaster@your.org that was written in an Asian language?? I didn't think so...

Re:Sadly, this is the only way to go

[John+Allsup]

A certain degree of 'collective responsibilty' together with individual 'carrot/stick' is what is needed. Have 'good' ISP's marked as such, and
'bad' ISP's marked as such. Then, when a certain region causes problems on the scale we're seeing, ban the region, except for the 'good' ISP's. And ban a 'bad' ISP regardless of where it is in the world. This would probably present a good incentive for good ethical practice, since it would make the ISP attractive to genuine emailers.

Re:Sadly, this is the only way to go

[Ivan+Raikov]

Like actually bothering to translate your contact messages into various non-English languages. After all, when was the last time You, as a sysadmin, responded to an informative message to postmaster+AEA-your.org that was written in an Asian language?? I didn't think so...

Look, translating your messages in languages other than English is akin to translating your TCP/IP protocols to something else for each remote server you want to connect to. After all the purpose of common protocols is to have everybody agree on a common set of meaningful expressions used to interchange information.

IP and English are two such common sets.

Re:Sadly, this is the only way to go

[rutledjw]

Isn't this what happened to Earthlink about 4-5 years ago (an Internet Millenium)? They were HORRIBLE about not dealing with spammers, then several networks got tired of dealing with the e-mail boxes filling up, not to mention the bandwidth being used. Finally, anything (e-mail wise) from Earthlink was denied, end of story.

At that point, they started paying more attention. The same will probably happen here, once legit users start getting screwed, they'll complain to China Telecom (or whomever) and get the problem taken care of.

Irritating good customers is not worth looking the other way so some small-time scammers can get away with nonsense. Hopefully, this will be the case...

Re:Sadly, this is the only way to go

[macdaddy]

A good example of when warning or trying to educate an ISP doesn't work is Broadwing.net. Alan Ralsky, one of the fathers of spam, uses them all the damned time. They provide connectivity for spamming operations that abuse open relay, host spamertised sites, and much more. They have been warned by everyone and their dogs. I used to LART them all the time before I finally gave up. I just blacklist their network. At last count that was 3 /14s, a /24, and a /28. They can rot in my blacklist of hell for all I care.

Re:Sadly, this is the only way to go

[stilwebm]

If I recall correctly, they were not being responsive to people using throw away dial-up accounts as quick relays, and so they became known among spammers as an easy place to get an account. The simple fix was to stop routing port 25 from dial-up customers to outside of their network, but they refused. Then ISPs started blocking Earthlink email, customers started complaining, and within short time frame they caved and blocked port 25.

Re:Sadly, this is the only way to go

[gmack]

Alan Ralsky is a special sort of problem though. He tells the ISP how much money he makes and implies they will get rich working with him.

In the end they take a tiney fraction of the income in return for taking all of the risk.

Check my journal for his interaction with my former employer.

Re:Sadly, this is the only way to go

[42forty-two42]

> Look what just the mere threat of the Usenet Death Penalty did to @Home--they have cleaned up their act significantly.

@Home wend bankrupt-think that could explain it?

Re:Sadly, this is the only way to go

[mttlg]

Like actually bothering to translate your contact messages into various non-English languages.

I usually have no problem getting replies from foreign ISPs in English. For some reason though, they all seem to keep telling me about some postmaster account being over quota...

Re:Sadly, this is the only way to go

Geez! Now that's a way to go. I agree that english is the most common language in the internet but it sure isn't the mother tongue for the great deal of netizens. Comparing protocols to languages shows your level of maturity, and propably the level of other content in your "spamstop" messages too. Maybe a bit of respect and effort from your part could produce a better result. (= response).

- Hezekiel -

Re:Sadly, this is the only way to go

[walt-sjc]

While translation is a nice idea, I don't think it's worth my time to learn 20 different asian languages just so I can complain about spam. I'm sure not going to pay someone to translate for me to complain about spam. So what OTHER constructive steps can you come up with that are REALISTIC?

The bottom line is that if asia doesn't want to get firewalled, they need to get agressive about closing open relays. Note that I don't descriminate against asia, I descriminate against EVERYONE that sends me spam. This include many european and south american netblocks / TLD's too.

Basically I don't get ANY legit email from these countries. Not blocking them would be silly.

Re:Sadly, this is the only way to go

While I agree with you in part, you have to realize that English is at this moment the official language of the internet. Also, ISP's in China have a large base of qualified Chinese & English speakers to choose from if they really decided to take the issue of Spam seriously. The only solution is to blacklist ISP's that do not make an effort to secure their servers and stop spam. Customers who want to email the US can then choose another ISP and hit irresponsible ISP's where it really hurts...in the pocket.

Re:Sadly, this is the only way to go

Sie sind ein Idiot
usted es un idiota
vous êtes un idiot
siete un idiot
você é um idiot
(The remaining three are not supported by english-language software because they use cjk or other large ideographic character sets. A US based user COULD NOT send messages in these character sets without quite a bit of difficulty, but a Chinese person could easily visit babelfish.altavista.net)

Re:Sadly, this is the only way to go

[Beetjebrak]

Maybe someone with some spare time could start gathering standard spam-complaints in different languages from all around the world. Sort of like choose the language, spam-type, click 'ok', and copy/paste the resulting text into an e-mail. I'm sure lots of people all around the world have complained about spam once in a while, they'd be willing to forward their e-mails to such an anti-spam message repository.

Re:Sadly, this is the only way to go

[fmaxwell]

**Like actually bothering to translate your contact messages into various non-English languages. After all, when was the last time You, as a sysadmin, responded to an informative message to postmaster@your.org that was written in an Asian language?? I didn't think so..

The development of the Internet (yes, the Internet is more than the HTTP protocol) was funded with U.S. taxpayer dollars. Non U.S. users can damned well speak English when addressing us. When in Rome...

Re:Sadly, this is the only way to go

[famebait]

According to another poster, the main concern here was users of China Telecom. If that's correct:

China has been trying to limit it's citizens' internet use from day one. For China Telecom, the rest of the world blocking email from their users does not represent a problem at all, it just makes their job easier.

Re:Sadly, this is the only way to go

[Alan]

I would do this if the emails I got from .ch, .th, etc weren't embedded with obvious ads and spam. A bunch of asian characters surrounded with sexyyoungteenswithhaireyebrows.com.ch type URLs is pretty obviously *not* a letter to the postmaster about something legit. Looking at the headers normally confirms this as well.

I don't recieve a lot of non-english mail, but 100% of the stuff I do get is spam, and obvious spam. I'm not blocking anyone though (though spamcop is my friend) :)

Re:Sadly, this is the only way to go

[operagost]

They block port 25 for broadband, too. I had to configure my SMTP to use their servers as a gateway.

Re:Sadly, this is the only way to go

[jedrek]

Like actually bothering to translate your contact messages into various non-English languages. After all, when was the last time You, as a sysadmin, responded to an informative message to postmaster@your.org that was written in an Asian language??

The international language of snail mail is French. That's why air mail is par avion. It's like that all around the world and no one really complains. If the admin knows enough to postmaster@ he knows it should be in english. English is *the* offical language of email. Just look at the headers, I don't see a 'Od: instead of 'From:' or 'Temat:' instead of 'Subject:'.

Admins speak english, you can't really be a good admin if you can't communicate with your computer and 90% of software - even software created in non english speaking nations - is in english.

jedrek

Re:Sadly, this is the only way to go

[coyote-san]

If you are a (non-military) pilot, you are *required* to have a minimal working knowledge of English. All radio communications are required to use English, by international treaty. In many other fields, English is used by convention, not explicit treaty. But it's still the most common shared language.

This isn't cultural imperialism, it's a recognition of the fact that we need a shared language - *any* shared language - and English is a good choice for it. It uses a simple alphabet, has simple conjugation rules, and a well-known "international English" subset that's sufficient for most routine interactions.

It's also important to remember the flip side of this - native English speakers need to be able to understand the heavily accented and mangled English of non-native speakers. In some ways this is harder than learning Int'l English - the non-native speakers only need to learn one language, we have to learn dozens of varients.

Bottom line: any ISP larger than a 2-person shop should have employees able to understand the gist of these complaints and to respond. Their English may be broken, but that's sufficient for communications to occur.

Re:Sadly, this is the only way to go

I just wanted to add one more comment to my last post. I have in the past communicated with several people in China through email and most of them used web based email such as Yahoo or Hotmail, therefore, it would not be a tragic occurance if China telecom was blocked from sending email to the US. I myself use Yahoo for email and while I get a lot of Spam, 99% of it goes directly to the trash because I have filtered everything that does not have my email address in the To: field.

Re:Sadly, this is the only way to go

[Betabug]

Hey man, .ch is switzerland, definitely not in asia -- better read up before you complain. China is .cn.

Re:Sadly, this is the only way to go

[chowbok]

All systems-related communication on the internet should be in English? I must have missed that RFC.

Re:Sadly, this is the only way to go

[Computer!]

The spam came to you in English, didn't it? The HUGE volume of spam coming from Asia is in English, isn't it? Fuck, man, /. is in English. Get over yourself, these people need to at least find someone who reads English to respond to the occasional postmaster mails they get.

Re:Sadly, this is the only way to go

This isn't cultural imperialism

That's exactly what it is. The adoption of English has nothing to do with its "simplicity" and everything to do with the U.S.'s domination of the world economy.

Re:Sadly, this is the only way to go

[blair1q]

I'm sure they know what "This spam came from your site, please stop it." means, because after the first ten thousand messages saying the same thing, they might have had someone who does know English read it to them.

--Blair

Re:Sadly, this is the only way to go

[John+Miles]

The adoption of English has nothing to do with its "simplicity" and everything to do with the U.S.'s domination of the world economy.

Or the fact that practical air travel originated in the United States.

Some people see cultural imperialists under every bed, the way the McCarthyists saw Communists.

Re:Sadly, this is the only way to go

Just cause you get english spam, doesn't mean the sysadmins should be expected to speak english. We're talking about people with which you're trying to establish communications, not spammers themselves. Do you blame the sysadmins for not being as western-savvy as their criminal counterparts who send the huge volumes of spam? I mean shit, I think that says something about America right there. The foreigners most interested in America are the scumbags looking to deface it. You should be ashamed of your monolingual ass.

Re:Sadly, this is the only way to go

[Computer!]

You should be ashamed of your monolingual ass.

OK, AC, I'll bite:

Anyone whose fucking business depends on people who spam in English to make millions of dollars in a global economy needs to figure out how to read english emails. That's because no business correspondence of any importance is ever, ever written in Mandarin fucking Chinese, retard. Next time you want to ask someone to be ashamed of their monolingual ass (I could make this post in Latin or Spanish if I was bored enough, by the way), log in to do it.

Re:Sadly, this is the only way to go

[nzhavok]

It's also important to remember the flip side of this - native English speakers need to be able to understand the heavily accented and mangled English of non-native speakers. In some ways this is harder than learning Int'l English - the non-native speakers only need to learn one language, we have to learn dozens of varients.

Don't forget that a lot of non-native speakers have to learn these accents as well, i.e. any air-traffic controllers in countries which don't have English as their primary language. So in the end I would say it's easier on natural English speakers as opposed to those who don't have English as their first language.

Re:Sadly, this is the only way to go

[jazman_777]

This isn't cultural imperialism, it's a recognition of the fact that we need a shared language - *any* shared language - and English is a good choice for it. It uses a simple alphabet, has simple conjugation rules, and a well-known "international English" subset that's sufficient for most routine interactions.

Additionally, you don't need to master the language to use it. You can absolutely butcher English and get away with it; they'll think, "he's just an American."

Re:Sadly, this is the only way to go

[ahodgson]

Earthlink's problem was that they used UUNet dialups and allowed relay from all UUNet dialups. So any user on any ISP using UUNet dialups (UUnet outsources dial pools for a lot of ISP's) could relay mail through Earthlink's servers.

Unlike most UUNet ISP's, or UUNet themselves for that matter, Earthlink did eventually take steps to stop this problem.

Re:Sadly, this is the only way to go

[amuro98]

I doubt most people's systems are set up to deal with the doublebyte character sets used by most Asian languages. Yeah, you can use romanized language (eg. "Please erase your spammer" => Japanese => "Spammer o keshite kudasai" ) but that assumes you actually know the language...

Worse still, Chinese has no single romanization method, since each dialect pronounces everything differently. Yeah, if I *could* enter zhongji into my email client, I guess I could try saying "Spam bu hao! Ni bu hao!" but that wouldn't really get the point across... (and don't think I haven't tried sending that to Mainland China.)

Ignoring the language problem, there's another problem with dealing with these ISPs - they have no valid admin address. No abuse, postmaster, hostmaster, root address or aliases, and if you look stuff up in APNIC, most of those addresses are bogus or no longer work. Heck, most Korean ISPs list APNIC as their admin! (APNIC, btw, doesn't read its email, despite being located in Australia.) So even if you could send a message which explains what spam is, why it's bad, what an open relay is, and how to fix it, in the language and character set of the local admin, you still won't be able to do anything.

I've sent complaints in plain simple English (no idioms, abbreviations, etc.) to China and Korea for years. Sometimes I'd even get a response written in decent enough English...which was pretty useless since I never saw a decrease in spam from them (or even a decrease in repeat spam.)

I think it's clear they know the problem exists, but are either too complacent or corrupt to do anything about it.

Let them rot in my filters. When(IF) China gets a clue and decides to be a good internet neighbor, they're going to have to get a new TLD, since I doubt very much anyone will want to receive email from .cn anymore.

Re:Sadly, this is the only way to go

FUCK THAT,
All the god-damn spam they send us in English,
why shouldn't my reply be the same?

Re:Sadly, this is the only way to go

You guys know that there are more chinese people who speak english than americans right? :) I think it's something like 400 or 600 million english speaking chinese, and well... we only have 300 million. :)

Re:Sadly, this is the only way to go

[cyber-vandal]

I get a lot of spam from Taiwan for some reason, and it's all in Chinese. Guess I won't be buying that innovative penis enlarger from them after all.

Re:Sadly, this is the only way to go

[frost22]

All systems-related communication on the internet should be in English? I must have missed that RFC.

No. You just missed your education, and shelved rational thinking somewhere in your cellar.

Working knowledge of English, both reading and writing, should be mandatory for anybody administrating an internet connected system. The key word is communication - people have to understand each other. There is no "equal right for every fucking language" in such a setting. Our only chance at universal mutual understanding (which is required here) is a universal mutually understood language.

BTW - have you noted that the RFCs are written in English ? Are you aware that all major programming languages are modeled after English ? Did it occur to you that up-to-date security information is dealt in English only ?

FWIW, I'm not a native English speaker (as you should know by now :-), don't live in an anglophone country, and didn't even learn it as first foreign language in school. Go figure.

f.

Re:Sadly, this is the only way to go

[frost22]

The development of the Internet (yes, the Internet is more than the HTTP protocol) was funded with U.S. taxpayer dollars. Non U.S. users can damned well speak English when addressing us.

Do we have to keep the eyes on the floor while talking to you, Master, or are we allowed to look up ?

*sigh* jerks like you are the ones poisoning this debate. There are so many good reasons for a universal command of English for basic understanding. Whose money paid some reasearch is certainly not among them (and you stole it anyway).

f.

Re:Sadly, this is the only way to go

there are more chinese people who speak english than americans right?

I somehow doubt that.

There may be more chinese people who speak engrish, but I'd doubt there are more who speak english

Re:Sadly, this is the only way to go

[GreenArtichoke]

You shouldn't generalize that all Americans think the same way Computer! does. We're not all monolingual, and we don't _all_ think others should know English. You're also assuming (s)he's monolingual because (s)he's American.

I do agree that the sysadmins should not be expected to understand an complaint sent in English. However, spam abuse complaints usually do not contain much English (other than the original Spam itself anyway), they are mostly internet header information, IP addresses, and hostnames. If you are a sysadmin, you usually know arabic numerals and your own domain and host names. At least I would hope so.

Re:Sadly, this is the only way to go

[Kanasta]

So, have you ever noticed that you can get Chinese/Japanese/Korean etc versions of windows?
Did you notice when DL patches to your programs you usually have to choose from about 50 language versions?

What kind of pomp ass are you to think the all IT ppl must have a fluent level of English?

Why don't you go apply for a job in Japan and see how much of their computer systems you can understand.

And if you stop and think, an admin may have the skills to know the diff btwn File->Open and File->Close.

That doesn't mean they'll wack out the dictionary and spend half an hour reading an email in English from some unknown location when all their work/customer email comes in their native language.

Especially when they hit a swear word in the 2nd line.

Re:Sadly, this is the only way to go

[jhunsake]

Look at your keyboard. The 'h' key is adjacent to the 'n' key. Then realize what his mistake really was: a slip of the finger.

Re:Sadly, this is the only way to go

[cperciva]

If you are a (non-military) pilot, you are *required* to have a minimal working knowledge of English

If you are an academic, you are *required* to have a working knowledge of English. I was recently invited to speak at a conference in Munich. The notice stated explicitly "please note that all material must be in English".

Re:Sadly, this is the only way to go

[jordanb]

What kind of pomp ass are you to think the all IT ppl must have a fluent level of English?

Every international dicipline has an official language. For diplomacy, it's French, for Science, it's Latin, and for Computers, the langauge is English.

Windows is translated into Asian languages for the same reason why there are medical refrences in English and treaties in German. For day to day internal use, the vernacular is the best language. The first time somehting leaves the borders, however, it needs to be written in the offical langauge.

You're the one being pompus to think that every admin on the internet should know 300 languages so they can respond to requests in any those langauges. Do you know every language used on the internet?

Re:Sadly, this is the only way to go

[Paul+Komarek]

However, I expect that the former British Empire has a lot to do with the widespread familiarity with English. In this case, imperialism has a lot to do with it. For instance, the country of India uses English to overcome the many, many Hindi (and other?) dialects. This is clearly because of British Imperialism.

The other poster just had the wrong imperialist country. =-)

-Paul Komarek

Re:Sadly, this is the only way to go

[fmaxwell]

Do we have to keep the eyes on the floor while talking to you, Master, or are we allowed to look up ?

I prefer that you look up to me.

(and you stole it anyway)

And who, pray tell, do you think we stole U.S. currency from?

Re:Sadly, this is the only way to go

[gfim]

But the 'w' key is nowehere near the 'h' key!

Re:Sadly, this is the only way to go

[DavidTC]

My abuse messages to open relays anywhere in the word consists of one line, something like 'You're running an open relay'. If they can't understand the phrase 'open relay' they shouldn't be running a fucking mail server.

As a matter of fact, they shouldn't be running one anyway, anyone who sets up an open relay should be banned from the internet. (Note I said sets one up. I am aware that there are some open relays around from the earlier times, and I'm not too pissed at the people who inherited that system and never checked sendmail.cf, but they need to close them as soon as they are notified.) But anyone who sets a new one up should be prohibited from running any sort of server for a good year, because they are too irresponsibly to operate one.

Re:Sadly, this is the only way to go

[mccalli]

You guys know that there are more chinese people who speak english than americans right?

It's true. There are very few Americans or indeed British left anymore that speak English right. Or even correctly... :-)

Cheers,
Ian

Re:Sadly, this is the only way to go

[jhunsake]

But the 'o' key is nzwhere near the 'z' key!

Re:Sadly, this is the only way to go

They're spamming my English language domain - I don't owe them a damn thing. It was much easier to add 211.0.0.0 to my packet filter.

No response to complaints after receiving spam ...

[CyberQ]

is one thing. Not getting any cooperation when your own e-mail address is used as a false sender in the header of "enlarge your {certain male bodyparts}"-spam mails is a another thing. Ask me, it happened to me two weeks ago. I didn't even get a mail back from the provider.

Setback for the net?

[cstrommen]

Isn't this a huge setback for the net? If everybody in Asia that has an Asian email-address won't be able to send mail to most of the western world, then can we really call internet for a global phenomen (yes, I know there's still the web etc etc. But email is one, if not the one, most important parts of the net).

What about getting laws that say that unsolicitated mail is illegal? Shouldn't that do the trick? Anybody got some good reason for why laws like this shouldn't come true?

Re:Setback for the net?

[HCase]

For any law like that to work it has to both be enforceable and accepted in the country the mailings are coming from. We can ban unsolicited email as much as we want, it won't stop them from spamming unless they agree with it, and it doesn't seem like their to worried.

Re:Setback for the net?

[Zathrus]

No it's not a huge setback. Eventually the various Asian admins that are causing this will get the clue and fix their mail systems.

I get roughly 100 messages or so of SPAM a day on my Hotmail account -- I can't give an accurate number because I keep blocking entire domains (some jackhole, and I think I know who, decided to add me to various coupon and ad sites, which becomes a deluge as they share mailing lists). Of the 150 or so blocked domains, about 10% of them are Asian (surf to xyzzy.net and note that entire webpage is in a font I don't have installed).

Make a law? Sure. In which country? Or do you mean you want to outlaw SPAM in the US, and then somehow think you're going to be able to prosecute a company located entirely in North Korea under US Law? Things just aren't that easy. I'd like to see a reasonable way to legislate SPAM to be illegal, even if it only did affect the US, but I'm yet to see anything that has teeth AND makes logical sense.

Re:Setback for the net?

[GigsVT]

There are laws in a lot of states.

Where are you going to pass the law, and how are you going to enforce it in Asia? The only hope would be an international treaty, and even then, it's up to the participating countries to pass and enforce laws dictated by the treaty, and even then, nothing's forcing them to even sign it, and it would also present an opportunity for power grubbing government types to steal even more rights.

There is no good solution, except maybe a good international asskicking. (Not like war, I mean like physical asskicking of the people involved.)

Re:Setback for the net?

[TwinkieBoy]

They can still use something like hotmail if they want to...

Re:Setback for the net?

[RazzleFrog]

There are laws in some areas but enforcement is a bitch. If an American spammer is using an open-relay in Asia somewhere it is very difficult to find and fine them.

Re:Setback for the net?

[wakebrdr]

What about getting laws that say that unsolicitated mail is illegal?

How much time do you expect a Chinese bureaucrat to spend prosecuting a fellow countryman because he made 1000 foreigners delete a bothersome message?

I hate spam, but the last thing I want is a bureaucratic solution. The free market will find a way grasshopper....

Re:Setback for the net?

[kerrbear]

What about getting laws that say that unsolicitated mail is illegal? Shouldn't that do the trick? Anybody got some good reason for why laws like this shouldn't come true?

We could pass all the laws in the West we want but they would be completely unenforceable in Asia.

Perhaps an international body of enforcers could be set up similar to the WTO where fines or punishment could be meted out with the full backing of each nation. But that's not likely to happen seeing as there is little money involved- unlike trade.

Re:Setback for the net?

[doubtless]

Well, it's a shame when that happens. I am from Asia, and when I was there I didn't even have the confidence to use local ISP email account. Anybody can still use yahoo, hotmail or any other free services to contact their western friends.

I guess this affect Asian businesses more than the local folks. When businesses start to complain to their ISP why they can't send any mails to their western counterparts, maybe the ISP will start to listen.

Some ISPs there have very under qualified admin (the good ones moved here to the US ;-), heck, some of them can't even understand english very well. ISPs there have a habit of hiring a contract person to set up everything and leave it.

Re:Setback for the net?

[(void*)]

Why is this a setback? In the 1994 days, when the net boomed, lots of people got onlne and there was a chaos of newsgroup/email spamming. These people have largely learned. Then MS internet users got online in 1995. Same thing. Then AOL users. Each one of them will learn, so why can't Asian's countries? Have some faith in the smartness of SysAdmins!

Re:Setback for the net?

[sqlrob]

Most of my spam is now from Asian countries.

How much of it advertises an Asian service? Absolutely none.

Most of it is bounced through open relays.

Re:Setback for the net?

[Skirwan]

What about getting laws that say that unsolicitated mail is illegal?

That's brilliant! Then, we can make a law that outlaws terrorism! And then fascism! And rudeness, and poor driving, and taking the last donut! Hell, we could just make a law that outlaws 'being mean' in general!

And while we're at it, we should make it illegal to respond sarcastically to extremely simplistic solutions to complex problems! Yeah!

--
Damn the Emperor!

Re:Setback for the net?

[Guppy06]

"What about getting laws that say that unsolicitated mail is illegal? Shouldn't that do the trick? Anybody got some good reason for why laws like this shouldn't come true?"

Spammers and the ISPs that support them have reasons not to do that. And while they may or may not be good reasons, they have money and they have lobbyists, so don't hold your breath for such legislation unless this becomes a big issue this November.

Re:Setback for the net?

[archen]

We could pass all the laws in the West we want but they would be completely unenforceable in Asia

Sort of like those copyright laws...

Re:Setback for the net?

[cstrommen]

I'm not from the US, but it's nice to see people being prejudice ;)

Isn't there any way to make some form of global Internet law? ISP's not following the law will be disconnected from the rest of the net?

Re:Setback for the net?

[Sir+Tristam]

What about getting laws that say that unsolicitated mail is illegal? Shouldn't that do the trick? Anybody got some good reason for why laws like this shouldn't come true?

Who's going to pass this law? The United States? France? Antarctica? The problem with "getting a law" is that this "crime" is committed with the villian in one jurisdiction, and the victim in another. If the United States passes a law saying that UCE is illegal, how are they going to catch and punish somebody in China? And if a US law has active force over the activities of a Chinese citizen in China, doesn't China have just as much right to make laws that have force over what a US citizen does in the US? (Yes, I know, DeCSS; we've already had that, yada yada yada. You want to re-hash that, submit a different story; we're talking spam here.)

There are really only two solutions that could work and are similar to what you are proposing. First, a treaty between the United States (Canada/UK/EU/...) and the Asian countries banning UCE sent between the signing countries. However, allowing UCE brings currency into the economies of the countries that condone it, so I don't think they'd sign something like that unless the alternative was worse. (Cutting off their country's email might qualify as worse.)

Second, declaring that the UN or some other international governing body has jurisdication over this matter and can set criminal penalties. Personally, I despise the thought of giving more power to any international governing body; if you can't abide by what a country's government is doing, you have the option of leaving that country and moving to another. What could you do if you couldn't stand the world government? (I hear the nights are cold on Mars...) I would prefer to avoid anything that looks like it's taking us closer to this possibility (such as enforcing US laws on citizens in another country...)

All that said, I don't think that the final solution to this problem will be resolved in the legal arena. This is a technology problem, and will most likely be resolved with a technical solution, such as a total re-working of the internet mail protocols. The black-listing of entire Asian regions is just a stop-gap measure that probably won't really work for long.

Chris Beckenbach

Re:Setback for the net?

[ednopantz]

Why pass a law? It would take years. These ISPs have the right idea, bounce traffic from spamming domains until their admins get a clue. The ISP's legit users will be the ones who put the pressure on. Would you pay an ISP that couldn't get your mail accepted anywhere else? As soon as this hits the bottom line, these guys will clean up their acts.

And if some ISPs don't and lose all their legit business, than so what? We countinue to block them as all-spam ISPs. Either way, no loss.

Re:Setback for the net?

[aallan]

In the 1994 days, when the net boomed, lots of people got onlne and there was a chaos of newsgroup/email spamming. These people have largely learned. Then MS internet users got online in 1995. Same thing. Then AOL users. Each one of them will learn...

Actually it's still September '91 as far as I'm concerned, and if you don't know what that means, you're part of the problem...

If I remember correctly alot of us did exactly the same thing to mail, and usenet posts, originating from AOL back when if first gave its users full internet access. We blocked it, entirely, eventually the news filtered through that they'd more or less learned manners and we unblocked them. Although I still know of a couple of small academic sites that block all incoming mail from AOL and MSN. Go figure...

This isn't new, people have been doing it since we first started hooking all the various networks together in the first place. Admittedly I can't remember it ever happening to an entire continent before. Personally I think its a reasonable idea...

Al.

Re:Setback for the net?

[gowen]

Actually it's still September '91

Actually, its September '93.

"Wed Sep 3095 14:56:00 GMT 1993", to be exact.

Re:Setback for the net?

[aallan]

Actually, its September '93...

Nope, I'll hold out for September '91. AOL was just the final straw, it'd all being going down hill for a long time before that...

Al.

Re:Setback for the net?

[King+Babar]

What about getting laws that say that unsolicitated mail is illegal?

How much time do you expect a Chinese bureaucrat to spend prosecuting a fellow countryman because he made 1000 foreigners delete a bothersome message?

That depends. If sending SPAM happens to be a capital crime in China and the sender is Chinese, the odds are pretty good given the Chinese practice of harvesting organs for profit.

Re:Setback for the net?

[theSprocket]

Step One: don't use Hotmail, it's part of the problem, not part of the cure.

Re:Setback for the net?

[Tackhead]

> How much time do you expect a Chinese bureaucrat to spend prosecuting a fellow countryman because he made 1000 foreigners delete a bothersome message?

When China Telecom gets 1000 bounces saying:

550 - Falun Gong Xmit JFIIZ WNAZO

with the five-character blocks being randomly generated, once per bounce message, quite a lot ;-)

Re:Setback for the net?

Almost all of my email comes in with the header, "You asked for this at out website", or "Here's the information you requested". I bitched to the ISPs but only got more SPAM for it. Now I just delete it because I do get legitimate email from Asia and don't want to set up a filter on domains because these are the same domains and mailer groups that are legit providers too.

Re:Setback for the net?

[Slarty]

Alright, I'll give. Perhaps I'm part of the problem... but what was significant about September '91? I've also seen September alluded to a few other times in this context. I didn't start using the 'net until 1994-ish, so I guess that makes me a newbie but I'd like to know...

Re:Setback for the net?

[xtremex]

I get a LOT of Spam from .CN and .KR. I use Evolution to block them. You can block sender. I only use Hotmail as a spam trap. No one realy uses hotmail as a legit account, right? I mean, come on! The day I opened the account I had over 50 spams in my inbox!

Re:Setback for the net?

[aallan]

Alright, I'll give. Perhaps I'm part of the problem... but what was significant about September '91? I've also seen September alluded to a few other times in this context. I didn't start using the 'net until 1994-ish, so I guess that makes me a newbie but I'd like to know...

See the Jargon File entry for an explanation of the Sept'93 reference, but for me the death knell was sounded in Sept'91 when JANET started talking about JIPS, which was TCP/IP over the then entirely X.28 UK academic network.

Al.

Re:Setback for the net?

[walt-sjc]

Yeah, but once you DO find the American spammer, you can put him in the same cell as a serial gay-rapist.

Re:Setback for the net?

[andybak]

"Truthfully, the overriding philosophy of most Asian cultures is "looking out for number one" Horseshit... Confucianism and Buddhism are pretty widespread in the East (so I hear!) and both more than occasionally mention the subject of ethics... Your argument makes more sense applied to Existentialism or Romantic Individualism which are both pretty Western and have origins that can be traced back to Greek thought and the Reformation

Re:Setback for the net?

[homer_ca]

I have 2 theories about how hotmail addresses get spam so fast. The day after I opened one address I got a blank message to about a 100 consecutive recipients: aa1001@hotmail.com, aa1002@hotmail.com, aa1003... etc. (not really "aa" but I used 2 initials). Immediately after that I was up to 10 spams a day. So the lesson is, don't use an easily guessed address.
The other theory I have is some low-paid support drone is supplementing his income by selling addresses to spammers, but I'm not so sure of that now. One other hotmail address gets 0 spam, another gets 1 or 2 a day.

Re:Setback for the net?

[Jchrome]

ROTFLMAO. Well done.

Re:Setback for the net?

[ungerware]

Hey, man. Taking the last donut is no laughing matter.

Totally not cool at all.

Re:Setback for the net?

[kaimiike1970]

I feel compelled to point out that this should be:

'gay serial-rapist'

That is all.

Re:Setback for the net?

[amuro98]

Setback? Not really.

Spam is damage on the net. Blocking damage means the net will continue to function.

Taken to its logical conclusion, you'll end up with two "internets" - one that's spam friendly, and one that still works.

I'll let you decide which one you'll want to be on.

Re:Setback for the net?

[amuro98]

There are laws in a lot of states.

That's really great.

What state is China? How about Korea, Taiwan, Hong Kong...?

I've noticed I get *very* little spam from Singapore (like, 2 pieces a year) - and never any repeat offenders. Apparentally there's something to be said for getting your bare ass whipped in public for breaking the law.

Re:Setback for the net?

[GigsVT]

Dude, did you read the rest of my message?

Re:Setback for the net?

[amuro98]

My point is that what good are laws when the perps aren't in the same country?

So you live in Washington state and get some spam that origianted from China.

Ok, now what? Ask your Attorney General to prosecute someone who lives 1000s of miles away, and isn't even an US citizen?

Yeah, I'm sure the Chinese government will be willing to cooperate...

Re:Setback for the net?

[zbuffered]

Basically, the question is, where do you draw the line? Terrorism is illegal, fascism is, well, alive and well, but there are laws protecting people from that as well. Poor driving, we put up with to a point. Spam is not illegal even though it costs us and is a violation of our right to privacy. Making spam illegal wouldn't stop it any more than making terrorism illegal stops terrorism, but it's a good first step. After we make spam illegal, we can go from there, but as long as it is legal, we will not be able to make headway on it.

My favorite part...

[CoffeeJedi]

"It's not under our control." to any message you send to China Telecom. Hmmm, if nothing is under their control and they're a Chinese government controlled organiation........

Re:My favorite part...

It's not under our control." to any message you send to China Telecom. Hmmm, if nothing is under their control and they're a Chinese government controlled organiation........

When a China Telecom sysadmin claims that an open relay is not under their control, send them an introductory Welcome To Happy Falun Gong Information Mailing List!!! newsletter using that relay. Mention that the next issue will CC: a bunch of Chinese government addresses and see if they suddenly realize that it is under their control after all.

I've considered doing the same thing but...

[rc.loco]

...you basically are letting the spammers win when you close off one of the biggest open communications medium known to human kind. Perhaps I'm overly sentimental about it and goodness knows I'd love to prevent about 80% of the spam I see (that seems to be about the ratio in terms of TLDs involving Asian netblocks) - still, I cannot really bring myself to doing it yet.

Re:I've considered doing the same thing but...

[coliva]

you basically are letting the spammers win when you close off one of the biggest open communications medium known to human kind

Actually, the irresponsible ISP admins are the ones letting the spammers win.

Re:I've considered doing the same thing but...

...you basically are letting the spammers win

The spammers win when they find an open mail relay. The users lose when they get gobs of spam.

The only ones who have no consequence either way is the ISPs. However, when theISPs apathy causes the users to lose service they (the ISPs) will lose as well. Let the USERS win for once (on the net anyway, personally I keep punting my users )

Re:I've considered doing the same thing but...

[Jay+Mirioashi]

If I do not daily have privelage of learning how I too can enlarge my member by up to 6 inches, ...then, my fellow Americans, the terrorists have already won.

Won't *somebody* think of the children?

Re:I've considered doing the same thing but...

[ahuimanu]

The spammers win as long as they project their fusillade of tripe.

Re:I've considered doing the same thing but...

[rohdem]

How are you letting the spammers win when you block their spam from reaching its destination??

Re:I've considered doing the same thing but...

[rc.loco]

If you block at the TLD, you prevent basically ANYONE from China (for example, when you block *.cn) from emailing you. That prevents legitimate email from being delivered.

Re:I've considered doing the same thing but...

[CodeMunch]

you basically are letting the spammers win when you close off one of the biggest open communications medium known to human kind

That is a crock! If their goal was to get closed off, THEN they'd be winning.

But it isn't. They are sending SPAM. Block them off, NO SPAM from them. They lose, you win.

The moderators fell right in to your "I'll fly in the face of majority to get mod points" ploy.

Re:I've considered doing the same thing but...

[rohdem]

The way I understand it, certain ISP's are being blocked because they are unresponsive to complaints about spam. If people are blocked off from the rest of the world using a certain ISP, they will switch ISP's. Enough people do this and the ISP will start to take notice. In the meantime, we get less spam because the ISP is blocked.

Re:I've considered doing the same thing but...

[lewp]

... which is not what spammers are trying to do. Hence, blocking legitimate e-mail along with spam doesn't let spammers "win" in any way.

You're confusing spammers with terrorists. While it's convenient and makes everyone think that spam is bad (which nobody will disagree that it is) it's not very accurate.

I think this is a more "if you do this everyone loses" situation than "if you do this spammers win." Of course, while that makes it sound simple enough to decide against it, I'm getting ready to do it myself simply because of the sheer annoyance of receiving these messages coupled with the fact that I get zero personal e-mail from Asia.

Re:I've considered doing the same thing but...

[rc.loco]

Well, I think blocking a TLD penalizes non-spammers to the point of breaking up the open communication chain of Internet email. Spammers make money from their cruft, otherwise they wouldn't do it; basically, many will use other domains in response to a TLD block and then millions of legitimate email users will be penalized as an side/after-effect. To me, that's letting the spammers win, or in other words, exploit the Internet without regard for the global impact of their actions.

As for the moderation...dude, I couldn't give a rat's ass about "moderation" points. I'm interested in the topic, not some artificial token system. If you are so concerned, I'll make sure I mod you up next time I do meta-moderation. :-)

-rc

Re:I've considered doing the same thing but...

[AnotherBlackHat]

Actually, the irresponsible ISP admins are the ones letting the spammers win.

Yeah, it's never us, it's always the other guy.

Every year, there is a new crop of "irresponsible ISP admins".
It's always September somewhere on the net.
If you want to tackle that problem, you have to distrust everybody by default.
I.e. don't block email from bad people, build a list of people you trust, and only accept email from them.

-- Your choice, your soul or no sandwitch.

Re:I've considered doing the same thing but...

[walt-sjc]

Yes, this does mean blocking some legit mail. That's the breaks. If only 1% of email is legit, then you need to make a decision. For me, I have NEVER received legit mail from china. Pretty cut and dried there...

The Taliban did nothing to deal with bin Laden. Eventually every single country broke off diplomatic relations with them. The rest is history. Same goes for ISP's and even countries that don't deal with the spam problem.

Re:I've considered doing the same thing but...

[CodeMunch]

Well, I think blocking a TLD penalizes non-spammers to the point of breaking up the open communication chain of Internet email

OR, it would put pressure on the hosts in a particular TLD to play nice.

still: blocking a TLD doesn't let spam through, spammer's lose as their goal isn't to get blocked but to get their scheme's into sucker's inboxes.

lol, no, i'm not concerend about "moderation" points. It's just funny how (good or bad) posts constructed to be against the "collective" are to moderators as shiny beads to fish :)

Filtering email

[johnburton]

Well blocking whole areas is a start, but not an ideal solution. I'm going to start filtering my email so that unless it meets one of the following conditions it gets rejected and sent back to the sender :- 1. The mail claims to be From someone I have pre-approved. 2. It's from a mailing list I've registered with. 3. It's sent To: a special purpose address within a couple of days of creating that address. (So I can post to newsgroups with addresses like jb10202 which will be valid for a couple of days for replies only) 4. The email contains a special approval code to bypass the checking. The purpose of 4) is that when I get an email that is rejected it will send it back to the sender with an apology and a 4 digit random code which is valid only for a single mail from that address and only for 48 hours. They can simply forward the mail back to me and it will contain the code and get through. I get *so* much spam, and 99% of my real email is from the same few address that I need to block the junk, and I think this scheme will annoy relativly few people, and not too much but should cut ALL the spam. I've not implemented this yet, but it shouldn't be too hard to write.

Re:Filtering email

any you're posting your non-spam-armored email addy here??? Good luck.

Re:Filtering email

So what all powerful email client do you use then? you are talking about a rules or filter nightmare.

Re:Filtering email

[jeffmurphy]

what you just described is basically
what www.spambouncer.com does.

Re:Filtering email

I think this scheme will annoy relativly few people

Or, at least, so your mail will indicate. Living in your hermitage must be very comforting.

Re:Filtering email

[sjanes71]

You probably do not need to write it yourself. :)

Seriously consider using something like Tagged Message Delivery Agent, it covers just about every feature on your list, but no 4-digit codes for people to fiddle with-- they just reply to the reply to. Since 99% of all spam has a bogus return address, this works very well. I installed it Monday, and after some testing found it to be quite nice. I don't think I'll have much work to convince my associates at work to adopt it. We're all so sick of getting spam.

You can configure TMDA to create an automatic whitelist for people so you don't have to manually add people to it. I'm so happy with it that I no longer munge my e-mail addresses anymore. And I haven't even gotten into using the self-destructing e-mail address features yet.

Re:Filtering email

[Skapare]

And what if two people are using a mechanism like this, and one of them tries to send the first piece of mail to the other? How is the reply even going to get back?

Re:Filtering email

[mattdm]

This could be done relatively easily with postfix (or qmail, if you're into that sort of thing), procmail, and mutt. Not trivial, but far from a "nightmare".

Re:Filtering email

[Greedo]

A nice procmail rule to filter emails with too many foreign characters can be found here.

/.'s lameness filter prevents me from posting the code here. :(

Re:Filtering email

[Strog]

A simple but effective thing to do is to /dev/null anything that doesn't explictly have the correct email address on the TO:. I did this on a Communigate Pro server and I killed 80% of those porn, viagra, etc. emails. It was a lot easier to filter the remaining ones to a spam box to be checked and deleted.

Re:Filtering email

[call+-151]

it shouldn't be too hard to write.

this page has a nice description of implementing
a similar mechanism via procmail.

Re:Filtering email

[KaiserSoze69]

That tool already exists. It let's you pre authorize people that are allowed to send you mail, and those that you want to drop on the floor. It will even queue a message and send a confirmation message to the author of a message that you did not pre authorize. If they respond, just by sending an empty reply. It can add them to your filter list and allow the message through.

Check it out. tmda.sourceforge.net

Re:Filtering email

[compwiz3688]

My university email account had been flooded with spam about a year ago, and I went to the sysadmin, trying to get a new account. However, he suggested that I try spamgard 0.5 that they had already installed (but not activated by default).

It does everything except 3, and a non-random "password" for 4.

It does an excellent work on filtering out spam. Acutally I allowed only email sent from within the university domain, plus a selected few.

Any email that is not in my approved list gets bounced back to the sender (or reply-to) telling them that they must use a special password in the subject line in order to get past the filter.

However, none of them cared. None of them even read the password and use that in the subject. I actually received *more* spam than usual (it kept a log, so I know), but a good thing that they were filtered out.

The next step with eliminating the extra flood of spam was to bounce the email with the format exactly like as if my account wasn't even there, give or take a few messages. To this day, the only filtered out email were my friends sending email to me from outside the domain (oops :)

It used to be on ftp://ftp.netcom.com/pub/wj/wje/release , but I guess Earthlink took over.

Re:Filtering email

[demon]

Unless you participate in any mailing lists - they'll end up round-filed as well. I participate in several, and would rather like to keep them.

Culture differences, etc.

[Alien54]

As seen in the article:

Cultural issues also contribute to the problem. Many spammers in Asia say they do not understand why spam is a problem.

"It's a sign of respect that someone sends you an electric business card. It means he wants you as a customer," said Zhao Peng, owner of a computer store in Hong Kong.

Of course what is a sign of respect there, may be a sign of disrepect in the here.

never mind the chinese open relay problem, which is also a real hassle.

Re:Culture differences, etc.

[Salsaman]

"I send you this file in order to have your respect..."

Re:Culture differences, etc.

[crow_t_robot]

Yes sir, correct you are! This is just another overlooked and tucked away secret that other countries outside the U.S. are as self-centric in learning about customs, histories and traditions as the U.S. is but unfortunately the only country that people cry and complain about is the U.S.

Re:Culture differences, etc.

Is it a sign of respect that these people think I need to extend my penis by up to 6 inches? Jeez, that would put me at 14" - way too big for my Jockies to hold!

Re:Culture differences, etc.

[Rogerborg]

• Cultural issues also contribute to the problem. Many spammers in Asia say they do not understand why spam is a problem. "It's a sign of respect that someone sends you an electric business card. It means he wants you as a customer," said Zhao Peng, owner of a computer store in Hong Kong.

Cultural homogeny is one of the most fascinating aspects of the internet. Sure, in much of Asia, it's traditionally a sign of respect to give an individual a hard copy of your business card. But that in itself is just the most recent evolution of a long tradition of formalised introductions and determining of relative position, and there's no reason to believe that spam will continue to be tolerated by users there (assuming this claim is true) once the novelty value wears off.

I'll go out on a limb to suggest that while UCE within Asia is perhaps currently viewed as synonymous with a business card, given time, when it is viewed in its own light (rather than as just being considered analogous to a traditional activity), it will be viewed with the same contempt and hatred that the rest of the world already has for it.

I'll draw a parallel with email in general in the US and Europe. For those coming late to the party, many early (80's and early 90's, and by the way, I was a Prestel user in the 80's, using my ZX Spectrum and breeze block modem) home and business users of email initially tended to treat it as a letter, starting with "Dear Bob", and taking care with spelling and punctuation. (Don't confuse this with academic users or l33t h4x0rz coming to the medium with a fair idea of what it was and why they wanted it). It took a while to evolve in popular consciousness into more of a informal and disposable post-it note or phone call analog, although really it's in a category all of its own.

So while it's easy for us to scoff in disbelief at the naievete of Asian users now, let's not forget those Dear Bob days. Global consensus will take a while to arrive. And lest we get too high and mighty, it might very well involve a shift in our perceptions as well.

You see, the thing that really bugs me about spam is that it's so moronic and illiterate. "!!!MAKE $$$ FAST!!!" it shrieks, and "you have, nothign to loose!". Call me strange, but if I were (ever, in theory) to receive a small, literate and polite spam that didn't lie about remove options or oversell itself, it just advertised a product, then I'd be far less inclined to spamcop it. The idea of a "business card" type spam is far less loathesome to me than yet another two hundred line "THIS IS NOT A PIRIMID SKAM!!!!!" monstrosity.

Re:Culture differences, etc.

[Hanno]

Oh, I'll remember that for my next trip to Asia and have my new business card printed with the message "ask me how to increase the length of your penis" on its back. Must be common courtesy there.

Block 'em!

[jlower]

I get tons of Asian language spam - it wouldn't break my heart to block them all.

I'm actually looking forward to my @home email address dying at the end of this month because that's where nearly all of them come to. Hopefully they won't be smart enough to simply replace @home.com with @comcast.net.

Re:Block 'em!

we will now.

Re:Block 'em!

[c0wh]

You've actually got some hope here. Because the @home network was bought up by different isps, some addresses will have changed to @attbi.com, some to @cox.net, some to @comcast.net, and others of course.

If they were mildly intelligent, they could find out which were which, but you may just be free from all of that.

If Comcast provides comparable service, you would be able to manage 4 other email accounts. You could always use those (remembering to change addresses every few months) instead if the spam gets out of hand.

Re:Block 'em!

[Eric+Damron]

>>Hopefully they won't be smart enough to simply replace @home.com with @comcast.net.

Oh Great, you've done it now! Thanks jlower! ;-)

Re:Block 'em!

That's not going to stop them... they'll just send it to the same account at all three domains. They use a forged reply-to so they don't have to worry about which one is the right one.

Re:Block 'em!

Are you kidding? Comcast SELLS the addresses themselves! I got all kinds of repulsive stuff from them ... stuff I don't even get off my Yahoo account!

I'm a Minister. I certainly did NOT sign up for a gambling mailing list or military.com or Miss Cleo, fer cryin' out loud. Yet they all arrived because "I signed up for them or an affiliated program". Malarky. None of them ever honored a "remove me from your list", either.

Wanna know what?

The Comcast account is gone. I got DSL last week. :-)

An interesting counter point...

[Amarok.Org]

I run a small mail server, mostly providing mailing lists to the automotive community. While my lists weren't affected (I have reasonable anti-spam rules in place), a server in Taiwan was spamming every address it could find in my domain with dozens of unique spam per day.

The usual ip tracing ensued and I tracked it back to a small ISP. Hoping that I would reach someone who spoke (or wrote) English, I sent a copy of my logs and an explanation to "postmaster@", "abuse@", "webmaster@", and any other address I could think of. Amazingly enough, after about 12 hours, I received a reply (in somewhat broken English) asking for more logs, and a confirmation of the time zone I was using in my logs (UTC, for what it's worth). After I replied, I received an appology that one of their "clients" had bothered me and assured me it would be taken care of.

To this date, I have not received another piece of spam that I have attributed to that ISP. I realize that this is the exception and not the rule, but I thought it was worth noting that there really are reasonable sysadmins "over there".

Re:An interesting counter point...

[CodeMonky]

what you don't know is that the client was hunted down and shot.

Re:An interesting counter point...

[TyZone]

And the problem with that is ... ?

Re:An interesting counter point...

[joshwa]

Hey, he said Taiwan (ROC), not China (PRC)!

Re:An interesting counter point...

[SPYvSPY]

Maybe you should post the name of that ISP, in case someone wants to un-block them.

Re:An interesting counter point...

[macdaddy]

I must say, you're lucky. I've been LARTing spam for years to Asian providers (when I can find valid contact info in the worthless APNIC WHOIS) and I've never gotten a response. For a while I used a fresh spamtrap account to LART the spam to the provider and within days (sometimes hours) it was being spammed too. Until someone proves me wrong, I'll go on thinking that they are all spamming SOBs in Asia.

Re:An interesting counter point...

[linzeal]

I just spit coffee on this new keyboard, thanks. We should hold a spammer convention in kentucky and have a killing fields/deliverence type of movie.

Re:An interesting counter point...

[Reziac]

I had a similar experience. I got tons of spam from a particular IP block, all pretty much alike and all supposedly from a bogus .tw domain. When I finally looked up the IP, I found the block was owned by some university in Taiwan. The contact email was dated 1996, but I forwarded one of the spams to it anyway and asked the person in charge to investigate and stop the spammer.

No direct response, but the spam stopped immediately, and I've never received another from that source.

Re:An interesting counter point...

[fredrik70]

A 'Deer Hunter' theme would do as well....

Re:An interesting counter point...

[damipoo]

not an altogether bad end for a spammer

Re:An interesting counter point...

what you don't know is that the client was hunted down and shot.

And then his organs were harvested.

Re:An interesting counter point...

[Choron]

Hey, he said the ISP was in Taiwan, NOT in the US!

Remember UUNet's "Death Sentence"

[biomech]

The first parallel that came to mind was the "death sentence" proposed against UUNet a few years ago for their fostering spamming activity.

The action represented the response of a group of responsible internet members that had finally tired of both the activity and the lack of response from a greedy company who seemed to have no respect for bandwidth and privacy issues.

It seemed to work then and maybe it's just what's needed now.

It's about time that some of these ISP's discover what happens when the fecal matter hits the oscillator.

Re:Remember UUNet's "Death Sentence"

[13013dobbs]

Kooks have threatened to blackhole all of UUnet for ages. No one has yet to do it. I doubt anyone, of importance, ever will.

Re:Remember UUNet's "Death Sentence"

> The first parallel that came to mind was the "death sentence" proposed against UUNet a few years ago for their fostering spamming activity.

Hardly only "proposed", it was put into effect, and UUnet changed their spamming policies' implementation within days.

..and then posted a backdated message denying they'd ever had a problem, but that they were fixing it.

Re:Remember UUNet's "Death Sentence"

[richmultijoy]

It's about time that some of these ISP's discover what happens when the fecal matter hits the oscillator. Surely it would just shake? It'll get messy when it hits the rotating air-flow enabler/amplifier though...

Never get a response

[kill-hup]

From spam floods to network attacks, I have never gotten a response in 5 years. To be fair, I don't always get responses from everybody, but at least other areas of the world have a better track record.

I have resorted to blocking the offending network or ISP temporarily (until they get tired of getting no response from my networks and move on), but I really can't see blocking an entire segment of the world just to stop spam. It just goes against the grain of an "open" 'Net. I'd rather try something like SpamAssassin (no affiliation - I've just used it and it works great) than block nations for the actions of albeit many bad apples.

bukkake!

But... how will I get my hot bukkake newsletters??? I need my daily tentacle rape story!

Re:bukkake!

[Paracelcus]

Yes! and the cute Japanese lady in the stewardess outfit with the brandy sniffter full of (gag) will choke to death if I can't get the picture of her waterfalling it out of her mouth!

In other news...

[somethingwicked]

Los Angeles took action to prevent automobile accidents by closing all incoming roads.

Obviously, nothing useful comes from Asia, huh?

Even in its simplest form=Those cheap DVD players will never get sold to Best Buy when the Asian maker can't reply back to the buyer. Geeks everwhere revolt...

Re:In other news...

Obviously, nothing useful comes from Asia, huh?

I've never received legitimate e-mail from Asia.

Re:In other news...

[sqlrob]

Chances are Best Buy has its own e-mail servers. Why would they block the country on their servers when they do business with them?

Re:In other news...

More like "the US closed its southern border to prevent drugs from being smuggled in from Mexico"

Re:In other news...

ahhh, the sweet narcotic pleasure of a freshly rolled spam-joint

Re:In other news...

Who fucking cares, stupid ?

"let the spammers win"

[QuantumG]

Yes, because they're some kind of email terrorists that are trying to shut down the legitimate communication because it is the work of satan. Think before you type.

Re:"let the spammers win"

[bulbul]

Yeah, e-mail terrorists working for Satan and Hello Kitty!

Sure, it's a troll, but...

[mblase]

Setting up barriers like this is regrettable, but when the originating ISPs refuse to take responsibility for the actions of their users or close their open mail servers, there would seem to be no other choice.

A good thing when you're trying to stop spam, a bad thing when the MPAA is trying to stop piracy. Depends on what you do for a living, I guess.

Re:Sure, it's a troll, but...

[Dr.Dubious+DDQ]

A good thing when you're trying to stop spam, a bad thing when the MPAA is trying to stop piracy

There's a huge difference here - in the case of the spam, the situation is "We've identified a definite and demonstrable serious abuse, and contacted the 'enabling' agency, but they've refused to deal with the problem, so we have to escalate to less pleasant means", whereas in the MPAA's case, they've gone straight to the equivalent of trying to outlaw email because there is so much illegal spam sent using it, even though email has, and is mostly used for, legitimate uses.

Even with "escalated" spam response, they're talking about blocking an area of known frequent offense. With, e.g. the use of the DMCA against DeCSS, they have leapt to directly criminalize EVERYONE's uses (both legitimate and illegitimate) regardless of whether an abuse has taken place or not...

kix.ne.kr

[Trracer]

I've got alot of spam recently which comes from open relays which probably are home/ADSL users, a network below kix.ne.kr .
I've tried to contact Kix, but no response yet. I think I'm gonna blacklist them.
Not seen much other Asian spam yet, tho.

Its a conspiracy!

The Chinese gov't WANTS the west to block Asian email, that way they dont have to try so hard to stop the dissadents from getting the truth out from behind the wall.

Like western ISP's are any different...

... try and see.

Constructive dialogs

[buss_error]

I turned in a complaint to hinet.cn, I think it was, about a system with Code Red banging away at one of my web servers. I included a snip of the web server log, along with a note that my servers are NTP sync'ed.

The response was "without full e-mail headers, we can't do anything."

Hmmm. It's not e-mail.
I am discussing with my employer the option of blocking all 202/8 203/8 210/8 211/8, all of Road Runner but the MX'es, *.cn, *.tw, *.ru, *.pl, and *.mx domains too. I don't know the ip range assigned to the domains, so if you do, post a follow up! (I have Road Runner netblocks, there are just too many to put them here.)

Re:Constructive dialogs

[m4g02]

So you are going to block the half of the world, why dont shout down your whole mail server and use the telephone and fax?, as long as i see you dont care about the world community.

Email is mean to be a global communication solution, if you want to communicate with your employes and/or clients then just open a private network over a WAN, you can even use live communication applications.

Re:Constructive dialogs

[Rogerborg]

• I am discussing with my employer the option of blocking [...] all of Road Runner

To me, the story here isn't that Spamhaus list China Telecomm, but that they don't also list Roadrunner, who give exactly the same "It didn't originate from us" lie to any abuse report. Any ideas?

Re:Constructive dialogs

We're getting close to something similar here where I work (a carrier class ISP) because we are getting so many complaints from our customers about spam (and worse) and getting no response worth speaking of from most Asian ISPs. The problem is that many of the responsible "Mom and Pop" ISPs that *do* respond to abuse reports in a timely and effective manner are themselves customers of the major ISPs that simply refuse to respond, so the sledgehammer solutions will also impact the innocents, us usual. Some of the extemists here are actually talking about dumping *all* traffic from particulary recalcitrant ISPs to null on our routers.

Basically, what they have in mind is at the top level of escalation we threaten the ISP with "fix your problem or we will discard *any* packets going to and from your IP space if it touches our edge routers." For those not clued up on this, this means that the Asian ISP (and all of it's customers) will effectively cease to exist for us, our customers, and anyone totally unconnected with us who just happens to try and route across our IP space. We've actually done this with one major Asian ISP who told our MD in quite lucid, albeit very offensive, English that they would not deal with one of their customers who was being especially unsociable and to mind our own business. His response was basically "The Internet is very much about cooperation, so if you won't cooperate with us, why should we cooperate with you? Goodbye!"

Sadly, APNIC seems just as unwilling to help as some of the ISPs they issue space to - a far cry from RIPE in my experience, who quite frequently contact us regarding abuse issues. It's definately getting near the point that an "Internet Death Sentence" is going to become a topic of serious discussion IMHO. It's not the spammers that are the real problem here; it's the Asian SysAdmins that are giving them a haven and providing them with the open relays, either deliberately or through ignorance, that need to be convinced to wise-up and stop burying their collective heads in the sand.

Re:Constructive dialogs

[Skapare]

He's going to open his email to half of the world. That way he won't have to use telephone and fax with the part that uses email responsibly. The IP address and domain ranges that are open constitute his "private network", but without the mess of having to set up VPNs. Maybe he only cares about the part of the world community that doesn't harbor spammers on a massive scale.

Re:Constructive dialogs

[Skapare]

This is not something I have seen in over a couple years. Do you have any recent incidents? I've not even gotten spam from them in the past few months (but if they are listed in ORDB or ORBZ then that could be why).

Re:Constructive dialogs

well, i have an *.mx domain... if you hate .mx wait until a *.ar comes to your server, you will hate your life... =D =P

Miguel.

Re:Constructive dialogs

[Rogerborg]

• Do you have any recent incidents [of spam from Roadrunner]

D'oh. I've just deleted one! I don't get a lot from Roadrunner any more, maybe on e a month, but the response is always the same: "It's not from us"

The most recent one got bounced with the "It's not us" lie, even though the entry point was "smtp-something.something.rr.com". The originating IP was unroutable, so it might even be an open relay, I wasn't really in a mood to check. It wouldn't be unreasonable to assume that because the originating IP (but not the first accepting smtp server) was outside the rr netblock, they didn't care. But that's exactly the sort of "Not our problem" crap that leads to open relays going uncaught.

Re:Constructive dialogs

I've already blocked off 202/7, 210/7, and a dozen others from my company with IP filters since they continue to try to connect to our mail server hundreds to thousands of times per day; plus hundres of other network blocks using TCP wrappers. Many of the blocks have been in place for about two years. As far as I can tell, we've never had any legitimate mail originating from those areas.

But the list just keeps growing...

Re:Constructive dialogs

[PW2]

I, too, used to get MBs of virus email through an account in Japan; I contacted the user who claimed to be innocent; I even asked him to run a virus checker,etc; it didn't get better, so I contacted the postmaster; they ignored me for awhile until I started forwarding the offending email with headers to them and to the user with the promise of a multiplier effect every week until it is fixed;

they resolved the issue two days later.

Re:Constructive dialogs

[BlowCat]

Accoring to my spam statistics, the axis of evil consists of China, South Korea and USA. Somebody please explain it to GWB.

Re:Constructive dialogs

> So you are going to block the half of the world, why dont shout down your whole mail server and use the telephone and fax?, as long as i see you dont care about the world community.

He's only wanting to block the obnoxious half of the world (yes, I'm exaggerating) that won't clean up their spamming act. As a mail admin, that's his decision to make. Those ISPs can continue to send as much spam as they want - his mail server just won't accept it.

Re:Constructive dialogs

[BakaMark]

Ahem..

202/8 and 203/8 covers a lot of Class C networks in Australia. Is this just going to be a block at your mail server ?? or are you going to can all access at your router..

Re:Constructive dialogs

[buss_error]

And that is the bad part. I've a few folks I'd like to hear from, but if they are in RR ip space, then I'll have to 1) ignore them or 2) set up the ACL's to allow them.

1) isn't a great answer to the problem
2) is a pain in the neck.

Do I really want to block half the world? Not if I was getting mail that I wanted to keep. But really, I don't want to see HOT TEEN SEX!!!! or the like. Really, I don't. (At least, not at work.) Since this constitues about 1200 e-mails a day over about 7000 boxes, that is a signifigant signal to noise ratio. I'm looking to improve it. (And since 90% goes to the same boxes, and the big wheels boxes at that, I'm motivated!)

Re:Constructive dialogs

[silver]

You really don't want to block all of 202/8 and 203/8 - that's almost all of Australia and New Zealand. I suspect you will incur the just wroth of a large number of admins in this part of the world if you were to do that.

Re:Constructive dialogs

You might want to note that 203/9 and alot of 202/8 and 210/8 are Australia. Generally speaking Australians don't like spam, and for the few who spoil it for us, we don't appreciate being tarred with the same brush used to tar alot of asian spammers are being tarred with!

Re:Constructive dialogs

some 202.* addresses are also in the UK on btinternet but those are dialups and they do spam to buggery as BT won't do anything about it.

Re:Constructive dialogs

[dodobh]

Ummm, I am an Admin for a small ISP in India. We block spam rather aggressively. Filter out code read, nimda and the like, run ingress and egress filtering on our routers. The block is 203.109.64.0/19 and the abuse address is abuse@worldgatein.com

It works (I handle it) and I *have* LARTed a user off our network when he spammed. Go ahead and complain, and I'll be glad to kick a few more spammers off. You keep your networks clean, I'll keep mine. Oh, and most of my spam comes from the US, so I guess the world should block the US :).

Regards
dodobh

Walling off .com

I'm not comfortable with the idea of walling off a whole domain. If there is one domain that it would pay to wall off, that would be .com, because most injection points for spam are still in that domain.

Re:Walling off .com

[Skapare]

If it were not for the fact that other "more surgical" techniques actually work to stifle spam injected at .com, I might join you in blocking the whole thing. The thing about the .com spam is you can:

• Complain about an open relay and it usually gets closed or cut off.
• Complain about a direct (dialup, DSL) mailer and they usually get terminated.
• Block statically IP'd spamhaus space.

The problem with the spam from China and Korea is that these methods are ineffective. Virtually all spam from C/K is from dialup, DSL, or broadband, or via open relays (there's a lot of pirated copies of an old un-closeable version of Microsoft Exchange Server running in China). Most of those are dynamic IP, so blocking is ineffective. HINET does not distinguish them in a special subdomain in reverse DNS, so I do block the whole thing.

Re:Walling off .com

[GSV+NegotiableEthics]

You make some good points, but I must say that the vast bulk of the spam I get seems to come from servers in the .com top-level domain. It's little consolation to me that some of it is via fixed IP and can be blocked.

List of spamming asian countries

[quackPOT]

I'd like to see a list that has some statistics as to which countries have the most open relays. MAPS was my solution till they started charging. A free, non-contract signing MAPS replacement would be preferable to blacklisting entire countries (for those of us who admin mail servers for business).

Re:List of spamming asian countries

I was very surprised to discover that MAPS *WAS* blocking virtually all of China. I travelled to China in June of 2000 and exchanged email addresses with a number of people there. When I got back, I sent some emails and was puzzled when I received no response. I looked at my sendmail logs and realized that MAPS, which I was using, was blocking several different people in different ISPs.

I went to the MAPS site and did lookups and discovered huge tracts of IP space (I don't think any class As, but blocks greater than class Bs).
These large blocks were accompanied by clear evidence that the sysadmins responsible were giving a blatant middle finger (163.net comes to mind) to anyone complaining about spam from their systems.

I added some ALLOW rules, resent my emails, and struck up some email conversations with some interesting people. I also started getting a fair amount of spam from China.

Re:List of spamming asian countries

I like ORBZ. No stats, though! :-(

I did this 2 YEARS ago

[bmcdonou]

I have had my own domain since 1996. I started firewalling asian IP blocks in 1999 from port 25. Sometimes whole /8! So this is nothing new. I've been doing it for years. From Seinfeld - "Stop short? That's my move!"

It's not just Asia

Take qwest for example. I *once* got an actual reply to one of numerous abuse mails regarding spam that was trivial to backtrace to a few locations (eg TX, FL) Most likely it were the same (few) spammers each and every time. It took me weeks of filtering and automatically have the spam bounce back to such addresses as abuse@ postmaster@ and even their DNS contact address. Needless to say the spam didn't stop though...

Admins *will* block entire IP blocks or even entire top level domains if nothing else helps. It's their good right, but it sucks for legitimate users of said ISPs of course.

And opt-out laws in some US states has certainly helped the spammers as well. I don't expect this to change unless spammers will get charged instead of (ultimately) you, the recipient.

Walling off Asian email?!

[qurob]

Is this why my mail order bride isn't writing back to me?

Screw Asia... I blocked Hotmail

[ellem]

in fact for a few months I blocked:

Hotmail
Yahoo
MSN
USA.net

When those folks learn how to close their relays and strip a virus then we can deal with the Asians....

Re:Screw Asia... I blocked Hotmail

[kindbud]

Spam from Yahoo and Hotmail is most likely forged these days. Both outfits have done an admirable job cleaning up their own users. Fat lot of good it did them. If you and too many others continue to "punish" them, they may decide that their efforts were for naught, layoff their abuse desk staff and go back to the old ways. Is that what you want?

Re:Screw Asia... I blocked Hotmail

[robhancock]

Very little spam actually comes from web-based providers like that - although the messages very often list those in the From tag, that means nothing, you can put anything you want in there. Spam that comes from North America is almost invariably sent through some throwaway dialup account, connecting directly to the recipient's mail server. I think that Asian spam is often sent through some kind of fixed link with an ISP that doesn't care about spamming.

Re:Screw Asia... I blocked Hotmail

[macdaddy]

I did something better. I don't block them on my servers but I do have a procmail recipe to quarentine mail from, say, hotmail.com that doesn't have a Received line with "hotmail.com" in it. You would be amazed at the sheer amount of spam that it caught. Now mind you this filters out legit mail from someone that sends mail from their ISP with a From: of their hotmail.com account. It blocks ebay and paypal mail of the like manner, with the From and Received not matching up. It did catch a lot of spam though. Someone with more procmail logic that I have could extend that to a scoring method that would work really well. Also, add eudoramail.com to you list.

I also filter message bodies for the common remove sites like autoremoveemail.com and others. That's garunteed to work.

Re:Screw Asia... I blocked Hotmail

[theSprocket]

YOU ARE MY HERO!!!! And thanks for reminding me of usa.net, i'll have to add them to my list.

Re:Screw Asia... I blocked Hotmail

[theSprocket]

I Just don't care, blocked is blocked, and do they or do they not allow anonomous users to sign up for email?

Re:Screw Asia... I blocked Hotmail

[faster]

I block mail with Hotmail.com or Yahoo.com in the sender unless it originates from Hotmail or Yahoo. That way I only get spam from Verisign through Yahoo (who must be getting paid well to allow that repeatedly), and all the fakers are blocked. The message they get tells them to send their email through Hotmail or Yahoo and ask to be put on my exceptions list, so my buddy who puts his yahoo address in his reply-to at work knows what to do.

I also block Asia (which unfortunately includes Australia and NZ) and most eastern European TLDs.

I recently started hosting email for a friend whao has not practiced safe posting of his email, and his spam comes from a completely differet set of lists. So far (over about a month) we've gotten zero spam in common! I think that once you're on the 'spam from Asia' lists, your only choice is to block Asia.

Re:Screw Asia... I blocked Hotmail

[radish]

You ever tried sending 100,000 emails through a web interface? Spammers might use hotmail as pickup accounts, but they never actually send through them. So blocking them is pointless.

Re:Screw Asia... I blocked Hotmail

[phoxix]

are you retarted?

blocking off entire domains is useless for a magnitude of reasons

first it prevents legit email from going to you. not everyone in the world can afford a real ISP or whatnot, and for them a service like hotmail/yahoo/etc is their only option.

second you should really read headers on that bloody spam you get from someone@hotmail.com There is a VERY high chance the headers will NOT say "received from host-xyz.hotmail.com". Therefore YOU know for a fact htat you aren't getting real mail from those servers.

what we need is a change in the SMTP protocol. Instead of simply denying every IP block out there. We need to enforce technologies like smtp-auth. Sure the spammers will easily by pass this one, however it would help to cut down on the level of spam you get.

additionally we need to create some sort of a ranking system. so ISPS with spam problems (or they just don't care) can get a "higher rank". therefore when all the ISPs advertise their services to the rest of the world, they will strive for a low rank to better impress their customers

just my 4 cents

Sunny Dubey

Re:Screw Asia... I blocked Hotmail

Do you know how to read headers? I'm asking because I've recieved thousands of spams with a From: line from Yahoo or Hotmail, but only one or two that actually originated there.

Although, my Yahoo spamtrap account is filled with mail from "hotyoungsluts@yahoo.com" (originating elsewhere). You'd think that Yahoo would be smart enough to just drop this obviously illegitmate mail.

Re:Screw Asia... I blocked Hotmail

[Sivar]

One can access Hotmail using MS Outlook Express.

Re:Screw Asia... I blocked Hotmail

Please post this procmailrc for blocking from:hotmail where no received:hotmail.

Re:Screw Asia... I blocked Hotmail

True, but if you are like the OP and just sick of it you can blanket block by saying "accept no mail from hotmail.com"

Re:Screw Asia... I blocked Hotmail

[Kris_J]

I do have a procmail recipe to quarentine mail from, say, hotmail.com that doesn't have a Received line with "hotmail.com" in it.

Please don't do this sort of thing. I have a Yahoo address that I make public. It's then POP3ed by Spamcop which filters it and forwards he remainder to my local account. When I send mail it has my Yahoo address in the From: line even though it's sent through the local server. I only use my local email address for receiving messages from Spamcop and eBay -- it's never been advertised and gets no spam. Your procmail rule knocks out the only way I've found to keep my much publicised Yahoo address (I've been through several ISPs) but firewall the spam.

Re:Screw Asia... I blocked Hotmail

[nitnorth]

>I also filter message bodies for the common remove sites like autoremoveemail.com and others.

Fwiw, I block messages using a home-grown filter that uses regexps on assignable parts of the message. The patterns I find most useful for rejecting messages based on 'remove-me' links in the message body are:

https*:[-a-z0-9/._?=%]*remove
mailto:[-a-z0-9/._?=%@]*remove
https*:[-a-z0-9/._?=%]*unsub

(Matches are case-insensitive.)

...Bearing in mind that everything passes through both a white- and blacklist before getting turned over to those matches. I've had pretty good success and no known false positives so far. (He said, fingers crossed.)

-- Elton

Re:Screw Asia... I blocked Hotmail

[kindbud]

Terrible crime there, but what is your point? Anyone can sign up anonymously to any ISP. Anyone can put Hotmail.com in the headers whether they have a Hotmail account or not. I was simply trying to inform you that the conditions that prompted your block probably no longer obtain, and that you should investigate and reconsider.

But I see now that you are not interested in reducing spam, you only want to punish Hotmail. So I won't waste any more of your time.

Re:Screw Asia... I blocked Hotmail

[faster]

I run my own MTA, and use Postfix lists to do the blocking. Sorry.

Re:Screw Asia... I blocked Hotmail

[4444444]

most of my spam come with forged email headers supposedly from yahoo setting up a filter in my email ap to block anyincoming mail from yahoo would block 90% of my spam but unfortunately I get legitimate email from yahoo email users :-(

Over reacting

[ksw2]

Spam, while annoying, is not the end of the world. If it really gets on your nerves, use a program like Vipul's Razor, and help add spammers to its database.

Just because I don't like getting junk mail credit card offers, doesn't mean I refuse all mail from Delaware to teach them a lesson. Here's a tip--throw it away. I get nowhere near enough spam in my inbox to interfere with legitimate mail (although I don't doubt there are exceptions that do....) and I don't even use a filter!

Re:Over reacting

[aallan]

I get nowhere near enough spam in my inbox to interfere with legitimate mail (although I don't doubt there are exceptions that do....) and I don't even use a filter!

Ever heard of small number statistics? Just because its not a problem for you, doesn't mean its not a problem for everyone else. Either you don't have much of an online presence on USENET, or the web, or you've been extremely lucky. I get a couple of hundred spam mails a week, ninety nine percent of these are automagically junked by my custom filters. The remaining one percent is still an pain in the backside...

Al.

Re:Over reacting

[Jay+L]

I get nowhere near enough spam in my inbox to interfere with legitimate mail (although I don't doubt there are exceptions that do....)

It's not the exception, it's the rule. 30-50% of the inbound mail to AOL's mail gateways is spam, and even after massive filtering we all know that AOL users still see a lot of spam. You're the exception.

Jay the ex-Mail Guy

Re:Over reacting

[ksw2]

You're the exception

No, I'm not. Probably 30 to 50 percent of my email is spam, too. But, like I said, I throw it away. More than 50 percent of my snail mail everyday is junk mail, I throw that away too. That sound like a lot of junk mail/spam email, but you know what? It's not as big of a deal as people make it out to be. I feel sorry for the guy who gets 200-300 messages a day from Usenet, and has to dump half of it, but that's why I don't use my email on Usenet, I read follow-ups in the group.

If you ask 100 people on the street if they get more than 30 emails a day, what do you think the result will be? I'm willing to bet 95 of them get well under that. And how hard is it, really, to delete 15 messages you don't want? People do it everyday will snail mail... and to re-state my original point: it's annoying, but not a reason to refuse mail from a huge geographic location.

Re:Over reacting

[ksw2]

Again, I don't think you're the majority, by any means. I suspect the majority of my spam comes from websites that I run. I use Usenet, but I don't use Usenet in conjunction with email, for this very reason. I use no filters, and it quite honestly isn't an issue.

Honestly, what percentage of Internet users do you suspect get hundreds of spam-mails weekly? I'd bet it's very few.

Like I said in my original post (which you quoted) there are exceptions. I believe you're one of them. And I'm sure it pisses you off to no end, I'd be pissed off too. But because you're pissed, we should block a continent?

Re:Over reacting

[Zapman]

Spam, while annoying, is not the end of the world.

Maybe for you. But read the article. There are mail admins who receive more than a hundred spam requests per second from chinese ip addresses. That adds up to REAL money, really quickly. Adding the addresses to this database still costs bandwidth, since you have to receive all the headers before you can run your spam check.

Global blocking of the connecting IP range means you can do it from the first SYN packet.

Re:Over reacting

[RedHat+Rocky]

You're neglecting the cost in bandwidth to transmit all that spam. Multiply your situation by a couple million.

Remember that the next time your connection seems a little slow.

Good spam blockers don't just filter the email, it's already wasted bandwidth and resources at that point. Good spam blockers such as rblsmtpd from the qmail package drop the connection as soon as a black listed IP connects, with an error message for those sending legitimate mail.

For example, a black listed IP hitting my mail server sees:

"553 <see http://www.vh.org/rbl.html> Email not accepted from IP address:61.99.120.39"

SPAMMERS, who typically use FRAUDULENT Reply-to headers, will never see this error, while legitiment email senders will and will be able to plea for the email to be delivered.

Re:Over reacting

[aallan]

Again, I don't think you're the majority, by any means...But because you're pissed, we should block a continent?

I'm not asking you to block a continent. A bunch of people are pissed off, and are doing something about it. You're free to accept mail from Asia if you want, but the people that get bucket loads of spam from Asia have had enough and are going to black hole them until they've learned manners. Why is this a problem?

This is the internet showing its true colours, if you don't want mail from Asia, you don't have to accept it...

Al.

Re:Over reacting

I get nowhere near enough spam in my inbox to interfere with legitimate mail

You must have a spanking-new email address, or have never posted it on the Web. Just wait--the spam will catch up to you eventually. See 8 Hours 'til the Spam Hits.

Re:Over reacting

Instead of using blacklists, how about using whitelists? An alternative to RAZOR is TMDA.

SPAM is annoying, but like your average junk snail-mail, it's always going to exist.

Re:Over reacting

Opps.. The URL is TMDA

Re:Over reacting

[dubl-u]

Honestly, what percentage of Internet users do you suspect get hundreds of spam-mails weekly? I'd bet it's very few.

For now. My spam count is monotonically increasing, and it has been for a decade, allowing me to reach that lofty level.

There's no reason to think that it won't get like this for everybody unless we take action. Spamming is practially free, especially when you steal the resources needed for it. And for someone already selling scams and garbage, I imagine theft of resources is not a big worry.

Re:Over reacting

[dubl-u]

And how hard is it, really, to delete 15 messages you don't want?

This "just delete it" argument was intriguing and innovative as recently as 1994. Except then you would have said "1 message" out of 30 rather than "15 messages".

So when does it become ok to take action? When your mail is 80% spam? 90% spam? 99% spam? Those numbers sound ridiculous now, but 50% sounded ridiculous just a couple of years back.

Re:Over reacting

[roybadami]

I don't use my email on Usenet, I read follow-ups in the group

And the modern habit of using fake e-mail addresses in USENET posts irritates my sensibilities. (I was brought up in an era when such behaviour was most definitely contrary to accepted netiquette.)

Don't get me wrong, I understand why you and others do this. But the point is that people shouldn't have to.

I like this quote:

[mESSDan]

While some spam being transmitted by Asian servers appears to be sent by the locals, Western spammers are exploiting Asian mail servers and using them to relay mail.Many Asian systems often run old software or software that hasn't been configured securely or patched properly, experts say.

Well, if people can exploit the problem and get a response from the sysadmins saying "I can't do anything about it", maybe instead of us blocking their servers (quite easy to do), someone should put on a blackhat and go patch some of those holes. (This came up and was heavily discussed during the Code Red and Nimda attacks.)

I dunno, but I think a moral hacker would find it quite rewarding to screw up a spam creaters cash cow.

Re:I like this quote:

[Flower]

This isn't feasible. You have a ton of different programs out there each with their own exploits and configuration to enable anti-relaying. For example, where I work port 25 hits anti-virus or content filtering software first before you hit the mail server.

Cleaning up CodeRed and Nimba was somewhat effective because it could be easily automated. It isn't the case here.

I have done my bit for mankind!

[doctor_oktagon]

In November 2000 I spent 1 month in Hong Kong sorting out the Spam problems one of the largest ISPs was having, in my job as security consultant.

The situation was dreadfull, with no abuse department and no way of detecting/stopping abusing customers, or even stopping customers being abused.

I killed 99% of the Spam by warning all customers we were testing for open relays, and offering to actually help them if they didn't know.

I then spent 2 weeks trying to configure about 30 different mail servers I had never even heard of, and one which didn't even return 1 result on Google!!

We got there in the end, especially once we firewalled port 25 for those customers who didn't want to listed.

The next step was to write belt-and-braces Terms of Service for the client and ensure the abuse@isp address was checked and actioned on a daily basis by a full-time member of staff. If abuse went unchecked, then we pulled the plug on the customer and banned them from coming back, or we'd prosecute (sometimes tricky in HK)

I *always* check who sends me spam, and I'm pleased to say none has originated from that ISP since I did my work there.

We tried to re-sell the solution to all other ISPs in the region, but they didn't bite due to a) expensive consultant fees, and b) not really caring.

I pointed out they were large ISPs who fully deserved their .net addresses, but were rapidly losing face amongst their peers for continuing to ignore the problems. *sigh*

Re:I have done my bit for mankind!

[go-low]

I'm with PCCW in Hong Kong. I wrote to them in August last year to complain about the spam situation as it was getting dire. They advised me to forward them all spam, with headers, so they could do something about it. I kept this up for a month or so without seeing any noticeable improvement or even a response from PCCW.

Last month out of 1260 e-mails received 126 were leg mate, the rest spam. :-(

I don't want to change my e-mail address, it's mine and has been for the past 5 years (not to mention they charge for this 'service')- and god knows I pay PCCW enough. Why the hell can't they do something about it?

*sigh*

"unsolicitated mail is illegal"

[QuantumG]

Plan, that way every time I send an email to a college professor asking about one of his papers or send an email to someone who posts on Slashdot I'm gunna get carted off because it is unsolicited email. Probably best if people like you dont draft laws.

Re:"unsolicitated mail is illegal"

[morbid]

Mod this guy up.
He speaks sense.

Re:"unsolicitated mail is illegal"

[crow_t_robot]

i think this person means "commercial" e-mail. next time the world comes around, jump back on.

Re:"unsolicitated mail is illegal"

[Compenguin]

Plan, that way every time I send an email to a college professor asking about one of his papers or send an email to someone who posts on Slashdot I'm gunna get carted off because it is unsolicited email.

Attaching your e-mail adress to a /. comment is soliciting e-mail replies. If a professor gives you an e-mail adress, he's soliciting questions, unless he specifically states otherwise.

Re:"unsolicitated mail is illegal"

[GigsVT]

So it's OK for the non-profit orgs to spam the hell out of me? It's OK for "charity collection" scammers to spam me?

Commercial email isn't the problem, bulk, untargeted email is the problem.

Re:"unsolicitated mail is illegal"

So, what's the difference between me sending a slashdotter email, and a spammer harvesting the addresses and doing the same? By your analogy, spam is _solicited_, since the address was posted in a public place.

Re:"unsolicitated mail is illegal"

[Strog]

Try this instead.

"Mass unsolicitated email is illegal"

Pick one or the other. You can send mass email to people who want it or you can send unsolicited emails to 1 or 2 people at a time. Just don't do both at the same time.

Re:"unsolicitated mail is illegal"

[berzerke]

...every time I send an email to a college professor asking about one of his papers or send an email to someone who posts on Slashdot I'm gunna get carted off because it is unsolicited email...

Most people consider unsolicited COMMERICAL email as spam. Asking a professor about a paper is usually not considered commerical. Therefore, it's not considered spam by most people and they probably won't object to strongly.

Re:"unsolicitated mail is illegal"

[QuantumG]

If I'm asking the professor because I happen to be implementing his algorithm for work related reasons then surely the email is commercial. Score one more person who shouldn't be making laws.

Re:"unsolicitated mail is illegal"

[operagost]

Try this... unsolicited COMMERCIAL e-mail.

Sorry...

[BayStealth]

...I don't buy the argument about the docs being in english is a problem. In my experience the docs are many times confusing or hard to understand simply because they are written by someone whose primary language is not english. I have not yet had a problem finding help on the net when I don't "get" some aspect of the docs. I think that anyone using this argument is either ignorant, or thinks that I am.

Re:Sorry...

[GodInHell]

Opting for the second choice.

The problem is that English speakers have had a 'bad attitude' about expecting all those 'grimy third world' places to learn our language. It's almost a shame that the majority of Europe has now complied. But we got the money, they want it, etc etc.

Hmm.. I wonder if they ever considered blocking english speakers at the border.

Oh yeah, also don't forget that there is a shortage of skilled techs that read/write manderin/cantonese, This makes it much more difficult for admins to find folk that speak their native language and also have the nessecary expertise.

Or so it appears from where I sit.

-GiH

okay, fine - so we block

[hrieke]

But what else can be done to solve this problem with China and other Asian countries?
I agree that the 'no response' from many of these places is frustrating, but has anyone offered to train[1] some of these people in setup and configuration of their servers?
Has anyone who is bilingual offered to translate the user manuals into Japanese, Chinese, or Korean?
Has anyone taken the time to explain to them that by lax secuitry / improper setup on the EMail server usually points to more problems with in their network?
Education is the answer to this problem, and we need to take the lead.

[1] Okay, it might be impractial to fly halfway around the world to train someone in server configurations just to stop spam, (although a cost /benfit analysis might prove otherwise if the volumn is extream!) but has anyone offered to train someone from Asia on this side of the globe?

Re:okay, fine - so we block

[NOCRic]

Actually, I've had several conversations with folks in the Asian sector of the Net. (Never when I needed it, mind you, such as during a complaint investigation.) While they say they understand the problem and they tell me they'll fix it, they never seem to. Spam, DoS attacks, port scans, obvious hack attempts - we may as well be talking to the wall for all the help we get from them. Blocking them appears to be the only way. When enough of them are blocked, perhaps they'll begin true cooperation.

Re:okay, fine - so we block

[crow_t_robot]

Yes, i have a taiwanese pen-pal that i write configuration tutorials for in flash5.0 and in the native language. and since i am so rich i send my lunch money everyday to africa. and working in the tech industry leaves me with an abundance of minutes to relax when i get home before i go to bed so i use that time to teach Exchange Server basics to the needy in bahrain. all this extra activity that i have taken on has left me with very little time to continue saving the whales.

Re:okay, fine - so we block

[ahuimanu]

There are plenty of knowledgable geeks in Japan and Korea, what training do they need? I think it is apathy.

Re:okay, fine - so we block

[Jhan]

...has anyone offered to train some of these people in setup and configuration of their servers?
Has anyone who is bilingual offered to translate the user manuals into Japanese, Chinese, or Korean?
Has anyone taken the time to explain to them that by lax secuitry / improper setup on the EMail server usually points to more problems with in their network?

So, the little yellow monkeys needs training from superior western intellects to clean up their act? ;-)

The Asian computer people I've interacted with have often had scary levels of intellegence and education.

The problem isn't one of incomprehension, it's one of legal laxity. There simply is no incentive for a Chinese ISP do squat about security, because they'll never get reprimanded or fined for it (except for your angry mails, which are easier to filter than their spam :-)

Oh, and please don't use the term 'Asian' for this problem! It's a problem of China, Korea, Russia and a few eastern European countries.

The ISP I work at blocks .kr...

[Ardax]

...and amazingly, we've never received a single complaint about not receiving mail from S. Korea.

Given, this is Northwestern Pennsylvania, so there aren't many Koreans up here.

Re:The ISP I work at blocks .kr...

There are people in NW PA? Oh yeah, that's right, one of our leaders is from there.

For the record, I'm here in south-central PA.

"Cultural Issues"

[suss]

Cultural issues also contribute to the problem. Many spammers in Asia say they do not understand why spam is a problem.

"It's a sign of respect that someone sends you an electric business card. It means he wants you as a customer," said Zhao Peng, owner of a computer store in Hong Kong.

So what does it mean when they hammer your firewall all day long?
They're just being considerate in checking you for exploits? (Most scans originate from asia in my logs.)

Re:"Cultural Issues"

[doubtless]

It doesn't mean the exploiters must be asian when the log suggests so. Those boxes could be used only as a bridge.

Watch out with that scheme

[phr2]

I've been doing something like that for a while (periodically changing addresses for news posts). The trouble is that every address you use gets on spam lists and gets spammed forever. By having 100's of addresses, you get 100's of times more spam than you otherwise would. Even if you can filter it on arrival so you don't have to see it, it's still clogging your bandwidth and you can always filter a legitimate email.

I don't generate unique reply addresses per news post, but change addresses a few times a year. I have a bunch of old addresses that mostly get spam, so my filters dump incoming mail to them into a mailbox file that I look in every now and then. That's much less annoying than seeing the spam as it arrives, but still, it's better to keep the volume down.

I think I'll completely stop putting replyable email addresses on news posts. I'll just have a URL for my web site where people can leave me messages through a CGI. That lets me make another political statement too, since my web site runs SSL so any incoming messages I get from the CGI will be encrypted while in transit. We tell people to use ssh instead of telnet--we should also try to avoid sending email in the clear without a reason.

Re:Watch out with that scheme

[dustpuppy]

That's why you should get your own domain and host a website will a business that offers you unlimited email aliases.

Then all you do is create email aliases to your hearts content. I create a unique email address for any mailing list/website I sign up for so I instantly know when a mailing list/website has sold my email addy to someone else and I can shut it down straight away.

Re:Watch out with that scheme

You should read the posts you respond to, fuckwit.

Re:Watch out with that scheme

clogging your bandwidth? Right. Sheesh. What do you have, a Commodore 64, 2 tin cans, and a string? Get a real pipe, and get over it. If a couple dozen 2kbyte email messages a day DoS your network, you're in a world of shit my friend.

Re:Watch out with that scheme

[mjh]

I think you might be interested in using self destructing email addresses. I've just started using TMDA. You can set it up so that all outgoing email to someone that you don't know will generate a "dated" address. This address will be valid (by default) for 5 days. After 5 days, TMDA will automatically reject any email directed to it.

Other things you can do with TMDA include:

• Requring anyone unknown to you to send a confirmation
• Automatically adding all valid confirmations to your "known" list
• Generating sender email addresses, that will allow a specific sender (such as a mailing list) to send you email. No one other than that specific sender will be able to use a sender address
• Generating keyword email addresses. This is similar to what you're talking about already. Where you generate unique addresses, each of which will be allowed to get to your mailbox. But will also allow you to track who is giving out your email address.

TMDA takes a little bit of work to be able to understand what's going on, but once you get it set up, it's pretty effective.

Good luck.

Re:Watch out with that scheme

[theSprocket]

it's kind of hard to get cheap hosting with unlimited addresses, better to host your own server, preferably, sneek it into the rack at work for free.

Re:Watch out with that scheme

Get a real pipe, and get over it.

See, spam does cost the end-user money. It's probably more than a couple dozen for a lot of people. Especially if they run their own email server(s). Take multiple-dozens of emails times EACH account

Re:Watch out with that scheme

Only the data posted from the cgi is encrypted. Once it's in that email, it's fair game (unless you use webmail on that SSL server).

Re:Watch out with that scheme

[Sloppy]

I get (roughly) half a megabyte of spam per day. Somewhere around 97% to 99% of my email is spam. It's hardly just a "couple dozen 2Kbyte" messages.

*sigh* That's what I get for posting to Usenet and having the same email address for 8 years. I'm gonna "move" this year, I swear...

Re:Watch out with that scheme

[Phroggy]

The trouble is that every address you use gets on spam lists and gets spammed forever. By having 100's of addresses, you get 100's of times more spam than you otherwise would. Even if you can filter it on arrival so you don't have to see it, it's still clogging your bandwidth and you can always filter a legitimate email.

Hmm, what about this?

Run your own DNS and mail servers, and use your own domain name. Generate a unique hostname every time you need an e-mail address, and use yourname@00001.yourdomain.com as the address. After you're done with that e-mail address, delete the hostname from the DNS, or change it to resolve to 127.0.0.1 or something. You might still get DNS queries, but that shouldn't take much bandwidth at all, especially since DNS is cached.

Re:Watch out with that scheme

[ninewands]

I think I'll completely stop putting replyable email addresses on news posts.

I did exactly that. If you find one of my usenet posts, you'll see the From: header is ninewands@127.0.0.1 ... I NEVER get spammed from a usenet post, but the spammers do .. hehehe HaHaHa.

Re:Watch out with that scheme

[4444444]

if everyone had the ability to run thier own dns and mail servers that might work but you really don't think everyone will go through that much trouble to fight spam do you?

Never hear from 'em...

[NOCRic]

I do NOC work for one of the major backbone providers and we are forced to try to work with several of these ISP's who promote the spamming. We never hear back from these folks in problem investigations. Blocking them appears to be the only answer.

Another way to approach this one....

[MikeP42]

As I understand it, the Chinese are just victims of the rampant capitalism of everyone's favourite superpower. US spammers take advantage of lax system management in foreign countries to promote their products and services using spam. Thus, surely a more effective way to elimiate spam would be to cut the US off from the Internet. Fight the problem at it's source! This would have a number of other side benefits for the rest of the Global Internet as well.

I'm torn...

[dasspunk]

I have a hard time rationalizing the expulsion of an entire cultures email rights in the states because of some bad seeds... but MAN do I hate SPAM.

Does this mean free email accounts (like Yahoo or Hotmail) will get a bunch of the email refugees from these afflicted regions?

Lucky bastard

[wiredog]

I get nowhere near enough spam in my inbox to interfere with legitimate mail

At one time I was spending a couple hours a week configuring filters and deleting spam. Now I have a list of known addresses I accept mail from. Everything else goes into the spam folder. I check that once a week, takes about half an hour to go through it and move real messages to the appropriate places. Then I delete the rest.

Yes, but...

[SurgeMaster]

"Setting up barriers like this is regrettable, but when the originating ISPs refuse to take responsibility for the actions of their users or close their open mail servers, there would seem to be no other choice. "

Do we really want ISP's taking responsibilities for the actions of their users? I can think of some downsides to that: if I find out an ISP is censoring e-mail based on what it's customers are sending, I might be more successful when I sue that ISP over content that appears on the sites it hosts which I find objectionable (Not that I would, but do you agree with the point in principle?)

Re:Yes, but...

[An+Onerous+Coward]

They're not talking about ISPs who refuse to spy on all the mail sent out by the customers. They're talking about ISPs who, when faced with legitimate complaints of abuse, ignore them. Simply put, the ISPs may not have control over what their customers send out, but they do have a choice of not serving customers who cause problems for other people on the Net.

Re:Yes, but...

[SurgeMaster]

Sorry, I didn't make myself clear in my first message, so let me try again:

"...the ISPs may not have control over what their customers send out, but they do have a choice of not serving customers who cause problems for other people on the Net."

So if I complain to Comcast that I don't like so-and-so's Web site, which happens to be hosted on their servers, they should take it down?

Re:Yes, but...

[schon]

Talk about a staw man..

There is a HUGE difference between a website (that you have to expend effort to view) and spam (which you have no choice to view)

How about "If you don't like it, don't go there?"

With spam, you get no such choice. Once it's in your mailbox, you've already seen it.

Sad but true.

[Lumpy]

The 2 servers I manage and what I reccomend to many is to set up filters to block or auto-delete anything from that country's TLD. .kr is the biggest problem lately. It is too bad that it has to happen, but I at least tell people to set up their filters in such a way to make their maillists first and anything that is really wide like banning a country last. That way real email from somone about PicoGUI that is in the .kr land I will see, but the junk that goes to my inbox dies.

I think we've just found the first...

[Mikesch]

legitimate use of a DDoS attack. I know it is wrong on so many levels and immoral and all that, but doesn't it just make sense on a primitive level that if they are unwilling to shut down their open relays, someone else should shut them down for them? 24 hours notice, then hit them until they promise to shut it off. Make there be direct consequences for them not playing nice on the net.

Like I said, I know this is inherently flawed, but it is nice to dream. Mmmmmm, vigelante justice on the net...

Re:I think we've just found the first...

[NOCRic]

Tempting... very tempting indeed.
But, you're right. It's wrong, and would actually hurt other folks who needed the bandwidth for legit uses. Besides, it might start a "shooting war" in Cyberspace. The script kiddies with their DoS tools are bad enough, we don't need corporations using them, too. If MS or Sun or the local Mom-n-Pop ISP decided to use that as a competitive tool, we'd all be in real trouble real quick.
Still...

Re:I think we've just found the first...

legitimate use of the Slashdot effect. I know it is wrong on so many levels and immoral and all that, but doesn't it just make sense on a primitive level that if they are unwilling to shut down their open relays, someone else should shut them down for them? No notice, then hit them until they promise to shut it off. Make there be direct consequences for them not playing nice on the net.

Re:I think we've just found the first...

[Mike+Van+Pelt]

Someone could make it automatic - poison the spam lists with some addresses which, if they receive email, instantly start up a DDOS against the source of the email. Perhaps even shutting down the spam spew while it's in progress.

My own personal fantasy is a virus, the payload of which triggers on the presence of known spamware on the infected machine. When spamware is running, it intercepts outgoing port 25 and simulates an SMTP transaction, while actually doing nothing.

"But that would be wrong."

Re:Yeah right

[thedungbeetle]

I'm sick of these fucking chinks ruining everything, selling broken junk computer hardware, trying to scam people out of money, and sell worthless products. I say, "Fuck Em" and you can quote me on that.

Right, give us your name and we will.

Shut them down

I say SHUT DOWN any and all Human Rights violating Asian countries. Lock those bastards out of the real world! Fuck those geek assholes.
Systematically lock them bastards out forever! Fuck the SPAMMERS too!

my ISP just did this

[option8]

the place where i colo is just now doing this after tracing the bulk of the spam coming into their own network from chinese ISPs and most especially china.com

rather than refusing email from the offending ISPs, they are going to the rather extreme measure of refusing connections entirely (at the router, i guess, though i'm not certain how the network is set up...) from the entire IP ranges of a number of the offenders.

so, now all my domains (and all those colo'd at my ISP) will basically be inaccessible to anyone in china. big deal. all the traffic i get from china is either spam or nimda requests. woo friggin hoo.

it has yet to go into effect, but i expect it will make a big difference in my monthly bills, as i pay for bandwidth, even if it's spam sent to people on my mail server.

as some folks are bound to say, it's more than a bit presumptuous to basically say "play by my rules or get off the field" where "my rules" are typically those of the mostly american, english speaking internet population, but in this case it's more a case of "play nice or go home"

Re:my ISP just did this

[Zocalo]

rather than refusing email from the offending ISPs, they are going to the rather extreme measure of refusing connections entirely (at the router, i guess, though i'm not certain how the network is set up...) from the entire IP ranges of a number of the offenders.

What they'll be doing is redirecting the eBGP route (ie. bit that says "go here to get to their IP block") for the ISP concerned to the routers equivalent of /dev/null. We use this technique a lot to dump traffic from problem areas until the problem is fixed as it's quick and easy (usually a one liner in the config) and 100% effective. It's a good way of bringing people into line, although usually just the threat of this is enough to prompt any action that is going to happen since it's about as extreme as one ISP can be to another.

Re:my ISP just did this

[The+Ape+With+No+Name]

I blocked mail on china.com and *.cn addrs and saw 60% drop in spam. Of course, these dudes are wise to this and have started up with *.tw addrs if you really take a close look at the headers tho, you will find a lot of the mail originating from dial-up accounts in European countries as well as Asian countries. Also, the use of unpatched or administered sendmail is also a major contributor. We need certificate based authentication, checksums, etc to really get a handle on this. A previous 'article' mentioned that US based spammers are actually a select few criminals.

Re:my ISP just did this

We need certificate based authentication, checksums, etc to really get a handle on this.

so let's see, you want every piece of email you write to forever be directly and provably connected to you?

like, when you're applying for a job and your would-be future boss sees an old message of yours in which you bash his favorite football team?

i'm amazed at people's shortsighted insistence that anonymous communication is overrated, and horrified that people want nonrepudiation built into all their communication.

no wonder the usa patriot act passed without so much as a hiccup from the public...

Re:my ISP just did this

[The+Ape+With+No+Name]

i'm amazed at people's shortsighted insistence that anonymous communication is overrated, and horrified that people want nonrepudiation built into all their communication.

You need to explain how the boss would see that mail. What is wrong with knowing who sent the mail? Wait, is it because you are a fuckhead who likes to say shit you really think, but has to do it anonymously, because you don't have the stones to face up? Most likely....

Chinese ISPs need to think globally

[mblase]

The article says:

Some Chinese and Korean systems administrators said documentation for the software they use is often available only in English, which complicates securing their systems.

This is an honest problem, because it's not the the ISP's fault that they can't get native-language documentation for the software. But if they're running the software at all, it becomes their problem. Why would any responsible system administrator install software when he can't read the documentation? Educated English speakers aren't such a minority in the far East. It's the ISP's responsibility to hire them, or else get software documented in their own language.

Cultural issues also contribute to the problem. Many spammers in Asia say they do not understand why spam is a problem. "It's a sign of respect that someone sends you an electric business card. It means he wants you as a customer."

This is just willful naivete on their part. If they think that sending an electronic business card is a "sign of respect", that's fine. But they need to understand that in the West, unsolicited advertising is an overwhelming inconvenience and is not welcome by the vast majority. Cultural relativism swings both ways.

Piracy is free and open and common in the far East, which irritates Western corporations and makes poor Western college students and hackers giggle with glee. It's rampant and unpoliced because the notion of information ownership and copyright just don't exist over there. But here's the flip side to that coin: unrestricted dataflow from the West into the East also means unrestricted dataflow from the East to the West. As music, movies and software comes in, spam goes out. Like it or not, they're both travelling through the same door.

If the Chinese ISPs want to provide their people a gateway to the free world, then it's their responsibility to cooperate with how the free world works and act responsibly within that setting. If they don't, then they get blacklisted like this and lose their right to be a gateway.

Re:Chinese ISPs need to think globally

[linzeal]

I know Connectiva Linux has begun translating every bit of the linux documentation project writing into spanish and there seems to be one that is doing the same for korean but what about chinese and even indian? Could anyone link those projects if they know them here for people to send to these companies when replying to spam, thank you.

Re:Chinese ISPs need to think globally

[eugene+ts+wong]

I agree to all that you said about responsibility, and would like to add to that that a blacklist won't be a permanent thing. Eventually, there will be incentives to remove them from the list(s).

For those with bleeding hearts, I would like to make this analogy. Why don't we just let anybody drive, without a license? After all, some people don't understand English and we can't be too hard on them. Even if they crash and kill and inconvenience others, it's still okay, right?

Wrong! People have a responsibility to use their tools correctly, and not hurt others. Can't read English? Fine. Don't want to do business with the English-speaking world? Fine. However, if you do want to do business with the English-speaking world, don't start complaining when they don't want to do business with you.

Re:Chinese ISPs need to think globally

[linzeal]

I meant hindi not indian, sorry.

Re:Chinese ISPs need to think globally

Whew...I was seriously ready to fly off the handle and call you things like fuckhead, nimwit, assclown, shit for brains, etc....
yeah, hindi. but most indians know english.

Re:Chinese ISPs need to think globally

[Kanasta]

Many spammers in Asia say they do not understand why spam is a problem. "It's a sign of respect that someone sends you an electric business card. It means he wants you as a customer."

Don't believe any of that crap. They know damn well ppl don't like spam. It's just a trick for naive westerners.

It's like saying "sorry officer, I didn't know how fast I was going, I was just following the car in front..."

Rather than 1/4 of the world

[Moderation+abuser]

Why not use a domain hitlist? Get more than a couple of spams from a domain, bounce everything from the domain[1]. It's less arbitrary than closing off everything from Asia on the basis of a few spammer ISPs.

[1] Bye bye Yahoo, AOL, Hotmail for a start.

Re:Rather than 1/4 of the world

[RedHat+Rocky]

I started out this way, only black listing networks that sent me SPAM. The problem was, the damn SPAMMERS seem to have a limitless list of open relays in Korea, etc.

I blocked Korea (using apnic) and my SPAM dropped to almost nil. Days of effort saved on my part.

It's not my responsibility to make sure Asian mail servers are not open relays, it is the USERS of those mail servers. The ISPs won't do anything until it hurts the bottom line.

Re:Rather than 1/4 of the world

[Skapare]

What if the IP address does not have a domain, or that domain is forged (e.g. forward DNS lookup fails to match). The contents (header, body) can all be forged, so that can't be used. The only thing one can be sure of is if they do reverse-the-forward DNS on the connecting server, then at least they know the domain of the server.

Actually, I don't accept mail from servers without proper reverse DNS that matches the IP address via forward. And that has cut out a massive amount of spam, globally and domestically. And with extremely little collateral damage (it's easy to fix the problem, and 4 out of 5 ISPs affected have fixed it).

Re:Rather than 1/4 of the world

[macdaddy]

True but it's a horribly difficult thing to keep up with. I have a very extensive Sendmail access list full of spamming domains and providers' netblocks. I'm up to 4682 entries. That took a helluva lot of time to do. It's not easy by any means. Domains are a dime a dozen nowadays. Spammers buy a couple domains every time they send out a new set of spam. Domains are throw away nowadays. It's almost not worth it. I still do it though. A community effort is greatly needed I think. I use a bunch of DNS blacklists and I contribute back to them with submissions.

The only way to go...

[toupsie]

I was surprised when I read this article on Wired yesterday. I thought I was the only one doing this. About two years ago, I cut off all of China from my mailserver at work -- we don't do business there. We were being flooded my SPAM on Chinese open relay servers. It got to the point where some users were getting more SPAM than legit mail. Once China was cut-off, the SPAM dropped off to a trickle. Then Korea became the next SPAM hot spot for us and I cut them off as well. Granted its some of the SPAM is from "white folk" that are using these open relays to SPAM Americans. If I could track them down and actually do something legal to them as opposed to beating them with a 2 by 4, I would. So far, the US Government has been pro-SPAM with the only legislation being introduced as "opt-out" systems.

The Asian nations would not be in this situation if they understood the proper way to run a mailserver and dropped the insane cultural notion that obnoxiously shoving a business card in someone's face is courteous and expected. I worked in Asia during the early 90s (mainly Singapore, Hong Kong and Taiwan) and from my experience of working with Asian businesses, this problem will not go away. Unless it's not hurting their bottom line, it doesn't matter if its hurting ours.

Re:The only way to go...

[Roblimo]

> Granted its some of the SPAM is
> from "white folk" that are using
> these open relays to SPAM Americans.

I know a Baltimore guy who was a prosperous, successful spammer for *years* before he got a degree and moved into a more legitimate job.

But he's still black, and AFAIK has no intention of changing his skin color anytime soon.

- Robin

Re:The only way to go...

[ethereal]

Wait, he actually made money from spamming? How much? Was this just from selling spamming tools, or from the actual spam itself?

Re:The only way to go...

[roybadami]

So far, the US Government has been pro-SPAM with the only legislation being introduced as "opt-out" systems.

But the FTC (US Federal Trade Commission) is planning to (try to) clamp down on senders of spam where the content is illegal or legally dubious (make money fast schemes, dodgy investment opportunities, etc).

They ask for such spam to be forwarded to uce@ftc.gov

I'm not sure if they really want those of us outside the US to forward spam, but I've recently taken to forwarding such spam to them if it seems legally dubious and seems to have a US connection.

Re:The only way to go...

[Frank+T.+Lofaro+Jr.]

Good idea. Haven't you heard, the US' jurisdiction is now the whole world. 1/2 :)

Asian sysadmins?

Think of what goes through an asian sysadmin's mind when he sees an english email in his inbox....

SPAM! No thank you I do _NOT_ want to make my penis bigger!

How to give Chinese ISP's some incentive

[Ice+Tiger]

Send political spam using thier servers to Chinese citizens. I bet it will become a number one priority then. :)

what about those pesky germans?

while we're on the subject, what about these damned anonymous FTP abusing bastards at t-dialin.net (a german ISP)?

every time i open up an ftp port on a server or punch a hole in a firewall, immediately, i get hit with anonymous requests from *.t-dialin.net trying to use its disk space to store porn and warez. no, i don't leave anon services available, but it's very frustrating to see all the requests in my logs...

oddly, i haven't seen any kind of coverage of this exploit except on a web admin mailing list saying, basically, "Fuck 'em. turn off anonymous services"

where is the outrage? where is the debate? oh yeah.. this is slashdot.

Worked for Me

[waldoj]

I run several small community mail servers, and I firewalled off China, Korea, Taiwan and Japan about a year ago. It was the best thing that I ever did for those servers. Spam dropped down drastically, and I'm yet to get a single complaint about somebody not getting mail. Sucks to be in China, I guess, but this is a solution that, for me, has proved to be perfect.

-Waldo Jaquith

SHOCK! HORROR! journalism

[Rogerborg]

• • frustrated sysadmins in the West are responding to a torrent of Asian spam by simply refusing all e-mail from that part of the world [says Slashdot]
  Anti-spam activists confirm that a growing number of beleaguered systems administrators are now blocking all e-mail originating from Asia from their systems [says the article]

Bollocks, says anyone reading it with a critical eye. There are no references or sources for this sweeping "all Asian email" statement. The single reference is to Spamhaus which implements selective listing of domains that persistently generate or carry spam and decline to respond to spam reports. Most of their listed ISP's are currently US based. There is specific mention of two Chinese ISP's, and none from any other Asian nation.

To make a story out of this, you have to cite metrics. The fact that Spamhaus are currently blacklisting China Telecomm no more proves that "the west" is blocking "the east" than a story about anyone temporarily blacklisting AOL (again) proves that there is some mass move to block "the west".

Without giving metrics, you're just providing anecdotes. Persuasive anecdotes, sure, that probably appeal to our personal experiences, but those are the most dangerous kind, because they stop you looking for the real story and asking the real questions.

The real question here isn't "Why do Spamhaus currently blacklist China Telecomm?" but "Why don't Spamhaus currently blacklist Roadrunner?" or any of another half dozen ignorant ISP's that deny that they are injecting spam even in the face of unequivocable header evidence. Perhaps we in the "west" (sweeping-generalisations-r-us) could go about cleaning up our own house before we go gunning for those coming late to the party.

Wall em off....and let me know how....

[CDWert]

I run several mail servers, and I admit my filtering is noxesitant, I have as of late however began to recieve spam by the boatload from asia, Myself and my clients would have no problem with such a filter ?

Are there any sample sendmail configurations out there to reliably do geographic filtering ?

Education is only the answer to ignorance

[marnanel]

Education is the answer to this problem, and we need to take the lead.

Education is the answer to ignorance. Are we sure ignorance is the problem? With so many reports of mails to abuse@ going ignored, so many open relays reported and yet remaining open, I have to wonder whether it's not often an attitude problem (not that Far Eastern ISPs have a monopoly on those), and that's much harder to know what to do about.

Re:Education is only the answer to ignorance

[oni]

I have to wonder whether it's not often an attitude problem

I agree completely. Anyway who can blame them? They set up a mail server for their users, some westerners misuse it to send spam, then more westerners start yelling at them to fix it.

This all just plays to their generally poor opinion of us. We support their stereotypes.

Re:Education is only the answer to ignorance

[dvdeug]

I agree completely. Anyway who can blame them? They set up a mail server for their users, some westerners misuse it to send spam, then more westerners start yelling at them to fix it.

Um, the spam I get from that part of the world is written in either Chinese or Korean. I doubt it's Westerners sending that out. And if you want to be part of the net, you've got to take responsiblity, which includes proper care of your email server.

Don't forget wanadoo.fr...

[Mikesch]

I average several dozen connections from those idiots every week. If I had some spare bandwidth, I'd actually do what a friend of mine did and set up an anonymous ftp server that would only allow uploads. He got some neat goodies.

Re:Don't forget wanadoo.fr...

Yeah, every morning about 5-6AM EDT they try to connect to do an anonymous FTP connection. WTF are these guys smoking? I can picture a scan once/month, but once/day?

turnabout's fair play

Hey, the Chinese built that darn Great Wall back then to keep out the barbarians and now the barbarians want to build a wall to keep out the Chinese spam....

If they really wanted to send mail

[arindar]

If they really want to stay in touch with people on the other side of the block they would do just fine by getting a Hotmail or Yahoo Mail account to correspond with.

Re:If they really wanted to send mail

[trezor]

So if you were running a business, you WOULD take mail sent from hotmail, msn or yahoo serious? My first thing, if I started a busniness, would be blocking mail from these domains as well! Like I do now. Blocking entire asia seems like a good idea to ME (and now me only) anyhow. I dont know people there, and if it'll reduce SPAM I will.

Re:If they really wanted to send mail

[Desert+Raven]

So if you were running a business, you WOULD take mail sent from hotmail, msn or yahoo serious?

I know I do. Blocking the major web-mail providers would have a major impact on my business, and not in a good way. Truthfully, I can't remember the last time I got a spam that originated from a hotmail or yahoo account. Yes, most of them have hotmail and yahoo addresses in the headers, but they're forgeries or reply addresses. The mail itself is coming from Asian or Canadian address blocks.

Re:If they really wanted to send mail

[kaimiike1970]

You clearly do not run a business. Most email comes from yahoo or hotmail accounts because people don't want to share their 'real' email with businesses on the chance that the business will sell their address.

Another idea

[SkyLeach]

It would be nice if the DNS protocol could be extended to store spamming information on ip addresses (someone tell D. Eastlake, he'd love to write another RFC :) ). Something like a count of verified reports. That way when an SMTP request comes in the recieving server can simply do a reverse lookup on the ip and retrieve spam information, apply some rules and refuse/grant the connection.

This would make IPs clean up their act faster than blocking them or threatening to block them.

My new sig

Fuck Em
-Anonymous Coward

Yes, I'm posting this as an AC. Too lazy to create an account.

Procmail

[tiny69]

A few months ago my email address ended up on a Korean spam list. I've been using the following procmail rule since:

:0:
* (^From:.*\.kr |\
^.*ks_c_5601)
SPAM

It catches about 95% of the spam from Korea. It's sad that I've had to resort to filtering email from an entire country.

What has amazed me about the whole thing is the spam I receive from there is usually written in the ks_c_5601-1987 character set. Since Korean is not a really popular language throughout the world, the chances of someone understanding the spam is very slim (I haven't been about to find a good Korean to English translator that actaully works). IMHO, the spammers are just wasting their time.

Re:Procmail

[b1t+r0t]

Here's my way of blocking Korean spammers/open relays from my own server:

/sbin/ipchains -A net-in -p TCP -s 210/7 -d 0/0 smtp -j DENY

Unfortunately, most of my e-mail comes in on my ISP account, which I don't have similar access to. Perhaps when I get a co-lo server someday, I'll start using my own domains for e-mail.

Re:Procmail

[dvdeug]

the spam I receive from there is usually written in the ks_c_5601-1987 character set.

Interestingly enough, I've been told that ks_c_5601-1987 is primarily a spam charset. Most Koreans who actually want to communicate with you would use ISO-2022-KR or EUC-KR. Though using any non-Latin charset in the subject is usually a bad sign. (Body's different, as that may just mean the signature.)

Re:Procmail

[Our+Man+In+Redmond]

I've done the same thing using a Mail::Audit filter that also traps the string 'ks_c_5601' in the subject line, the 'charset' attribute in the 'Type' line, and the body of the mail. It also searches for 'euc' (which traps euc-kr, I believe). By doing this I've reduced my Korean spam intake to zero.

Oddly enough, I got an apology in English from someone because of a piece of Korean spam they sent me. What was odd about it was, I didn't complain about that particular mail!

Re:Procmail

[dvd_maximus]

I'm on the verge of blocking the whole of .tw, .kr, and .hk . But if I could instead filter on character set, I'd greatly prefer to do that. I've no idea what the content is -- it might be highly useful info -- IF I could read Chinese or Korean.

Spamassassin

[blinx_]

One thing you should consider for your antispam filter is spamassassin I recently set it up on a couple of mailboxes via. procmail, but it also sports a site wide daemon.

After a little bit of tweaking I know use it to check for matching mails in the razor spam archive, against ordb.org and it's own check that sees if it matches usual spam criteria like claiming you can be removed from the list, claiming that the mail isn't spam or is in accordance with some US law etc - untill now it has cought every piece of spam I recieved (around 5-10 a day) and I've had no false positives yet.

Try it out - it's really great :)

Re:Spamassassin

An alternative is TMDA.

While most attempts are to blacklist spam, new spam will still get through. TMDA attempts to deny everything until it's confirmed. A bit inconvenient and painful? Yes, but perhaps this is the only strategy that will be effective against spam.

Considering that 95% of all my spam comes from USA

[jonr]

Shouldn't I block USA? It's the same arguments, right? Didn't some dude say: "How can you say to your brother, 'Let me remove that splinter from your eye,' while the wooden beam is in your eye?"
...
Blime...

Moderation prediction:

-99999999, Criticizing a non-US culture

I Can go One Better!

[Greyfox]

I recently got a spam that was relayed through an open relay at a huge IT contracting firm! I sent them an E-mail and asked them if they needed some more security people to help with their network management, along with a copy of the offending E-mail (Heh heh heh.)

Re:I Can go One Better!

[hardcode]

Only yesterday I got 4 copies of Sircam from a pimp^Wrecruitment agency I sent my CV to. Their mail admin was cloyingly grateful to be told by someone, cos nobody else had told him.

what do you expect...

I moved to Taiwan a while ago...since that time I have seen many companies (big computer companies of mainboards and notebooks included)....they just run their webserver over an ADSL connection and the mailserver (open of course) over another ADSL connection)....so what do you expect....English is still no motherlanguage here. Another thing is that it is sooo easy for them because they also want to send their private mail over the own mailserver....so they DONT WANT TO close the relay.... until the server is spammed and there are 1 million messages in the queue with the message to YOU PAY TOO MUCH..blabla

The solution to spam: Internet Mail 2000

[ketilf]

Internet Mail 2000 seems to me to be a nice solution to the spam problem! This way you don't have to download the spam if you get it, and if you do, the spammer (or their ISP) has to be online. This especially solves the problem of spammers that send out mail directly to your ISP/mailserver without using a relaying SMTP-server.

The cool thing is that Internet Mail 2000 can coexist with normal mail as we know it today. Smarter servers can check if the recipient supports IM2000, and if they don't, send normal SMTP.

I don't actually think it has been implemented yet, and it looks like there are a few issues left to solve, but nothing unsolvable.

Re:The solution to spam: Internet Mail 2000

[forgeeks]

Yes, but that is for M$ Exchange 2000 correct?

Re:The solution to spam: Internet Mail 2000

[ketilf]

You clearly didn't actually read the link. This is by the designer of qmail and djbdns, Dan J. Bernstein. Among other things, he offers a $500 reward if anyone can find a bug in his DNS software (I'd like to see the authors of BIND doing that!). And this is not a working piece of software, it's a new concept of how email should work. And IMHO, it's a very good idea! The idea is that an email stays at the senders server, only a notification is sent to the recipient. Then, when the recipient actually wants to read the mail, it is downloaded. You can "unsend" an email, you don't need to download the message if you don't want to, and if you're using something like hotmail, it's the sender that has to watch the disk quota, not the recipient.

For a spammer, this means they have to stay online until you download the message (but then you know who they are), or they have to use a relaying server as they do today. But there are less and less relaying servers around! Also, you won't need to download the message anyway, so the success rate for spam will decrease A LOT, making it much less valuable!

Re:The solution to spam: Internet Mail 2000

[Skapare]

IM2000 has its own risks. It allows "institutional spammers" (those who actually spam with their real identity) to not only save more money by dynamically generating your spam when you pick it up, but also track your mail reading habits as well. They know you picked up the mail, and they know where you were when you did (if you didn't use a proxy). IM2000 doesn't stop spam; it just gives you a better identity of who sent it, and tries to shift the cost back to them. But you can be sure they won't be storing a million copies of the very same spam, but instead will have one copy for all, and eventually add Java programming to make it all dynamic.

How to fight joe-jobs in case of uncooperative ISP

[BlueUnderwear]

Usually, when that happens, it's not only one mail, but hundreds or thousands. And in that case, you can rig your sendmail to mass-forward them back to source (i.e. assorted addresses at the originating ISP), and preferably via the same open relays that the spammer used himself. Start with abuse@, the also add support@, sales@, etc. If that doesn't help, add CEO and other employees, if you can find their e-mail addies. Then, finally, customers.

This technique worked wonders last time I had that problem at Bellsouth. N.B. When you do this, it is important that you don't forward the mail directly, or else they'll just firewall you off. If you use the spammer's own open relays, either:

• The spammer only used one relay, and the fact that the ISP firewalls it off works both ways: spam problem solved!
• Or he hops relays, so you relay-hop too. The ISP will need adding more and more addresses to their firewall, and eventually they'll figure that it is easyer to just boot the joe-jobbing spammer off.

Evidence of overseas spam

[tiltowait]

Pacific rim hosts dominate the SpamCop statistics.

Well, there's always this tactic...

Re:No response to complaints after receiving spam

[bero-rh]

Simply report them to the police - identity theft and fraud are considered real crimes even by clueless law enforcement offices that usually don't do anything about spammers. (Yes, I've done it before).

Junk domain

I keep a junk domain that I dont actually use for anything (used to belong to a small ISP 5 years ago), which gets nothing but spam. Every so often I change the dns record to point the mail to one of the ips that the spammers use. Let them deal with it. Changing the IP address periodicly to whoever last checked for an open relay also seems fitting...
If I point it to 127.0.0.1, will it just try to connect to their own server? (I'm somewhat new to mail server configuration, tho my relays are closed)

Not REALLY cutting that side of the world off...

[8bahl]

Anyone can sign up for free email with Yahoo and use it to mail their friends in the US. I doubt Yahoo would be black listed...

That much spam?

[flashk]

I know it affects traffic to ISPs a lot, but as a user, the amount of spam I recieve relative to normal emails is on a ratio of about 3% or less (that's with 4 accounts all with visible addresses all over over the place). Could it be that spammers are targetting the US from specific Asian countries? It could be due to my ISP's diligence, but I don't get enough spam that a few filters wouldn't stop.

Ban Asia

[rpmdp]

I have refusing email from all Asian sites for about 3 years now, it's only come a bigger problem in the last year or so. For the few friends I have in that area I allow their messages to get through Sendmails filters, otherwise all of that part of the world (including anything that had or has to do with Russia in it's previous or current form are also blocked, same reason). It's shame really, the Internet use to be a nice friendly happy place at one time.

Re:Ban Asia

[Skapare]

I almost, but never quite did, cut off all of Russia. The spam problem there has gone back down, at least for my regularly spammed email addresses. OTOH, I'm seeing a rise in spam from Indonesia, though not even near a need to cut off the country, yet.

Maybe they would respond if they could read it?

[xiaix]

Translate your messsage into Chinese, Korean whatever before sending it. It probaby wont help, but I think there is a slightly better chance of a reply. (I tried pasting results here but it wont allow it. Oh well.)

Asian ISPs Don't Acknowledge Viruses Either

[wsmith00]

I've sent scores of notifications to Chinese and Korean ISPs about their infected (NIMDA, CODE RED) systems detected here, and have for the most part received bounced emails saying the server name or user name (pointed out by tools such as GEEKTOOLS WHOIS proxy) doesn't exist. One ISP insisted that the IP address of an infected system didn't belong to them, even though every WHOIS out there pointed to that ISP. Probes from these infected systems continue, and are apparently out of control.

Get a free e-mail account!

[raldanash]

I don't really feel sorry for the Asian ISPs or their customers. Sucks to be them-but this is the kind of thing people have to do to clamp down on bad behavior without the intervention of government. I don't think spamming should be illegal-it's annoying as hell-but pressing the delete button seems to be pretty easy. In addition-as most slashdotters know, there are ways to avoid spammers. Have several e-mail accounts, one with your ISP that you use for personal correspondence, and another with a free e-mail account that you use for "official" purposes and in newsgroups (I actually did a test without two hotmail accounts I created, and the one that I used for what was then dejanews quickly got about 10X as much spam). Also, it's not like they can't keep in touch with their friends in the US. I assume e-mail can come through-and they can always get a free e-mail account with yahoo, excite or even hotmail. Anyway, ignorance is no excuse.

Oh the irony

[postman]

It seems to have escaped Slashdot's collective notice that the same nations that have uncontrolled spamming also have uncontrolled piracy. It's breathtaking how quickly this community embraces strongarm tactics to stop spam (a crime they don't like) but protests any attempts to stop piracy (a crime they do like). Just for kicks, imagine that there is a group of people out there who feel as strongly about stopping piracy as you all do about stopping spam. This should help you come to the realization that many of the arguments posted here about the evils of anti-piracy laws apply equally well to anti-spam laws.
Go on. give it a try.

Re:Oh the irony

[Steve+B]

It seems to have escaped Slashdot's collective notice that the same nations that have uncontrolled spamming also have uncontrolled piracy.

While there are some areas of the East Indies where one would be ill-advised to sail an unarmed ship, piracy isn't a problem off eastern Asia generally.

Dealing with Chinese spam ;-)

[Ryu2]

As most /.ers should know by now, the Chinese government just ordered all ISPs in China to start monitoring
email for subversive phrases and the like, so just reply to
Chinese spam with little replies of the form at the end of this spam.
Might be a useful tactic on companies who think that unsolicited
email is "just regular advertising".

Bill

"Jack(export manager)" wrote:
>
> Dear Sir
> How are you .
>
> We are a lighting factory in China ,It is glad
> to introduce ourselves to you:
>
> I am XUBIN (Jack) , XUBIN is my chinese name , you can just
> call me Jack !! , I am export manager of [deleted] ,
> China, our group have four factory
[snipped]
>
> Here is our company profile :
>

[Rest of sales talk snipped]

(And now, the reply)

Thank you for your coded order. The weapons and ammunition
will ship by way of the usual route in ten days, and you
already know our secret Swiss bank account number to
wire the payment to.

It is a pleasure doing business with you for so long,
and I hope your cause will prevail. I am new to this
particular computer, so I hope the encryption is
working and the monitoring authorities cannot read
what I am sending you.

Long live the Falun Gong! Free Tibet!

Best regards,
Your arms supplier

Re:Dealing with Chinese spam ;-)

Strange, you posted this comment already on the FTC thread (http://slashdot.org/comments.pl?sid=27875&cid=299 6436). You are a karma whore, whores ought to be bitchslapped. Do you jobs, moderators.

PS : /.'s search engine sucks, I had to use google to find it back.

Re:Dealing with Chinese spam ;-)

[TicTacTux]

Yep. And usually I report the spammers who want to tell me 'how to make a million a month' to the IRS. I wonder how they [spammers] then explain how their millions disappeared from the records...

Re:Dealing with Chinese spam ;-)

[tandr]

shoot... this is nice idea, man! could you supply us with email for IRS folks? (obfuscated a bit, of cause).

Re:Dealing with Chinese spam ;-)

[TicTacTux]

Use the addresses in http://www.irs.gov/where_file/index.html. Or call 1-800-829-0433.
And, I guess, the usual 'info' and 'abuse' or 'fraud' at irs dot gov addresses should help as well...

Re:Dealing with Chinese spam ;-)

I know you're just trying to be funny, but that could get someone into serious trouble. Even spammers don't deserve to be shot.

Re:Dealing with Chinese spam ;-)

[BlowCat]

Wrong. The guy tried to be funny when it was posted the first time. Now the guy just tries to get more karma.

Besides, China today is not Soviet Union in 1937.

Re:Dealing with Chinese spam ;-)

OK, isn't this a copy of a post from the last article?

Moderators - If you don't read enough posts that u can't spot cut-paste posts, you shouldn't be moderating.

Re:Dealing with Chinese spam ;-)

Even spammers don't deserve to be shot.

Please, brother, it's not man's place to judge. We can only hope there's a pit of molten lead somewhere on the 6th layer of Hell waiting for spammers, and trust our own souls to the Lord's infinite mercy.

Amen.

I'm all for it!

[Guppy06]

I've read a few of the opinions here about why they're uneasy about blocking off entire domains like this, but I still can't see this as anything but a Good Thing(tm).

There are those who are uneasy about blocking off access to a free and open medium. But if the medium is truly free, then you should also be free to block traffic that you don't want. Seriously, if you carry that point of view to its logical conlusion you shouldn't be trying to avoid spam to begin with and reading it should be compulsory. Just because everybody has a voice doesn't mean you have to listen.

Should ISPs be held accountable for the actions of their users? No. But they should be held accountable for their own actions, and one of their actions is aiding and abetting known spamers. They've received the warnings and complaints, they've seen their own mail server traffic and have access to their own logs, and their decision to do nothing implicates them. If a bartender can be held accountable for letting a known drunk drive home and if a gun store owner can be held accountable for selling a gun to a known felon, why shouldn't ISP's be held accountable for selling service to a known spammer?

And as for the legitimate mails that may get blocked by firewalling off Korea or whatever, why should we be held accountable for the foolish choices made by these customers? If anything, blocking their e-mails should be seen as a benefit, allowing the user to learn first-hand the despicable pro-spam tactics of their ISP and make an informed decision. If they don't jump ship after that they deserve what they get.

They're our routers, our mail servers, as long as our actions don't abuse other peoples' resources (like spammers) why shouldn't we do whatever we damn well please with them?

Re:I'm all for it!

[Kanasta]

Well, because several top ISPs in the US sell special spammer accounts to, well, spammers. For the purpose of spamming.

And it pays them well.

Not SPAM per se, but constant attacks!

[agrounds]

At my last job, working for a NASA contractor, we suffered a constant barrage of attacks that all seemed to originate in Beijing, or Seoul. Blocking Class-C blocks at a time knocked out the Seoul communications, but China was another matter. This went on for some time, with myself sending e-mail after e-mail to China Net with no responses. The difficulty arose from our having offices in Shanghai, so a total block of all addresses was next to impossible. (Anyone who has worked with China Net before can attest to the difficulties of getting static IPs, or *anything* for that matter) Another difficulty arose from the dynamic assignment of IPs by China Net as packets cleared their network. It was difficult to trace and block, and eventually my edge router configurations wound up with quite a group of extended access-lists. We had to ship off a VPN solution to our Shanghai offices, and hold our breath while we punched down tightened controls. After a couple of months though, we finally managed to stop the assault. It was annoying to be forced to such extreme measures, that wound up costing the company significant dollars in manhours, equipment, and travel time just because of the lack of professional courtesy from across the ocean. On a positive note, at least it taught me to be entirely proactive with my blocks, and now I don't hesitate to toss people's packets into /dev/null. Cynical perhaps, but necessary IMHO.

Re:Not SPAM per se, but constant attacks!

[schon]

we suffered a constant barrage of attacks that all seemed to originate in Beijing, or Seoul ... The difficulty arose from our having offices in Shanghai, so a total block of all addresses next to impossible.

What about using a VPN, and blocking everything that wasn't part of the VPN?

That way, your offices in Shanghai would still be able to access your network, and the attacks would be stopped.

Block where it hurts!

[Penguin]

It doesn't hurt a random asian ISP that they are blocked, meaning that there wouldn't be much change.

Let's rather block the #1 origin of spam: US.

Oh, wait a minute... that would be pretty painful, right? It would actually have influence? ISP's would risk getting a clue when americans couldn't e-mail other Americans?

No, nevermind. Let's keep out of sanctions that actually hurt. Let's block someone, we don't care about. Let's stay out of sacrifices. No need to let American ISP-spamhauses suffer. After all, they are the good guys, right?

bulk blocking of bulk mail

[theSprocket]

In addition to using the ORBZ list we block out the other three big domestic Spam sources, msn.com, hotmail.com, and yahoo.com. This helps a lot, but in general any web-based mail service that allows anonymous accounts is a good target. As the co-owner of several small private (not an ISP) domains, we can do this. As digital snobs, we don't really want mail from the digitally impaired, so, we can do this.

Actually, the few people trapped on those services that we want communication with we make exceptions and allow their mail to pass, but they have to know their recipient well enough to call first and set it up.

Did you read the article?

Some ISPs were simply getting so many connections from Asian ISPs that they had to firewall them off in order to get connections from the mail servers they wanted to connect to.

One Great Solution!

[tweakt]

3. It's sent To: a special purpose address within a couple of days of creating that address. (So I can post to newsgroups with addresses like jb10202 which will be valid for a couple of days for replies only)

Sneakemail -- Disposable email address service

I use these guys and I never get spam, the rare ocasion I do, I know who leaked it/sold it... or where it was harvested from.

1. The mail claims to be From someone I have pre-approved.
2. It's from a mailing list I've registered with.
4. The email contains a special approval code to bypass the checking.

The way you describe it make's sense. It's almost like a stateful firewal for email. Block all incoming, with certain exceptions. Allow all outgoing. Allow the responses to those back in.

Hmm. Perhaps my SMTP server should keep track of who I send email to, so it can automatically accept the replies and block the others. There'd be problems with that of course, since replies don't always come from the same address. But it's an idea to play with.

Re:One Great Solution!

[mjh]

Hmm. Perhaps my SMTP server should keep track of who I send email to, so it can automatically accept the replies and block the others. There'd be problems with that of course, since replies don't always come from the same address. But it's an idea to play with.

Check out TMDA. It will allow you to do exactly that. You can set it up so that all outgoing email get's a "dated" return address. That return address will be valid for 5days (by default). After which TMDA will reject any responses.

TMDA does quite a bit more than that, too.

When I contact a French ISP...

[lww]

they usually surrender right away ;)

Re:When I contact a French ISP...

[Choron]

That was funny, look everybody's laughing !

Re:When I contact a French ISP...

ROFL LOL! Almost as bad as the Italians; whom a single pilot crash landed on a small airstrip of theirs, and without _ANY_ weapons, got the award for being the man to single handedly take the most prisoners!

Odd Thought: Political Policy?

OK, this conspiracy theory nonsense, but here goes anyway:

Suppose you're a regime that doesn't WANT its people communicating with the rest of the world. Building a firewall is part of a solution, but no firewall is perfect. Why not get the "enemy" to build it for you? And then blame them.

How to get them to do it? Let open relays run. Let spam happen. Give everyone else a reason to block. When they do, they've built your firewall for you. And when there are any complaints about communications failures, your regime can truthfully say it's THEM that are doing the blocking.

I am NOT saying that the spam should be tolerated.
Nor am I willing to say the above speculation isn't a lot of hooey. Myself, I wish my ISP would get around to blocking a few alleged ISPs in the region that seem to have NO non-spamming users.

Available for free..

[joshwa]

also known as Sneakemail.

WHOIS

[macdaddy]

What I find frustrating as someone that filters a whole lot of spam on my servers is that I can't get usable information out of the APNIC WHOIS. I really can't find anything worthwhile in about 90% of my queries while LARTing spam. It's quite frustrating. I've considered blocking all .cn, .kr, .jp, .tw, .ar, .br, and other TLDs since I don't directly contact any body in those particulat TLDs. I am on mailing lists that have addresses with those TLDs on them that I would have to account for. As a sysadmin I find the quality of foreign WHOIS to be a major problem.

Re:WHOIS

while your at it, ban .us .com .net and .org

we should be getting nearer to spam free world on your isp then hey ?

WTF ?

"...but when the originating ISPs refuse to take responsibility for the actions of their users..."

Excuse me... but am I the only one who read this part...

Do you take responsibility for a 16 year old kid on your network hacking ? what about so f*#$wit looking at kiddy porn ?

Didn't think so

Re:WTF ?

Do you take responsibility for a 16 year old kid on your network hacking?

If, by "take responsibility", you mean stop them from doing it when you're notified, then YES.

Well, on the bright side...

We aren't blocking every country that sends us spam...

"Whataya MEAN we can't get mail from our own country?"

It's a nasty mess....

[MrIcee]

We routinely *chase down* spam senders and have them booted from their ISP. This, however, is much more difficult when dealing with ISPs that are not in America since not only are more costs usually involved... but also language barriers. We've found that, especially when dealing with asian and russian ISPs - that they often refuse (sure, they're nice on the phone... but nothing happens) to remove the offender - mainly because that's how they make their money.

Unfortunatly, blocking entire ranges of IP addresses is not a possibility for us since we have many international clients. The one time we tried to block a mexican ISP because it was spam-bombing us - we had 3 of our best clients complain that their mexican customers could no longer reach their website -- so blocking is not a possibility.

We have had limited success (more so in the US than elsewhere) in contacting upstream haul providers. It does work however... especially if you can save the proof of the spams to show the routing to the ops.

One thing that would help (though some you won't agree on this)... is to do away with HTML Attached email and go back to the (thankfully) good old days of text-only email. This not only decreases the size of the spam... it makes it less attractive as an advertising mechanism because you can't push photo's, etc... and do tricky 1x1 gifs to trace emails (plus it increases security since text-only emails cant be *executed*).

However... the single largest thing that people here in the states can do is (1) Fix your form remailers so they can't be used by webcam spammers (HI... I'M SUSSY AND I JUST GOT MY WEBCAM... SEE ME AT...)... and fix your sendmail so it doesn't act as relays... most of these foreign spammers do their best hiding by using legit US ISPs as unwanton relays... fixing our own software would reduce the number of places these spammers have to use and hide.

Sometimes it's not the ISP but their customers

If you start looking at the ISPs you'll find that it's not always the fault of the ISP itself (who probably has marginally capable staff) but of their clients who have unsecured boxes hosted. Client systems are rarely vetted before they're connected to the Net, and few are even contractually obliged to do the Right Thing (tm). I've been involved in cleanup operations, and it essentially involves three steps:

1) clean up the main ISP mail relays
2) force mail to travel via the cleaned up relays (router or firewall redirects - if it doesn't travel via the relay it doesn't travel, full stop). That will stop a lot of relay abuse - and gives you a log of those that originate spam email (forensics help if you want to take someone to court :-)
3) clean up the client systems inside the mail cordon. Only those that have been cleaned up are allowed back raw on the Net.

I'd be the first to agree that it's brutal, but it can be quick if clients cooperate. Make sure your contracts state terms of use, though - you'll need them to fight the ignorant few.
BTW, blacklisting will only help if it's made very public, loss of face counts far more than anything else. If it's sufficiently embarrassing it'll work, so inform their local newspapers...

banned Asia? now how about the USA ??

[psane]

Most of the spam I receive originates from .msn.com. When are we going to ban them too ?

Re:banned Asia? now how about the USA ??

I do! (block msn) Also yahoo, excite, email.com and any other made-for-spammers ISPs. I also block .cn .ru .tw .mx, ro and about 50 other top level domains. That's at the smtp server. There are others (hotmail, aol) that I can't block at the server, so I block at my in box. We are a small development shop and don't have the time to waste trying to police the web. We need to receive mail from our customers/potential customers and also some personal email. Beyond that I'll filter the entire damned planet if it means my programmers don't get a bunch of garbage in their mail, and I don't have to spend an hour a day complaining to ISPs about their sleazy scumbag spamming customers.

Re:Filtering email (additional suggestion)

[avij]

I've been toying with similar ideas as my spam:real email ratio is currently around 20:1. However, I'd like to amend your suggestion with one enhancement that I just figured out. One problem with automatically sending messages like "sorry, please enter the 8th digit of Pi to continue" is that some web services/forums/etc need to verify that your email address is valid before they let you proceed with the service, and the address they use in the verification email From: field isn't always that obvious so that you could put that address in your whitelist beforehand. And if you don't put that address to your whitelist, the mailing bots on those sites will most probably get confused when they get a reply that they'd be required to write a special reply to the error message. Having your own domain name so that you can use "random" email addresses helps (I do it myself as well), but that option is not available to everyone.

Here's my suggestion: Instead of sending an automated reply to the sender, put the received email that failed the whitelist tests to a special "hold" folder. Process that hold folder every three days or so, and mail a summary of the contents to yourself, such as:

Potential spam email received between 16 Feb and 20 Feb:

From: gzqug@luso.pt
To: gzqug@luso.pt
Subject: KNOW HOW YOUR EMPLOYEES SPEND THEIR TIME..
Quote: Stealth-Eyes "Simply the best computer monitoring software available anywhere..."

From: cwadl30629@aol.com
To: Undisclosed.Recipients@taas.iki.fi
Subject: No Risk, No Money Down Business Opportunity !
Quote: IpVecIpV="%3Cbody%20onload%3D%22pops%28%29%3B%22%3 Cbody%22%3C%2FA%3E%3C%2

From: long.lost.friend@company.com
To: myself@mydomain.com
Subject: Hi, long time no see
Quote: Greetings from the east coast. I figured that I haven't emailed you for a long time, so here goes ..

This way I'd reduce the amount of spam I get from about 60 per week, down to two summary emails per week. The valid emails can be then rescued from the hold folder after I've read the summary email. This way I can be sure that I don't send any automated replies to addresses where they don't belong. The golden rule of handling spammers also applies -- don't reply to spammers. Using your method would send the spammer (or rather, the person whose address was forged into the headers) an email, confirming that my email is valid but it is not currently accepting email from that address. The obvious downside is that people who aren't yet on my whitelist may experience a minor delay in email delivery, but they'll most probably understand when I explain the situation. I guess I'll try implementing this method on my own mail server some day.

The time is right for comedy

[Kibo]

Maybe it's me, but it seems like the time might be right for lawyers to entertain us with a class action lawsuit. If China's ISP and telecomunications companies are state owned enterprises it seems like you might be able to do something silly like sue China under one of the anti-spam laws some states have. I think the one in washington provides something like $500 per offence.

I'd love to see that full page ad, or even better commercial on late night tv. Have you recieved spam? You may have been harmed, and be owed a thousand dollars or more! We can help, but you need to help us. You can't spell sue without u!

The best would be a bulk e-mailing titled that Make Money Fast and promised thousands of dollars without ever doing anything! And best of all, nothing to pay, ever!

I Regularly Communicate With Chinese

[ackthpt]

I do a bit of email with people in China and it does have me concerned that my ISP would cut them off. In the even that happened, I'd probably setup an alternate email address at hotmail or yahoo, just to have an open avenue.

As to parts of the story:

"China Telecom's complaints address is auto-answered by a robot message that replies, 'It's not under our control,' to any message you send."

That's so ironic it's funny!

Some Chinese and Korean systems administrators said documentation for the software they use is often available only in English, which complicates securing their systems.

Not just Duh!, but Duh! So hire some english fluent contractors to help with it. Damn. That excuse is as bad as the crematorium in Georgia, USA, where they tossed bodies in the woods, for 20 years because, and this is just fantasy to think anyone could believe this, because the cremation chamber was broken, like 20 years isn't long enough to actually fix it... So how long before these ISPs decide to stop putting it off and actually fix it? Sorry man, if you get blocked, you did everything to earn it, as inaction is action in this regard.

Re:I Regularly Communicate With Chinese

[agrounds]

Regarding the English. While I was stationed in Korea in the Army, I learned that as a requirement to graduate from the equivalent of Elementary school, students must be able to read and write 'book English.' To progress past Middle School, students must have a grasp of conversational or colloquial English. The high-school requires the addition of yet another language, which the majority of students I met wound up taking Japanese. While a great many Koreans feigned not understanding English to avoid 'Evil American Military GIs', the bottomline was that the vast majority of urban citizens speak, read, and write English fluently.

Re:Considering that 95% of all my spam comes from

[An+Onerous+Coward]

Uh huh. I'm sure the amount of spam you received would drop like a stone if you just blacklisted the .us TLD.

Personally, I receive as much spam from AOL users as I do from China. The problem, of course, is that I'm corresponding with people from AOL. I'd be seriously torqued if my ISP decided to ignore AOL.

It's not just volume that has to be taken into account; it's signal/noise ratio. The fact that most American ISPs are more helpful in stopping abuse than most Asian ISPs is also a motivating factor.

This is exactly how it is supposed to work.

[base3]

There is an entity not playing well on the Internet, called the Peoples Republic of China. Its nationalized ISPs have, for years, blown off requests from administrators in the civilized network world to stop the spam. They are now being cut off. This should, in theory, motivate them to fix their spam problem. If it doesn't, oh well. This is no different than past actions against U.S. ISPs, such as the UDP against RoadRunner, and myriad ISPs being added to the RBL.

We have only our .cn spam to lose.

I personally handle spam from the .cn domain with a note to the postmaster/abuse address for the domain congratulating him on his new spiritual journey in the Falun Gong. My .cn spam has decreased markedly since I started doing that.

Why are open relays used at all?

[tomstdenis]

Please indulge me a bit. Why on such a connected internet are open relays used at all?

Re:Why are open relays used at all?

[13013dobbs]

Well, in my job, I have had the pleasure of talking to many a customer who had an open relay. Here are some VERY common reasons:

• "What mail server?" Someone's DNS has a mail server installed on it. The customer did a default install of his OS and it installs a mail server by default. Some customers are not even aware that there is a mail server installed on the box.
  
• "That old box?" "Sendmail 8.6-SMI runs just fine, why would I change it?" MTAs came 'open' by default untill about 3 years ago. You would be supprised at how many mail boxes just run at the back of some office for years on end with no intervention.
  
• "But, it needs to be open" Customers have users who travel or send mail from different ISPs. Instead of using POP-before-SMTP or AuthenticatedSMTP they just open the mail server up to everyone. It is just easier that way.
  

I hope this has answered your questions.

Re:Why are open relays used at all?

[fumble]

Arrgh. Stuff like that drives me crazy.

If a box is on the internet, it should be treated like an industrial plant on a river. You just can't set it up and forget about it! You should be responsible for preventing toxic waste and be responsible when bad things happen. These people are contributing to the problem and the worst part is they have no idea that they are!

Re:Why are open relays used at all?

[nullard]

A company I did work for had an open relay running. I discovered this when I was unable to send e-mail to the FSF. The admin has since fixed the problem.

Messages like this help close open relays:

<gcc@gcc.gnu.org>:
In an effort to cut down on our spam intake, we block
email that is listed by certain open-relay tracking
services.Unfortunately you may have just discovered the
hard way that sometimes non-spam mail gets caught
accidentally.

In most cases you can clear this up by an upgrade to
your mail server or sometimes by getting an erroneous
listing removed.

For more information about our use of these lists, see
http://gcc.gnu.org/l ists.html

The IP number that I'm denying mail from is
[CENSORED]
The list that you're on is ORBL. See:
http://search.orbl.o rg/cgi-bin/search2.cgi
for more information about this list and why you are
on it.

Many companies just don't know that they are running an open relay. If the server is supposed to be for employees only, they brobably don't have an abuse@ box. Only by informing the users will these unintentional open relays be closed.

Re:Why are open relays used at all?

[schon]

in my job, I have had the pleasure of talking to many a customer who had an open relay. Here are some VERY common reasons:

You missed my favourite:

"What do you mean spammers are using it? I know it was open, but I didn't tell anyone about it! Spammers can't be using it, I didn't even add it to the DNS"

Re:Considering that 95% of all my spam comes from

[schon]

Shouldn't I block USA?

Sure, if you feel it will help you.

It's the same arguments, right?

No, it's not.

When you complain to an ISP in the US, you will usually get a response, and they will terminate the spammer's account.

When you complain to an ISP in Asia, you get no response, and the spammer continues on their merry way.

Can't we filter out the 'good' mail?

[mosschops]

We've already got semi-intelligent filters that can analyse and rate e-mails on the likelihood that it's spam-content, so how about we filter suspect regions instead?

We'd also have to be careful about blocking all Asia too. I hardly get any spam from Japan, whereas China, Korea and Taiwan generate quite a lot.

This is what China wants...

[harmless_mammal]

Anyone ever considered that this is what the Communist Chinese Government wants?!? Having government agents producing the spam would certainly be the easiest way to make sure that the chinese population can't communicate with the outside world... Noone can hear the e-screams when they're blocked at the border router.

Another good quote

[ackthpt]

Cultural issues also contribute to the problem. Many spammers in Asia say they do not understand why spam is a problem.

"It's a sign of respect that someone sends you an electric business card. It means he wants you as a customer," said Zhao Peng, owner of a computer store in Hong Kong.

There was a joke, which if you look at it the right way, underscores the problem that is overlooked.

If everyone in the world threw a stone into the river it would dam the river.

But if everyone in the world came to the spot and threw a stone into the river, the crowding, wastemanagement, transportation, security, and environmental impact on the spot would make damming the river trivial in comparison.

Imagine even half the people in China trying to send you an email, "Hi, How are you? I am from xyzzy and would like to tell you about ..."

Re:Another good quote

Imagine even half the people in China trying to send you an email, "Hi, How are you? I am from xyzzy and would like to tell you about ..."

Honey, sell the car! I'm going to need a much bigger hard disk!

Conspiracy theory

[Nimey]

To be paranoid: Cutting off the Asian (and esp. China) because of spam may be exactly what the Chinese government wants - cf. their national firewall. Maybe agents of their government are behind much of the spam, or are forbidding ISPs from doing anything about it.

it's a terrible policy

[nuffle]

odd, i thought the /. reaction would be "censorship!, outrage!". Isn't it troubling that an organization would block traffic from an entire nation because of some abusers? I would find it unfortunate if a foriegn provider wouldn't let me email their nation's citizens because they were sick of American spam.

Yes, I do that

[phr2]

I do use unique addresses for websites and mailing lists, and haven't had too bad spam problems with them. However, there are some times when I want to publish an address (netnews), and sometimes when I want persistent addresses (if I initiate an email contact with someone, I want to use an address that will still work if they dig out the message to contact me later). Netnews attracts spam very fast, but the other kind of address also eventually gets onto some spam lists.

Anyway, these schemes aren't ineffectual; I'm just saying from experience that they don't work out as well as you might at first expect, and there are some unintended consequences.

Let's get diplomatic!

[Graabein]

I liked this quote from the article:

"Meanwhile, Europe and the U.S. are closing the doors fast on China's IP space, and at the rate this is happening the problem is going to almost certainly go diplomatic within months." [Steve Linford, a member of the Spamhaus Project]

This sounds like the way to go. If the problem gets elevated to the political, diplomatic level, it might get some press in Asia and help educate local sysadmins. It might even generate some local government incentives for ISPs to get their act together. If nothing else, it should get good old capitalism working, as in customers walking away from ISPs that are no longer able to deliver their email to the West.

So get busy and get those blocks in place on your email servers.

I wouldn't like that

[phr2]

If I initiate an email conversation with a human being, I prefer to give an address that will keep working. So I use persistent addresses that I cycle about once a year. I'm careful not to use them on mailing lists or netnews. They still get a little spam, but it's not that bad.

Filtering on sender address is rude too. I wouldn't want to assign unique addresses to senders. People send from too many different addresses. If I email someone's personal account and they try to use my return address to email me from their work account, I don't want to bounce their mail.

I think if I quit publishing non-munged email addresses in my news posts and junkfile the incoming mail to the addresses I post news from, that should get rid of most of my spam.

Re:I wouldn't like that

If I initiate an email conversation with a human being, I prefer to give an address that will keep working. So I use persistent addresses that I cycle about once a year. I'm careful not to use them on mailing lists or netnews. They still get a little spam, but it's not that bad.

With TMDA you have a number of options.

1. The easiest would be to put all of the known email addresses that you know for that person into your whitelist. Then you simply communicate with them like TMDA isn't there.
2. You could also set up your email so that you automatically generated a new "dated" address for each response that you send. You can also change the default timeout for each address so that it's longer than 5days. You could change it to be 1year if you like.
3. The other thing that you could do is to assign that particular user a "sender" address. Unfortunately that address will only work if they send their email from the same address all the time.
4. You could assign this user a "keyword" address that they would be able to use from anywhere. This also means that anyone can use that address, which means that if it got onto a spam list, you'd get mail into your mailbox. On the other hand, if you chose unique enough keywords, you'd be able to track who gave out your email address to a spam list, and then revoke that email address.

So there's a fair amount that you can do, but....

Filtering on sender address is rude too.

.... you might be happier with spamassassin which uses a number of tests to grade an email for it's spaminess. If that program thinks that the email is a spam, then you simply decide what it is that you want to do with it (e.g. delete it, store it in a different mbox, etc).

Of course this is susceptible to error, either false negatives which cause spam to end up in your mailbox, or false positives which cause legit email to end up in your spambox or deleted. I use spamassassin. I did not find any false positives, but about 2% false negatives. So I implemented TMDA to handle all email that falls through spamassassin. So far, it's kept my mailbox pretty spamfree.

Of course, your right that all of this requires that legitimate people who want to talk to me may require an additional step. What I've found is that most people who do this are happy to get confirmation back that I exist and that there email really is getting to me. YMMV.

Good luck.

Western arrogance and prejudice

So what if you get a lot of spam from some isps -- why block mail from a an entire region. This is the manfestation of traditioanl western arroigance at its worst. If you get spammed , block the ISP instead of blocking the whole continent. Could it also be the fact the the westerners have tradionally eyed Asia with a fear and loathing ?

It's not the ISP's place to arbitrarily block mail

[Control-Z]

I'm still waiting for a law that says your ISP must give you every e-mail that's sent to you. There are too many roadblocks in the e-mail system already without blocking whole countries. We can't have a delivery system with holes and roadblocks in it.

I personally had to help a customer last week who signed up somewhere like onemail.com, apparently they're a redirection service so you can use the same e-mail address forever even if your actual e-mail address changes. Well, his ISP was blocking mail redirected to him from onemail.com, so I couldn't reply to his inquiry! After looking at the bounce headers I saw what was happening and luckily it included his real e-mail address. But why should I spend my time studying the bounce message and resending messages just because his ISP doesn't do what it's supposed to do? And if I didn't know how to reply to him, he would just think we were ignoring his e-mail, not good for PR.

And don't bother saying he doesn't have to use that ISP. Maybe it's his only choice in a rural area. But either way, I think ISPs should be like telephone companies, just patch me through and keep your hands off the information!

Re:No response to complaints after receiving spam

Well, tell us at least. Did it work?

Anonymous Coward guess why?

no different...

[pcgamez]

This is no different than what many IRC networks do. For instance, Dalnet has a policy where they will ban entire ISP's because they will not eliminate hackers.

Filtering Idea, comments requested

[mESSDan]

This is mostly on topic, but a little off because it doesn't soley deal with Asian address blocking.

The idea goes like this:
Why not have a sort of "Name" tag in email. This tag could be an MD5 Hash of anything you want. If the people who sent you the email knew your name, or any valid name tag that you gave them (Multiple Name tags would be simple, just sort them into folders) You could just supply the "Name" with your email address, something like "Yeah, email me at prudan@example.com, name tag (prudan)" Anything that doesn't have your name tag would be sorted into a spam / unknown folder, or you could even bounce it back saying that the name was invalid.

Some pros and cons to the idea:

Pros:

It will require more processing power for spammers to send out lots and lots of spam. Each message would need its own checksum if they are guessing at a valid name tag.

This would really make it so that you have different email addresses, without all the aliasing. You want to use a business address? Make one of your name tags "Business", and assign that nametag to a folder just for that.

Adding this to email clients would be a trivial task.

Done at the client level, so it adds no server processing overhead.

Cons:

Spammers will start trading name tags too, so changing your MAIN name tag every so often would probably be necessary.

Getting this to be accepted everywhere would be quite a chore.

Maybe this won't work. I don't know.

Spam-blocking web hosting?

[abischof]

So, there's the ROKSO list of spammers, plus the usual MAPS and so on. Of course, there's also hieristic software such as Spam Assassin...

However, does anyone know of any web hosting providers that actually use these tools? I'm particularly interested in any that use SpamAssassin, as that appears to be very effective.

Re:Spam-blocking web hosting?

[Tripster]

I'm using SpamAssassin for my hosting clients. Also running the mail through F-Prot for some basic virus protection.

Re:Spam-blocking web hosting?

[abischof]

Looks like a nice service, even if the price is slightly more than I'm spending on hosting now ($7.95/month). It's too bad you don't offer IMAP, though -- that would have really sweetened the deal.

Russian ISP

I once e-mailed a Russian ISP about a spammer. I had a sarcastic remark in there implying that probably nothing would happen because they were in Russia. They took some offense, kicked the guy, and e-mailed me back about it.

Re:Not REALLY cutting that side of the world off..

[Skapare]

I cut them off half a year ago. Hotmail is still open, because they at least try to do something about it.

Asian problem? What about France Telco wanadoo.fr

Irresponsible administration doesn't only come from Asia.

Many sysadmins, like me are completely blocking France Telecom's Wanadoo.fr. Wanadoo is France's largest provider and, according to my system log, the largest home for script kiddies and crackers wannabe. Do a web search on Google and see what I mean.

High on the list are also xs4all.nl and t-dialin.de. At least the folks at t-dialin.de do try to address your complaint. Don't bother sending mail to abuse@ for the other two providers.

Not in my experience...

A (now) Chinese Hong-Kong e-mail service (www.graffiti.net) gives almost no spam (of course, they're not low latency kings).

I seldom need to contact them, but always got a fast, polite and efficient response in English (I speak Portuguese, maybe I should try Macaw, hmmm...).

They use javascript (no Links nor Dillo) and don't POP3, just IMAP.

Other than that, they are excellent.

Just for comparison:

Of three US free e-mails I got, one closed 2 years ago (almost no spam), one excellent is closing on 28th February (no spam at all) and another remains working (little spam, paid POP3, paid IMAP - yeah, lame).

-- Try to not slashdot them too much! --

All it would take is one big ISP to fix this

[maggard]

Dear Valued Business Customer,

As you are aware we take our quality of service here at #ISP# very seriously. As part of that we attempt to protect our customers from unsolicited commercial email (spam) and other like burdens.

Unfortunately not all ISPs are as responsible as we are and their negligence places a burden on all of us. One particular ISP, #offender# is particularly problematic and is refusing to curb their most egregious customers. In the past 24 hours we have received #number# emails from them, #percent# of which are apparently unsolicited commercial email, all going to you, our customers.

After numerous attempts to work out a solution #offender# continues to indicate they've no interest in responding to our and other ISP's requests and will not curb their customers. We are now reluctantly forced to consider alternative options. It is possible that in the interests of serving our customers we will soon be forced to block all traffic to/from this ISP until this problem is resolved satisfactorily.

This is not an action we take lightly nor are we unsympathetic to the disruption this may cause some. However without #offender#'s cooperation it is you, our customers, who are bearing the burden of this barrage of unsolicited commercial email.

We have created a special team within our Customer Service Department to answer any questions you might have and to assist you in resolving any difficulties this may cause. They can be reached at #(nnn) nnn-nnn# 24/7. We've also created a special web-site at #isp.net/offender# containing answers to the questions we anticipate and offering tools for identifying how your individual service will be affected.

We have also arranged with several of #offender#'s competitors to provide replacement service should you or your business partners require connectivity in that region, we urge you to look into their offerings.

Finally, we deeply regret any problems these actions may cause, however this is all being done in our customers best interest. We will be contacting all of our customers directly should this blockage become necessary and will do our utmost to ensure you continue to receive constant high-quality network services.

Sincerely,
#Somebody# VP, #Dept.#, #ISP#

Bet that'll get them to fix the problem within 24 hours

Dear Valued Business Customer,

We are pleased to announce that...

Legitimate email exchanges to asia...

[TheAB]

Come on! I realize this is a problem, but is the only solution to compartmentalize the world? Some of us have legitimate email exchanges with Asia for business, and otherwise.

I think SysAdmins need to realize there is life (other than spammers) off of American soil!

Re:Legitimate email exchanges to asia...

[demon]

If you'd read the article, you'd have noticed that the admins who you've tongue-lashed over this have tried to resolve the issue by contacting the far-Eastern providers, and haven't gotten satisfaction. They've either been ignored, or gotten completely indifferent responses.

Don't just assume people haven't tried more diplomatic alternatives - I firmly believe that among those who've chosen this route, it's more or less a last resort.

Never a response to Open Relay LARTs

[RatOmeter]

I've kind of given up on educating sysadmins about their Open Relays. I never received a single response out of over 50 incidents where I tried to contact them.

In one case, 210.217.41.84 was an open relay running SCO with an old sendmail. I tried to contact them at various email addies and got no response. I even got a Korean associate to try to contact an IT type at the company that owned the server; blank stares.

I checked that IP address 6 months ago, sendmail said "out of memory." I checked it today, its gone now. All this was over a period of at least a year; I wonder who finally pulled the plug and why...

-

Ironically...

[Mannerism]

In reply to this move, the Chinese government said, "Thanks", and asked if we could block Chinese access to our evil, subversive websites next.

Try this to deal with spam in China

Just remember, they have the great firewall that sniff out words...
How to deal with Chinese spam

Re:Dog Poop?

[maggard]

... rest of the civilised world ...

I take it you consider yourself part of the "civilized" bit?

Re:Considering that 95% of all my spam comes from

[Skapare]

I don't know that it's 95%, but certainly a lot does. There are dregs in every population, and the USA is no exception. The problem is, because China hosts so many open relays, the USA spammers can bounce through there to evade the blacklisting that has been placed on them already. The end result is to block the USA spammers I still have to put in filters with Chinese IP addresses.

Automate it

[Moderation+abuser]

I haven't implemented automated domain blocking yet, but it shouldn't be all that difficult to do.

I'm seriously considering it though. AOL, Yahoo and Hotmail will be the first up against the wall when the revolution comes.

Re:Considering that 95% of all my spam comes from

[Skapare]

At least AOL will attempt to do something about spam originating there. They may not be able to prevent it the first time around, but once they cut that leecher off (using the 1000 free hours) they at least have a CC number they can store in a DB (hopefully as an MD5 checksum) to compare against to prevent another signup with the same number.

Spam abuse email written in Chinese, Japanese, etc

[TheAB]

IMHO, not everyone in the world speaks English! If you received an email in Mandarin Chinese, would you read it and reply?

What if you could get a pre-written spam abuse letter in Chinese, Japanese, Korean, whatever... and cut, paste, fill in the blanks. That way the ISP in China might actually read your email.

If someone posted a generic (Fill in the blank) email, I could start my translating it to Japanese.

Any takers for the other languages?

Vipul's Razor's the best concept i've seen so far.

[Moderation+abuser]

Add some spamtrap accounts to poison the mailing lists and sugar to taste.

Two alternate solutions

[Fulton+Green]

While I've been sorely tempted to wall off anything coming from the Pacific Rim or Latin America, it seems that there are two more constructive ways (OK, maybe only one :) to proceed:

1. Multilingual spam report generator. Seems as if there's already an autogenerator (which is probably English-centric). Why not add multilingual support to it, or build a new one? You don't have to add every language, just the major ones that affect spam traffic (Spanish, Chinese, Korean, and French and Japanese for good measure).

2. Enable open relay autoprobing for certain incoming SMTP requests. This may be slightly more problematic, but it'd be nice if I was to configure my MTA of choice to test the sender IP of an incoming messagefor an open relay hole. The check would only occur if the IP address was determined to be within the range for a certain group of countries. This might be a feasible solution for those who either can't or don't wish to subscribe to an RBL.

The Problem with SPAM

[dbc001]

The problem with SPAM is partly due to the definition of "opt-in". Many spammers will claim that whatever list they bought/stole/harvested was an "opt-in" list and that you had to do something to sign up on that list. And the spammer is probably innocent until proven guilty - how can we prove that we never opted-in?

-dbc

Troll? Ha, I thought it was funny.

Mod him up!

So it's going to cost me even more money?

[Mustang+Matt]

You want me to pay for a translator to contact a bunch of deadbeat sysadmins that aren't going to care if I complain or not because they leave their systems open to make money?

Umm... No. If you know anyone that will translate to Chinese for free let me know. I'd like to send some explitives.

Re:So it's going to cost me even more money?

it's not that hard most Asian countries can read Chinese so just head over to babelfish.altavista.com and translate your email to Chinese before sending.

Re:So it's going to cost me even more money?

[shani]

Hmm... let's try this... babelfish.altavista.com...

We received mail from an open relay running on IP address 10.0.0.1. You are listed in whois.apnic.net as the technical contact for this address. Please close this relay, or we will be forced to blackhole your address space.

English to Chinese. Chinese to English.

We accept the mail transport the temporary residence IP address from one opening relay 10.0.0.1. You are listed take in whois.apnic.net the technical contact for this address. Please closes this relay, or we are will forced to blackhole your address space.

Not to shabby, I suppose. But do you really think a semi-clueful administrator is going to be able to figure out what this means? I work at RIPE NCC, and if I got the second version I'd be scratching my head trying to figure it out (and I spend a lot of time deciphering e-mail from people who don't speak English natively, who all seem to think that the RIPE NCC is continually launching cyberattacks against their site).

Re:So it's going to cost me even more money?

[aqua]

Most MTA vendors don't go out of their way to provide up-front relay-control instructions in English, much less in a selection of languages.

Though I don't buy the language barrier excuse from chronic spammers (china telecom, e.g.), the open-relay db services could help smaller ones by translating their own instructions for fixing an open relay into the languages spoken in problem areas. Though in Wanadoo's particular case, that language would probably need to be the language of stuffing their MTA manual down their throat sideways.

Dorkslayers , who don't run an open-relay database per se, do come right out and say "If your IP address is in the APNIC CIDR Block or APNIC CIDR Block2 (for instance) and it's running a SMTP service that has been demonstrated to allow third-party email relay ... well ... you may be a dork. Nothing personal. It's just business."

And speaking of port 80...

[TitaniumFox]

...the number of wget attempts we get on our Apache web server from China Telecom is amazing. 99.9% of them are attempted proxy gets for some hits-for-money thing. Somehow we got on a list of hopeful open proxy servers (which we aren't) that 3 geniuses run through 17 - 20 times a day.

Do they really hurt us? No, not really. It simply clutters up our weblogs. Does it follow any acceptable use of the pay-per-impression system? Nope, not at all. It's annoying to pay real money for my service so some foreign kiddie can (attempt) to abuse it.

Consequently, the only domains we allow any sort of port 80 access from Asia/Pacific are the Aussies and Japan.

We got tired of all the spam, too.

TiFox

You scare me

[coyote-san]

You scare me. More precisely, your attitude scares me.

If you really value free speech, you *must* accept restrictions based on time, manner and place. The alternative is to allow some bad players to use their speech to effectively suppress others.

In meatspace, a classic example of this is using a bullhorn to heckle a speaker using his own voice. An unaided voice gets the message across without making it impossible to hear the speaker, an aided voice makes it impossible to hear anyone else.

In cyberspace, a classic example are the 'bots that flood newsgroups with irrelevant messages so that the legitimate messages are lost in the volume.

As for spam, most of the messages are either illegal or for some highly questionable product or service, yet the sheer volume of it often causes legitimate messages to be overlooked.

You may evaluate the proper balance differently than me, but I have no more qualms suppressing a spammer than I do the guy disrupting a public meeting with a bullhorn.

This is a great idea! I'm going to go blacklist!

[Mustang+Matt]

Thanks for the idea.

Does anyone have an IP range that will block most of China?

Not just asia

[Martin+S.]

As the postmaster for kitv.co.uk I've found that this problem (no, flippant, hostile responses) is also starting to become a regularly feature with ISP from the Eastern Europe and Baltic Republics.

Re:Not just asia

[underpaidISPtech]

I completely agree, the Eastern bloc is almost as bad as APNIC for spam.

With the sheer volume of spam from those regions, I highly doubt that this is the work of a few misconfigured mail servers. I think it is more a case of "follow the money".

So let me get this straight...

[Mustang+Matt]

They are able to setup linux and configure sendmail and bind to add additional relays without instructions in their native language but they can't figure out how to turn them off or install a more recent version of sendmail??

Something stinks like chinese fish!

Re:So let me get this straight...

The "classic" Unix setup was to automatically run sendmail as an open relay out-of-the-box. Older versions of Lotus and Exchange also defaulted to open relays. This has only changed in the last 2-3 years, so it's quite possible that the people don't even know they have an open relay (of course they have a dead postmaster address, etc). The real issue is that the asian ISPs do absolutely nothing to 'educate' their customers about this.

However, there has been rumors that certain asian relays are run by folks on the payroll of big US spammers (and some of these relays will snip or alter the headers!). That's the stinky part.

Any thoughts to finally changing the e-mail?

[GodInHell]

Or rather than excluding huge portions of the internet and taking massive strides in a negative direction, why not re-think e-mail stanards and fix this fsking problem once and for all.

Step one: Remove the Open Relay from the e-mail server software.

Step two: Consider changing the process of sending/recieving e-mail. What if rather than actually recieving an e-mail message, a link note was sent to your mail server, The user would see an e-mail address (sender), and a subject line pop-up in their mail box. If they delete the message, a reply is sent to the originating mail server, End of Story, if they open it, a request is sent to sending server to recieve the full text.

The only real gain on this is that the sender would then be forced to carry the burden of expense.


Or we can just block people from the net in large groups, which is obviously in keeping with the inclusive nature of the original architecutre, and the free information movement in general.

-GiH

Use Opera, it's better. ;)

Re:Any thoughts to finally changing the e-mail?

[underpaidISPtech]

>Step one: Remove the Open Relay from the e-mail server software.

Good Idea. Only I can easily see someone taking some GPL'd mail server and adding open relaying into it again.

>Step two: Consider changing the process of sending/recieving e-mail....

Internet mail 2000. From DJ Berstein's site, creator of qmail.

When I was in charge of handling the spam flood at my previous job, most of the spam originated from the APNIC region. Our sysadmins would periodically go on a hell-ride and block out Taiwan, China, and Korea. We received very few complaints about 5.1.1's, just the occasional grandparent who couldn't get mail from a relative overseas.

I never recieved a response from any of the operators of the relays, save for one that originated from a Chinese government body.

Re:Any thoughts to finally changing the e-mail?

[GodInHell]

Yes, I agree that it's likely that someone would add relaying back into a GPL'd distro, it wouldn't matter nearly so much if there were only 5-12 per 1000 mail servers relaying mail. It's when the default installations of the major distros still leave relaying available. It's unfortunate, but true, that we're going to have to view the average user on the net in the next dozen years or so, as being 'not that bright' when you get right down to it. Sure they may be brilliant in their own area of expertise, but let's keep this to computing needs.

Worse, more and more people are playing around with software they don't understand, or shoe-horning themselves into jobs for which they are unfit. I hate to say it, but it's the responability of those of us who do know more or less which direction is up, to turn off all the bells and whistles by default. Default linux distros should not install a web server/mail server/ftp server unless the user takes the time to select those packages (at which point joe-admin is probably behind the wheel).

But for god's sake, let's not turn around and blame the fools using the software we left behind for them when that software leaves them open to be exploited.

-GiH

Re:Any thoughts to finally changing the e-mail?

[underpaidISPtech]

Good points. I've only used Sendmail and qmail, and relaying is turned off by default in both. Enabling relaying in both requires alot of work for someone with limited understanding of both SMTP and the individual software package. Recompiling sendmail.cf(?) is a pain, and adding relaying to qmail is wholly obtuse.

Even a newbie with copy of $distro will have to go out of their way to enable relaying, so their really is no excuse for a misconfig'd server these days. I think these open relays are deliberate.

I don't know the default status of the basic SMTP server in Windows, or of Exchange, but I can see Joe Privateenterprise installing his intranet mailserver and not having a clue. One more reason I'm frustrated stuck doing tech support. So many small outfits that "do-it-yourself", in need of a sysadmin.

Also, isn't sendmail installed by default to enable local mail? Like I said, relaying is off on any recent release, but I still see no reason for it to be running as a daemon on a default install.

My point about modding a gpl'd server was that I feared soemthing along the lines of SendSpam v1.0 being released, and the result being an army of Asian and East bloc admins installing it :(

Re:Any thoughts to finally changing the e-mail?

Great, now anyone who mails me knows if, when, and where I read their message. Another step towards a dystopia with no privacy.

Re:Any thoughts to finally changing the e-mail?

[Kamel+Jockey]

I don't know the default status of the basic SMTP server in Windows

The SMTP server is not an open relay in a stock install of IIS in Windows 2000. It can be configured to act as one however, but you need to enable this feature deliborately.

SpamCop's old answer

[Animats]

SpamCop used to have a great system for dealing with spam. Each incoming mail from a new source generated an autoreply, which had to be answered to release the mail. This was 100% effective in dealing with spam from forged source addresses, because they'd never get the release message.

Unfortunately, SpamCop gave that up, as "too annoying for senders", and went to a mediocre system based on heuristics and spam reports.

Rather than blocking mail, I'd suggest automatically filtering it with something like that. Maybe based on the IP block.

Perhaps we should add Asian ISP's?

[asv108]

To the "Axis of Evil?"

We Good Asians

[PoshSpod]

Hang on a minute

Two vital facts

1. I live in Hong Kong
2. I've never spamed anyone in my life

I'm from the UK hence I have family and a number of good friends in the West, both Europe and the States. I'm a good e-mail user and I've never sent spam. I read GNU mailing lists and I post to /. Sometime (once my C is back up to speed) I hope to write patches for open source projects.

Does the fact that I happen to live in Hong Kong for a year mean that all of this is forgotten and I can no longer talk to my friends?

Please, this is supposed to be an open forum of worldwide communication. Lets not let a few rotten apples spoil it for everyone.

I realise that since this discussion is now a little old there is little chance that this will get picked up on but I had so say it anyway. Just my 2cents if you like. (That's Hong Kong cents, of course :) )

Re:We Good Asians

[underpaidISPtech]

>Lets not let a few rotten apples spoil it for everyone.

I only wish it was a few. Unfortunately, a significant portion of the West's spam originates from within IP blocks assigned to the Eastern bloc, and Asia. And we're not talking a few persistent relays. We're talking huge swaths of the address space, with more than a handful of ISPs operating or turning a blind eye.

I have a feeling that allowing open relays might be a marketable item for an ISP in some regions.

Agreed, its good

[rastachops]

Ive had it installed on my shared hosting server, I activated it and its been great. Although I dont receive a lot of spam (thankfully) it still catches all of the odd ones that come through.

Well worth using if you arent already :)

A solution to UK UCE.

[Martin+S.]

A solution to/from UK UCE.

Make the sending or receipt of UCE against your AUP/TOS then any repeat occurrences following notification are illegal under the Computer Misuse Act Section 1.

I usually respond with the following email which has proved to be surprisingly effective even with non-UK UCE. Perhaps because most of the developed world has similar legislation, design to make cracking illegal.

--- UCE RESPONSE ---

The attached unsolicited bulk email has been received from [or downstream from] your domain. The sending or receipt of unsolicited bulk email is a breach of our Acceptable Usage Policy and is unauthorized.

This is a breach of 'The Computer Misuse Act 1990' Section 1;

1.--(1) A person is guilty of an offence if--
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at--
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.

http://www.hmso.gov.uk/acts/acts1990/Ukpga_19900 01 8_en_1.htm

We expect your immediate attention to prevent a reoccurrence.

thanks

Postmaster [@kitv.co.uk]

--- END RESPONSE ---

Re:A solution to UK UCE.

Yeah right. Well, it might be illegal, but exactly how do you plan on tracing it back to an individual when faced with uncooperative ISPs, uncooperative telcos, uncooperative governments/courts (who you will often need in order to get telco records released), etc.etc.

Re:This is a great idea! I'm going to go blacklist

[VB]

for i in `echo .tw .cn .kr`
do
echo $i" REJECT" >> /etc/mail/access
done
sudo /usr/sbin/makemap hash /etc/mail/access &lt /etc/mail/access

Japan versus Asia

We should carefully draw a distinction between Japan and the rest of Asia. The spam problem comes mostly from non-Japanese Asia. Specifically, the spam problem comes mostly from Chinese businesses.

The Chinese really do think and act differently from Americans.

Re:Vipul's Razor's the best concept i've seen so f

An alternative to razor is TMDA.

While razor attempts to blacklist spam, new spam will still get through. TMDA attempts to deny everything until it's confirmed. A bit inconvenient and painful? Yes, but perhaps this is the only strategy that will be effective against spam.

Re:No response to complaints after receiving spam

[Milo+Fungus]

While looking through my Hotmail inbox a couple of weeks ago I found a message sent to me from my own Yahoo! account about enlarging my (certain male body parts). Now, I didn't send that to myself. Shouldn't that sort of thing be illegal or something? Could they send trash email to someone else using my Yahoo! account?

Re:This is a great idea! I'm going to go blacklist

[underpaidISPtech]

Netname: APNIC-CIDR-BLK
Netblock: 202.0.0.0 - 203.255.255.255
Maintainer: AP

vasco.com

[xiaix]

vascogate.vasco.com[209.140.121.226]
I am PERPETUALLY (every 15 seconds!) being hit by attempts from this address to use my mail server. They are far worse than any site in Asia. and worst of all, vasco.com is a security related site
VASCO secures the enterprise from the mainframe to the Internet with infrastructure solutions that enable secure e-business and e-commerce, protect sensitive information, and safeguard the identity of users.

Am I the only one being abused by these people? My log files are almost useless because of their entries.
I have sent repeated requests to any address I could think of, and never even received the courtesy of a response.
They are blacklisted on RSS.

Re:vasco.com

[smack_attack]

Why don't you block them at the router?

Re:vasco.com

[funky+womble]

So, blackhole-route or firewall it rather than rejecting mails. Lots of buggy mail sending software will repeatedly hammer your server if it receives certain SMTP reject codes.

Re:vasco.com

[xiaix]

Already using RBL, problem is not successful connections but attempts to connect. My (hardware) router does not allow for selective blocking of IP address by port, and my kernel doesnt have iptables compiled in (working on correcting that).
The domain name used to belong to a BBS, which was apparently running an open relay back in mid-late 90s...

Re:vasco.com

[funky+womble]

Before firewalls were so common, the way to do this would have been to go to the mail server and type...

# route add <nasty.ip.address> 127.0.0.1

Re:Never get a response -- never wondered why?

[Wouter+Van+Hemel]

How chauvinistic is it to expect the whole world to speak your language.

Let's block the rest of the world, because they dare to bug The Brightest Beacon of Freedom and Civilization.

Hey, why does the rest of the world hate our guts...

Go ahead, mod me down, hide your head in the sand. I hope some people finally start to get that this almost unconscious racistic attitudes will bounce back and explode in your face, before Afghanistan II happens.

--
Ceterum censeo America delendum.

cell phones + e-mail = spam every hour, in Tokyo

A cell phone I had in Tokyo was constantly flooded with spam. Most of them were match-making related. what a waste of resources.

Is Florida Next?

Since we all know that most U.S.-originated SPAM comes from Florida, the next logical step seems obvious: when to we get to cut the Net pipe to Florida? Deposing JEB wouldn't hurt, either.

I already did that myself.

[PD]

I use fetchmail and exim for my mail, and I set it up to reject anything coming from or through *.kr *.ru *.cn *.my and *.jp

That cut my spam down by a huge amount. This technique really works.

It's about time

[Marcos+the+Jackle]

Korea has to be the biggest offender here. I gave up on sending SPAM reports to .kr ISPs because I have never received a response back. Never! You listening Korea?!?! I understand that there may be a language barrier in some instances, but the letters S-P-A-M are well known throughout the world. Great gobs of kimchi...

Have a day.

Re:This is a great idea! I'm going to go blacklist

[underpaidISPtech]

whoops.

here.

grep APNIC.
Of course, that includes AU, and NZ too. The other poster's idea is better ;)

Unfortunately, not much you can do.

[seebs]

I have heard tell of a guy who is getting more than ten million spams a day from btamail.net.cn. Wow!

Last time I got spam that wasn't getting responded to, I wrote back to the ISP saying that I shared their customer's interest in a Free Tibet, and then
went on with my normal abuse complaint, and I think that one actually stopped.

I got an invitation to a 30,000$ starcraft tournam

But it came from South Korea and was badly formatted email, how was I supposed to know it was legit. Man that would have been cool if I would have went, I might have won too.

Misleading Headlines....Spam?

[darrad]

I wonder if putting up a headline like the one for this story to attract readers could be a form of SPAM, or even posting misleading stories so they get listed on /.?

Seriously, I seriously doubt any system admin worth his title with block an entire country from there servers. If anyone has bothered to monitor the RFC Duscuss posting boards, you will see that blocking is done on a case by case basis.

The person who wrote this article should have their email address changed to one based in China so we won't have to deal with them anymore.

Elcomsoft and spam tools

[Alioth]

You may be interested to know that our favorite software company, Elcomsoft (of Dmitry Skylarov fame) is a company that sells spamming tools. Take a look at their massmail.ru site for confirmation (scroll down and you'll see the (c) Elcomsoft bit). Their software looks quite comprehensive and does things like checking the email address you're about to spam is valid.

Funnily enough, when I submitted a story about this, the Slashdot editors rejected it within minutes :-)

Re:This is a great idea! I'm going to go blacklist

[option8]

61.128.0.0 - 61.191.255.255
63.0.0.0 - 63.63.255.255
65.128.0.0 - 65.158.159.255
66.24.0.0 - 66.27.255.255
66.81.0.0 - 66.81.127.255
128.121.122.33 - 128.121.122.43
161.207.0.0 - 161.207.255.255
167.107.0.0 - 167.107.255.255
193.227.32.0 - 193.227.63.255
200.13.160.0 - 200.13.175.255
200.28.0.0 - 200.28.255.255
200.63.0.0 - 200.63.31.255
202.90.0.0 - 202.207.255.255
208.253.172.0 - 208.253.175.255
209.196.2.0 - 209.196.43.255
209.235.3.0 - 209.235.47.255
210.25.0.0 - 210.47.255.255
210.90.0.0 - 210.127.255.255
211.32.0.0 - 211.71.255.255
211.80.0.0 - 211.119.255.255
211.152.0.0 - 211.255.255.255
216.64.152.0 - 216.64.255.255
216.143.68.0 - 216.143.76.255
216.205.5.0 - 216.205.191.255
217.8.160.0 - 217.8.191.255

oh yeah, and china.com

Make them pay for it.

[AB3A]

The reason spam is so popular is because the bandwidth is so cheap. I think that even if one charged a small fraction of a penny per e-mail, you'd discover that spam would drop dramatically.

The other reason spam is popular is because in perhaps one out of 100,000 messages a spammer might hit paydirt. Now, suppose there were a bandwidth charge each country imposed on various governments based on the percentage of spam reported. And naturally, as SPAM levels increase, the bandwidth connection costs charged will go up exponentially.

THAT will get their attention --and ours. If you don't keep your own act clean, expect the costs to go up! And by the way, this isn't really that different from snail mail. If you're in the habit of sending bulk mail from overseas, expect to pay a premium as shipping and processing costs
go up.

Blocking is overkill. Make them pay.

education is the solution

[Jucius+Maximus]

The reason that spammers send UCE is that it works. There are enough idiots out there that read and respond to spam that if the spammer sends out ten million messages, they'll still get a couple hundred responses. And as long as they continue to get these responses, they will continue to send spam.

I think that the way to shut them down once for all is to educate people about what spam is and why it should be reported, and above all, not responded to. This way, the market that spammers will target will dry up and then they will stop sending their UCE out.

Re:education is the solution

The reason that spammers send UCE is that it works. There are enough idiots out there that read and respond to spam [...] I think that the way to shut them down once for all is to educate people about what spam is and why it should be reported, and above all, not responded to. This way, the market that spammers will target will dry up ...

Thats bullshit. You have convincingly argued that there are enough idiots out there. Your scheme requires we educate all of them. Dreamland.

I tell you what works. Send hit squads. Physically. Have an anonymous group go to a spammer and beat the crap out of him. Destroy his computers, kill his dogs, break numoerous bones. Make it hurt. Really bad. Do this publicly and repeatedly. Trust me - that will work. Just hang a few, the rest will get the message. Eons old tactic, well proven to work. People used to rule whole countries that way.

Note, though, I'm not advocating this.

Yet.

Re:education is the solution

[shogun]

Sig: Worried there might be MS pawns in your midst? Rest easy, I am not one of them.

We're more worried you might be a bishop or a rook...

Re:education is the solution

[zbuffered]

How many people still send bogus virus alerts telling you to delete the file called xxxxx if you find it on the computer, and how many people still send chain e-mail? You think we can convince them not to open spam? All of them?
There's a sucker born every minute.

Re:education is the solution

[MillionthMonkey]

Ah. You just gave me a new idea. Instead of going after spammers, we pass a law that makes it a felony to respond to spam. Then the cops send out a spam email advertising credit repair, longer lasting orgasms, free DVD copy software, etc. When this "one person in a million" responds to the email, we get to watch the police bust down their doors on "COPS". This would not solve the spam problem but it would make for great TV.

Re:education is the solution

[Jucius+Maximus]

"How many people still send bogus virus alerts telling you to delete the file called xxxxx if you find it on the computer, and how many people still send chain e-mail? You think we can convince them not to open spam? All of them?"

I solved the problem of people sending me these 'warnings.' Everytime one of the offenders sent me something like that, I responded with this: (and now they've smartened up, and are more receptive to being enlightened about other dangers like UCE ... it's a step in the right direction at least)

from: http://www.geocities.com/~nightmareskeep/gullible. htm
(the lameness filter made me remove the many *** characters)

..
WARNING, CAUTION, DANGER, AND BEWARE!
Gullibility Virus Spreading over the Internet!

WASHINGTON, D.C.--The Institute for the Investigation of Irregular Internet Phenomena announced today that many Internet users are becoming infected by a new virus that causes them to believe without question every groundless story, legend, and dire warning that shows up in their inbox or on their browser. The Gullibility Virus, as it is called, apparently makes people believe and forward copies of silly hoaxes relating to cookie recipes, email viruses, taxes on modems, and get-rich-quick schemes.

"These are not just readers of tabloids or people who buy lottery tickets based on fortune cookie numbers," a spokesman said. "Most are otherwise normal people, who would laugh at the same stories if told to them by a stranger on a streetcorner." However, once these same people become infected with the Gullibility Virus, they believe anything they read on the Internet.

"My immunity to tall tales and bizarre claims is all gone," reported one weeping victim. "I believe every warning message and sick child story my friends forward to me, even though most of the messages are anonymous."

Another victim, now in remission, added, "When I first heard about Good Times, I just accepted it without question. After all, there were dozens of other recipients on the mail header, so I thought the virus must be true." It was a long time, the victim said, before she could stand up at a Hoaxees Anonymous meeting and state, "My name is Jane, and I've been hoaxed." Now, however, she is spreading the word. "Challenge and check whatever you read," she says.

Internet users are urged to examine themselves for symptoms of the virus, which include the following:

The willingness to believe improbable stories without thinking the urge to forward multiple copies of such stories to others a lack of desire to take three minutes to check to see if a story is true T. C. is an example of someone recently infected. He told one reporter, "I read on the Net that the major ingredient in almost all shampoos makes your hair fall out, so I've stopped using shampoo." When told about the Gullibility Virus, T. C. said he would stop reading email, so that he would not become infected.

Anyone with symptoms like these is urged to seek help immediately. Experts recommend that at the first feelings of gullibility, Internet users rush to their favorite search engine and look up the item tempting them to thoughtless credence. Most hoaxes, legends, and tall tales have been widely discussed and exposed by the Internet community. Courses in critical thinking are also widely available, and there is online help from many sources, including:

Department of Energy Computer Incident Advisory Capability at
http://www.ciac.org/ciac/

Symantec/Anti Virus Research Center at
http://www.symantec.com/avcenter/index.html

McAfee Associates Virus Hoax List
http://www.nai.com/services/support/hoax/hoa x.asp

Dr. Solomons Hoax Page
http://www.drsolomons.com/vircen/hoax.html

The Urban Legends Web Site
http://www.urbanlegends.com

Urban Legends Reference Pages
http://www.snopes.com

Datafellows Hoax Warnings
http://www.Europe.Datafellows.com/news/h oax.htm

Those people who are still symptom free can help inoculate themselves against the Gullibility Virus by reading some good material on sources, such as:

Evaluating Internet Research Sources
http://www.sccu.edu/faculty/R_Harris/eval u8it.htm

Evaluation of Information Sources
http://www.vuw.ac.nz/~agsmith/evaln/evaln .htm

Lastly, as a public service, Internet users can help stamp out the Gullibility Virus by sending copies of this message to anyone who forwards them a hoax.

*

This message is so important, we're sending it anonymously! Forward it to all your friends right away! Don't think about it! This is not a chain letter! This story is true! Don't check it out! This story is so timely, there is no date on it! This story is so important, we're using lots of exclamation points! For every message you forward to some unsuspecting person, the Home for the Hopelessly Gullible will donate ten cents to itself. (If you wonder how the Home will know you are forwarding these messages all over creation, you're obviously thinking too much.)

***************
ACT NOW! DON'T DELAY! LIMITED TIME! NOT SOLD IN ANY STORE!
***************

Re:education is the solution

[4444444]

vigilanty justice is the only way to fight spam
goto http://www.goto.com and do a search for bulk email then click the links to cost spammers big bucks

Re:education is the solution

[4444444]

it's the company's selling spam services that are the real problem not the company trying to sell the product in your spam.

huh?

[BOFslime]

If a bartender can be held accountable for letting a known drunk drive home and if a gun store owner can be held accountable for selling a gun to a known felon, why shouldn't ISP's be held accountable for selling service to a known spammer?

Has recieving spam ever killed anyone?

Re:huh?

[Guppy06]

"Has recieving spam ever killed anyone?"

Fine, I'll generalize it: Aiding a known felon is itself a felony.

Spam?

[farnham]

Perhaps the chinese(insert other country) don't get the cultural refrence to Spam?
I have seen hundreds of newbie posts questioning internet lingo and definitions, Perhaps they don't get it?

How does the fish translate Spam into chinese? Can a native speaker tell us if it makes any sense?

We need to keep in mind that our grandmothers don't understand the words we use and ESOL classes don't teach much lingo.

The root of the problem

[slipkid]

I, too, was dying to block certain asian domains from our mail servers at my former company. But, as my company was an ISP with int'l offices in Beijing and Taiwan, that solution was not going to fly. As a result, we were spammed mercilessly and infected with ILOVEYOU once before management finally approved my (year-old) proposal for anti-viral protection.

The question was raised as to why nothing is done by these ISPs. In my limited correspondence with these sysAdmins, it seems to come down to the laissez-faire attitude of many asian governments regarding technology. We've all heard the stories about China wanting to block Internet access, and build their own national Intranet. But the fact of the matter is that the digitally inclined are still largely unmolested by law enforcement in matters of e-"commerce" (just look at the blatant disregard for international copyrights). Many asian sysAdmins simply don't feel that the law is on our side in this situation.

I've felt need to block more than that...

[KC7GR]

Background: I'm self-hosted (read: I run all my own servers -- mail, web, DNS, the works), so the only things I'm dependent on my ISP for are my DSL pipe, static IP's, and Usenet (the latter soon to change, once I set up NNTPCache locally). My ISP greatly appreciates this as I am pretty much zero drain on their support desk.

I used to complain to ISPs in China, Korea, Taiwan, and parts of South America (Argentina, notably) about their spammers, and their open relays. I kept giving them chance after chance to Do The Right Thing and Get A Clue.

Unfortunately, they never did. As of last October, I set up the 'Deny Access' listings on my mail servers to block traffic from any domain ending with .cn, .kr, or .tw. Thanks to increasing spam from Mexico and Argentina, and equally clueless admins in both countries, I've also blocked the entire 200.0.0.0/8 subnet.

Did I want to do it? No! I have a regular customer in Chile (I opened a hole in the blocklist for their IP range), and I had (before I closed the metaphorical doors) gotten an occasional query from the Asian arena. Unfortunately, it was either run the risk of losing a little business or be deluged by spam. Guess what I chose?

If blocking that region is the only way to get some action, so that it'll be safe to UNblock in the future, great! So be it. I sympathize with those in the respective country who are caught in the crossfire, but I would also point out that those same folk are in an excellent position to put pressure on their local ISPs to cut the spammer's access. Permanently.

Until I see some clear evidence, preferably from indpendent sources, that the Asian arena is no longer a spam source, then it will remain blocked at my servers.

Yahoo.com shuts spammers down

[dananderson]

Don't block yahoo.com down. If it's really from yahoo.com, email abuse@yahoo.com with the full email (including headers) and the original subject. They actively shutdown spammers, including the Nigerian "419" fradulent spam.

in the words on an AOLER

[DavidJA]

Same here. My portsentry logs are filled with wandaoo.fr. What is up with that?

Me too!

At least 5 times a day from wandaoo.fr. I think I'll set me firewall up to just drop all attempted connections from there.

Re:in the words on an AOLER

A small sample of my today ACL violation list...
Those IPs scanned ALL my network IP range..; I don't see french IP, and you ?
Want some sample from yesterday and the days before... I think you will find 7% from France and 93% from the rest of the world !!!

18:52:31 tcp ftp/21 2767 cliente-217217252065.cm256.manpa.supercable.es (217.217.252.65)
23:03:39 tcp telnet/23 45831 212.116.191.120.knet.co.il (212.116.191.120)
06:51:43 udp netbios_ns/137 1064 lpr-156.cable.inet.fi (194.251.101.86)

You are stupidly funny... some fench are damned stupid like some american, english, german, spainish, italian, brazilian, chinese, japanese, blablablablabla people.

I don't think there are more script kiddies or else in France than in the other countries

io

Re:in the words on an AOLER

[DavidJA]

Feb 21 00:49:37 mail proftpd[5523]: mail.[deleted](ABesancon-101-1-4-246.abo.wanadoo.f r[80.11.192.246]) - USER anonymous (Login failed): Can't find user.

This message is repeated like 500 time each day. The sites that I manage are B2B for .au customers, I don't need french people on the site, so I will block them, and all packets from them.

It's not new, and not just email

[jc42]

Last summer, I did something similar with CGI scripts on one of my web sites. The site has a number of scripts that convert files in a compact notation to an assortment of output formats. What the data represents isn't too important; the problem arose from the fact that a single small file could be converted to things like PS or PDF or GIF or PNG or ...

I'd been reading about research at the big search sites that was working on the problem of "hidden" web pages; i.e., pages that are generated on the fly by scripts that read from databases. The idea was to learn what was in a site's databases by calling the CGI scripts to extract it all. I found myself thinking "Uh, oh; I'd better watch for this."

One day it happened. A search site suddenly started invoking my scripts, methodically trying to extract all the data that I had in all of the output formats that I supported. And it did this in parallel from a large number of machines. This brought my server down and kept it down.

So I added a "blacklist" to my code. Any requests from any of those IP addresses got only a small page saying that they were on my blacklist. I included my email address in case anyone wanted to discuss the situation. Over a few months, my blacklist grew to include a few dozen blocks of addresses.

I've never received any email from any of the search sites. However, a few weeks back I got a message from a person in Singapore who wanted to use my site, but only got a blacklist message. I checked, and sure enough, his address was an ISP in Singapore. No way of telling him apart from the search bot at the same address (but presumably on a different machine).

The ISP didn't respond sensibly to my query, so I have no choice but to continue the blacklist. All I have for identification is the ISP's IP address, so I have to block everything behind that address.

I don't like blocking everyone behind an ISP, but I can't think of any other way to prevent this sort of attack on my server.

(Yes, I do have a robots.txt file. And I know how to use it. ;-)

Some first hand expirence.

[Thr34d]

I've had the fortune (misfortune) to deal with some of this first hand.

About 1.5 years ago I was working for iPlanet as a backline support person. The summer of 2000 we had a rash of Asian telecos running our e-mail server and crashing and burning.

So I got sent to Asia to try and figure out what was going on at our three largest telcos there, Unitel and Hanaro Telecom in Korea and Jiangsu Telecom (can't find their homepage at the moment) in China.

What I found in both cases was frightening. Pro-Serv had done a good job of implementing a mail system that would handle a normal user load just fine. But, in both cases the load was 5 times what was planned for. So the servers we're dying under the load.

After very little investigation it found out that several of the subscribers were spamming via their ISP. When I first pointed this out to the powers that be there I got a blank reply along the lines fo "So?".

As management and I delved into it the opinion that the ISP was forming was that these are customers, we can't just cut them off, they will leave and we will lose money.

I tried the normal counters like, "The abusers are bringing down the service for your normal subscribers. The normal subscribers are getting mad (some even started anti Unitel sites) and they're going to leave in droves if this keeps up. And then all you're going to be left with is a few subscribers who are costing you more in the long run. Bandwidth costs associated with the spamming, hardware upkeep for a few users, etc.

The sysadmins and techs got all this but management was so scared of losing a customer and that customers money that they would not dare do a thing about it.

I ended up leaving both sites having accomplished stabilizing the systems as much as I could but not solving the actual problem, getting the ISP to come up with and enforce some terms of service.

So to me what it comes down to is capitalism run amok, espically in Korea. Management is so blinded by "making it big" they fail to see the real disaster looming on the horizon.

Don't blame uncaring techs, blame the top level for driving this thing into the ground.

At least I can say I had a great time visiting those countries and taking in the other parts of their real culture. But, July in Seoul is miserable.

Re:It's not the ISP's place to arbitrarily block m

[underpaidISPtech]

The problem is that most ISP customers do NOT view their provider as a common carrier.

They expect the provider to do something about the spam, and become frustrated when things don't improve. Many problems are the direct result of ignorance on the part of 'netizens'. I'm sure plenty of people here can attest to still being hit by CodeRed probes by @Home and consumer DSL IP's. Spam, open relays, vulnerable boxen, customers that fuck-up a simple peer-based network in their home, customers that send useless BlackIce "I'm being HaX0red!" emails to support, people that respond to the wrong ISP when they get a 5.1.1 from MAILER-DAEMON....*sigh*, the people have no clue what's going on behind the scenes. This is a global information network, they want it to "just work".

I see your point about ISPs keeping a hands off approach, but then the majority of users are left to fend for themselves. If the users are frustrated by spam now, imagine their exasperation when they have to actually configure filtering rules in their mail client ;)

Can't work.

[a2800276]

Sorry, won't work. Think about it:

You have to inform everyone that you're communicating with of your name. Just like you have to inform everyone you'd like to communicate with of your email address. In order to not stifle communication with strangers, you will always have to publically communicate your "address" whether it consists of just the email address or additional information.

What your basically saying is: "I won't accept email from anyone who doesn't know my address." Which is a system of blocking spam -btw- already works now!

Adding this to email clients would be a trivial task. Adding this to all the worlds email clients is far from trivial.

Done at the client level, so it adds no server processing overhead It also doesn't serve to reduce bandwidth consumption.

Re:Can't work.

[mESSDan]

You have to inform everyone that you're communicating with of your name.

That's part of its strength. Heck, you said yourself that you have to inform everyone of your email address, I mentioned in my original comment that you would tell them your "name" at the same time. How is that hard? How is that any different than giving them your email address to begin with? What this would do would be to reduce the amount of unsolicited email you see, yet people that write to you that have your "name" and address would be people who probably have something to say other than "I have a great offer for you!", and would be people that have atleast seen your name somewhere besides a Spammer's hotlist.

Yes, adding it to every email client would be far from trivial. But adding to any "standard" requires upgrades of software. If you think about it, almost everything from browser upgrades, to OS upgrades are all non-trivial, but they are still done, and done often. Who's to say that Outlook couldn't support this in its next version?

And yes, it will not reduce bandwidth consumption, but if you think about it, it has more of an ability to reduce the value of spam over all, which could reduce bandwidth consumption itself.

Re:Can't work.

[Scooby+Snacks]

How does this differ substantially from the + convention -- ie, prudan+Business@example.com? You could just filter out everything that doesn't have a + in your address...

Re:Can't work.

[mESSDan]

It is different because the name tag would be an MD5 hash. If you're not sure what an Md5 hash is, look it up. The main difference is that prudan+business@example.com is a plaintext address, whereas prudan@example.com nametagsomewhere in email:{d6e6cb19e3b9c02f89d6cd54cfa7c613} is a lot different, and doesn't immediately stand out that it's the business name. Also, that's the md5 hash for "Business".

Re:Can't work.

[a2800276]

How is that any different than giving them your email address to begin with?

Well that's the point! Put another way: How is this scheme of warding off spam any different from not publishing your email address in the first place?

The reason you make your address public is to be able to be contacted. In order to be contacted you'd have to pass along the "name" attribute along with the email-address, but if you publish the special name attribute you lose the spam protection. If you don't publish the "name" along with the address you might as well not publish the email address in the first place because it would be useless.

Sooner or later your "name" tag will be popping up alongside your email address in spammer hotlists anyway. As a preequisite for being useful your "name" needs to be similarly accessible as your address in order for people to be able to reach you. I do get unsolicited email that isn't Spam (eg follow-ups to usenet discussions ..) and I really don't want to miss that aspect of communication.

Also: the MD5 scheme wouldn't really work either, cause it's open to replay attacks. Anyone that's cc in a mail to you will see your hashed "name" attribute in the header, can copy it and will be able to send you spam. To solve that you most definately WOULD have to modify server software and add server-side processing. Because the system would have to be universally used in order to be useful that means -wait- modifying every single piece of software that has to do with email transport, delivery and application in existance. (OK that's kind of polemic, I realise that there would be safe ways to pack an additional attribute into a mail header)

In my opinion, it would be more productive to make the originator of the email to use some kind of "name" to unrefutably identify him/herself, but that would be technically more difficult to enforce and would also raise some freedom issues.

But, that's all pretty much irrelevant because the protection offered is -even if technically feasable- the same as the protection offered by just not publishing your address.

-tim

Re:Can't work.

[mESSDan]

Well that's the point! Put another way: How is this scheme of warding off spam any different from not publishing your email address in the first place?

I disagree. What about when you get spam even though you haven't published your email address anywhere, or to anyone? (Spammers can just connect to an email server, and start picking names and sending those addresses spam) The difference is that you would still get the spam email, but that it wouldn't be in your normal email box, or even seen at all (or you could bounce non-correct nametag email back to sender asking for a correct nametag, or even suggesting a nametag).

And it wouldn't really stop you from getting unsolicited email, just unsolicited email from people who don't have a valid name tag. The difference? Wherever you post your email address, include the nametag that you want people from that particular place to use.

This scheme would be open to Replay attacks? Well, anyone getting cc'd my email would probably be someone who I wouldn't mind giving it to anyway, (I say this because I have never heard of any of the people I send email to forwarding it to a spammer), but a business that you email with a nametag, if you start getting spam back with that nametag, you retire it and also stop using that business. How's that?

I still don't see why anything other than the email client would need this functionality. To the server, it would still be the same old email. I don't see a need to modify the email header, even though that probably wouldn't hurt. It could just be a part of the body. Nametag:"Md5hashhere". That as part of a .sig would be no problem.

Re:Can't work.

[Scooby+Snacks]

Yes, I know what an MD5 hash is.

But if you want people to reach you, you would have to give them the email address and the tag. How is that substantially different from prudan+d6e6cb19e3b9c02f89d6cd54cfa7c613@example.co m?

Re:Can't work.

[mESSDan]

The main difference is that since something like that wouldn't happen at the client level, you couldn't set it up unless you had server access (or you created user controls for something like this). Sure, at the server level you could create an alias for it, but that's it (Or is it?). Something that is differentiated by something located in the body of the email(ie in this case, a nametag) is something that a client is has more control over.

Another thing is that when Hotmail.com sells your email address, they can't sell your nametags. (Unless they start checking all of the outgoing mail, which isn't impossible, but impractical).

Your idea has merit, but I dislike it because a spammer wouldn't be required to change anything in their software to grab it. (Of course, the flipside of that is that neither would anyone else). This makes me wonder if maybe an obfuscated email address that is a complete MD5 hash like d6e6cb19e3b9c02f89d6cd54cfa7c613@example.com is the answer. But again, I come to think that it's just something that can be added (easily) to a spammer's list.

Bleh. I think I'm for changing the email standard to something that makes spam something almost impossible. Something that could be done at the client level. I'm open for ideas, I guess ;)

Tittilating Titles

[whoop]

Then you sure as heck need to take some lessons in hyping from the good folks here at Slashdot. Banning one domain in China just isn't a story. All kinds of big ISPs have gone through phases of being home to spammers. To really drive up the crowd (and hits) you need to get everyone on a crusade.

See what it's done here? People complain when posters don't read articles and such. But it's really quite clear the "editors" don't do it either. :)

Another problem

[Ilgaz]

I was subscribed to a Korean shop network mail list accidentally. Someone did it I assume. One who did it knew I wouldn't get rid of it simply and subscribed me to it.

Now I get legal (non spam) mails to my Yahoo mailbox everyday. As I check, I figure its simply Korean mail advertising some t-shirts etc. Mail sent to MY e-mail, the one listed on Yahoo... I block it. Than next day I get mail from same company groups another company, of course, with another mail adress...

Guys aren't spamming me. Just they stupidly made a system easy to abuse. Like no verification like "Click YES or reply to this message" verification included.

I contacted them via Spamcop, they said they now figured I don't want those mails and they are investigating who subscribed me to that. The problem is, I believe those systems as Yahoo etc. has a system that after certain people click on "block e-mail adress" while reading mail, they a) automatically add them/their IP block to spammers list b) they investigate.

I don't think in such a closed country as China there aren'T people to abuse SMTP servers as they are owned by the goverment or companies really near goverment already.

Re:Considering that 95% of all my spam comes from

In my experience, AOL is actually very responsive to spam compliants, and will actually tell you when they've 'nuked' someone for spamming. (for mail that actually originated from AOL, of course.) That's more than can be said for most large ISPs.

Blocking

[jyoull]

wanadoo.fr, chello.nl, all of .tw, all of .cn, all of .th are blocked from my servers, and good riddance. We catch several megabytes per week from those places, and it's nothing we want... massive unreadable binaries, old e-mail viruses... and no way to stop it.

Re:Dog Poop?

I'm not an anonymous coward, I'm just io...

English people store a cake during monthes before eating it.

Chinese burn dog's hair while they are alive because for asian the more the meat suffer the better it tastes.

American only eat industrial food then no need to ask ourself why they are so fat.

I don't like snails and frogs' legs even if we cook it... I don't like horse anymore... But I think what we eat here is much better than US Pizza Hut, MacDo and co !!! Here when we cook some meat, it is not alive !!! Here we don't eat rotten cake !!!

You have your bad sides and we have ours...

To finish my ACL logs are full of IP from Asia, US, Germany... French scan outside France... Yes, it's surely true but some non-french people scan in France and not in their country. What's the problem ???

"Script kiddies" are not french words... May be it's because "script kiddies" appeared in YOUR country.

Re:No response to complaints after receiving spam

[jon514]

I've got exactly the same situation going on with my e-mail host name right now. I get approximately 200 bounced e-mails coming to me per day. I tracked the ISP down to the Philippines, & no response so far from several e-mails.

Is there any way of stopping them? The only thing I can thing of is a direct attack on some of their systems, but that probably just reduces me to their level.

Re:Dog Poop?

Fish fileted alive is one of the best tasting sushi you'll ever have.

I've had raw horsemeat before, I thought it was tough, though it had a good flavor.

anti-french sentiment

[JimmytheGeek]

True: in the waning months of WWII, when the city of Strasbourg was threatened by a German counter-offensive, DeGaulle insisted on a militarily unwise defense. Eisenhower then insisted on an offensive to clear the Germans west of the Rhine to end the threat. French troops made no progress. American reinforcements were necessary. DeGaulle angrily asked if Ike "questioned the valor of French troops." I think the question was settled in 1870, again in 1917, and for all time in 1940. 3 French divisions were then withdrawn without permission for "rest and refitting" (with American supplies) in spite of the fact that American divisions had just beaten back the Germans in the Battle of the Bulge and probably needed the rest more than the French. And then the Frogs ^H^H^H^H French disobeyed orders and attempted to seize additional occupation territory in Germany at the expense of the US/British plan. For some reason, Ike didn't simply cut off the supplies. It was American gasoline, food, and ammunition the French forces were using.

In addition, DeGaulle snubbed Roosevelt on FDR's return from Yalta. Staggering ingratitude, considering the American death toll for the Normandy campaign was 29,000, another 106,000 wounded/missing.

In Ike's place, I would have liberated Holland and Belgium, and invited the Germans back into France.

Re:anti-french sentiment

[Lemmy+Caution]

In many ways, the French attitude towards war then is similar to the American attitude to war now: they favored a go-slow approach in order to reduce casualties. The French, unlike the British and the Germans, did not have pronounced differences in class between the officers and rank-and-file. Generals like Petain were known to adopt primarily defensive stances in the interests of protecting their men. British and German officers were taught by both upbringing and military doctrine to be fairly indifferent to the lives of their enlisted men.

During the First World War, the French fielded an army of over eight million men, as compared to the one million fielded by the US. A little over one million French soldiers were killed in the trenches, and 4 million injured. (I think the US body count was a couple thousand.) It was the horror of this experience that led Petain to surrender what was left of France after the Germans invaded Paris during the Second World War.

Re:anti-french sentiment

[steve]

hum.. can you say "Lafayette" ???
or do you even know your own history ..

bah sad day for me to see this very very very silly thread on /.

Re:anti-french sentiment

[pivo]

I see you have remembered some low points in French history. The implication seems to be that the Brittish and Americans have never done anything wrong in their entire history as nations. Is that your claim? Do you think the French somehow have a monopoly on this sort of behavior?

Re:anti-french sentiment

[Choron]

You're So funny. Is your life really that crappy that you have to whine about something totally unrelated ?
My advice for you : breath deeply, try to find a nice girlfriend if you can and you'll see life can be better for you if you try, nerdy "Jimmy"

privacy?

pff, what has spam to do with privacy... they enoy me, but they do ot invade my privacy, i just use my mutt keysequence and bye bye spam for a long time.

and blocking out country's??? desentecing their isp.. you must be an american to use such words... maybe i should start blocking all american tld's because yoou all seem to be people who want war... hell, there are mor asian people who are able to use a computer, so there will be more spam from that way. an even then, most of them have an asian charset so how the hell can they insult me if i can't read it anyway...

What language did you use?

English is not widely used or known in Asia. And engineers are notorious for bad language skills.

Try Korean next time.

Marko

Spam from korea

I keep getting about 3 to 5 pieces of spam email from korea per day! My attempts to get off of the mailing list that I am on have been fruitless. I'm all for blocking it.

Sounds familiar

[Cybertect]

Would the spams be from 'Universal Advertising Systems' or Internet Information Services' by any chance?

They've hit summerisle.demon.co.uk the same way too, but at the rate of about 1000 a day for a couple of weeks. (see http://slashdot.org/comments.pl?sid=28202&cid=3030 850)

ISPs in the Phillippines I've tried to contact about this are:

• webscape.net
• info.com.ph
• philwebinc.com
• etpi.com.ph
• cureinc.com

N.B. Cureinc at least appears to have no abuse and postmaster accounts (!?) I think they should read RFC 822 and RFC 2142

Not a response from any of them and it's still pouring in.

Mod parent up!

Troll????
This is pretty insightful actually, because it's the friggin' truth.

Your Sig

[flimflam]

I used to have a cool sig but people replied to it more than they did my comments.

So... What was it?

Re:Your Sig

[macdaddy]

If knowledge is power, and power is sexy, than how come I'm still single. Spawned lots of debate. ;-)

J'aime la France.

It's just a joke. I love France, but people make fun of it because it's an easy target.

We make fun of people who are different. It's human nature.

I don't read Chinese...

[jswitte]

This will probably never get read by anyone, considering there are 400+ comments already.. But I've noticed I've been getting a bunch of spam lately. Except it's all gibberish, because I don't have two-byte language support installed on MacOS X.. And even if I did, I don't read Chinese, Japanese, Korean, Vietnamese, Punjabi, or Sanskit.. I would bet neither do 80 percent of the other people who get the spam..

What a new low. First it was spam we didn't want to read, now it's spam we can't read. And the worst part of it? I don't event know how to unsubscribe (or let them know they have a 'live one'..) So I just delete it.

I get about 50 spams a day (in addition to the 300 or so messages I get from various lists that just get filled away in folders). Some day soon, I'll get tired of it all and get a new email address. Until then, it's not worth the trouble to try to get off the lists.

Re:I don't read Chinese...

[demon]

Do you have an account where you can get a shell on the mail system, and install a filter for yourself? If so, SpamAssassin is an excellent choice for fighting spam. It has a very broad rulebase, which catches all kinds of typical spam behaviors, has whitelisting support and adjustable thresholding, and other nice features. I just began employing it on my mailserver at work, and it does a great job.

No, I'm not a developer, just a very satisfied user.

All my Chineese E-Mail Is Spam

Two years ago my email address appeared on a list of email address that was freely distributed in China as a list of
people who wanted email about new web sites. Once that started my mailbox was filled with over 40 messages a day in
Chinese extolling the virtues of some idiots Chinese web site or product. My only choice was to block the entire IP space
of China from my mail servers for both my users and myself.
I provide email services for 22 users. Today my email server rejects over 600 emails per day from China, and the
number only seems to increase with time. Neither I or any of my users have any reason to get email from China, thus all
of these rejected messages must be spam.

irony is. . . .

[Com2Kid]

The damn spam is IN the native language of the sender.

Which is compleatly stupid.

Why the HELL are they sending me spam in another language?

The Russians do this too.

Do they think that I am going to go through babelfish JUST to read THEIR spam?

Honestly, how stupid are these spammers? Why not just send out compleatly random junk characters on a massive scale, the profits would be the same.

Re:irony is. . . .

Because if, by way of having posted to usenet or having their email address on a website, they have found themselves on spam lists, they have probably experienced exactly the same themselves from American spammers.

(posted as AC, because it's not fun to say anything that spammers might not like attached to a real domain name, like my /. account is).

Re:irony is. . . .

[Com2Kid]

I am talking about the logic of spamming somebody in X language though.

Percentage wise, a spammer should either be going for English or Manderin. Spamming outside of China, English is the most likely language of choice.

Especialy if they FOUND my e-mail address on an ENGLISH website. ^_^

You figure that the the spammers would have software advanced enough (AkA check the headers of a page. . . . ) to tell what the native language of a website is and add people to the appropriat linguistic spam catagory.

But noooo, I get spams trying to. . . . well I have NO idea what the hell they are even for, but they are in either Russian or Chinese. (I _DO_ check HTML source. :) :) )

Now then, I did somehow manage to get on a list for a semi-annual e-mailing of free porn from some site in Taiwan. Why can't I get more spam like that???? :) :) :)

Oddly enough I get about equal percentage ratios of spam in English and in Some Other Language.

This is my real e-mail address, until I posted it here on /. I got exactly THREE pieces of spam EVER. Period.

Now I get something like 2 or 3 a week.

Originaly the e-mail was not masked in any way, even so it took two weeks before I got any spam to it.

Not good.

[SirLantos]

First off, I would like to say that I despise spam. I hate it in the worst way. But, to do something like "ban Asia" is a bit of an overkill. Part of what makes the internet great is the ability to ignore what you don't like. Is it really such a big deal to simply hit the delete button? The people who say they don't want any gov. interference with the internet are the same ones that want spam laws made. Is it just me or is that a bit of an oxymoron? Of course that is just my opinion, I could be wrong.

Re:Not good.

[realjungleboy]

Just delete them is not a solution, you probably don't pay for bandwith for any large email servers. It's sort of like someone coming into your office making thousands of copies using you're toner, paper, power, then using your postal machine to tack 34cents off for each and dropping them in your outbox for the mailman. a bit far fetched? maybe, but not to far!

take responsibility?

[sister_snape]

So, it is ok and even mandatory that an ISP monitor spmamers using its service but totally un-OK that the same ISP drop your web page if someone claims (not proves) copyright enfringement or hands over your records to government officials who claim it is the responsible thing to do? Methinks we are a bit two-headed about our support of freedom and privacy. Also, any reasonably competent spammer (oxymoron I know) would relay through some other smtp equipped but inadequately guarded machine.

It's not so much hate as cordially dislike

A people that insist that the Prime Meridian runs through Paris, 100+ years after everyone ELSE agreed on it running through Greenwich, is insane.

Holding a parade to celebrate this fantasy is f**king nuts.

You think the rest of the world is trying to take your culture away? Honestly we could care less - you are destroying your culture better than we ever could (if we wanted to, and we don't, we really don't) every time you insist on such insane fantasies.

Hell, I'd like it if the Prime Meridian just followed me around wherever I went - the rest of the world can just live with computing their time relative to me. Maybe I'll hold a parade during lunch to celebrate.

Whoa! I own the domain your.org!

[toastyman]

After all, when was the last time You, as a sysadmin, responded to an informative message to postmaster@your.org that was written in an Asian language??

Wow, it's so rare that slashdot speaks to me this personally, since I'm the owner of your.org. (Really! Go do a whois on it).

I have to say I'd probably throw away any e-mail in an Asian language, since up to this point, every Asian language e-mail I've received appears to be spam.

There, wasn't that esay! That's what I'd do, case closed, problem solved.

P.S. When you guys fill out forms asking for an e-mail address, PLEASE PLEASE PLEASE do not use domains like that. Someone owns them. Use "domain.com" or "example.com" instead, which will never resolve to anything. "your.org" gets more spam than you could possibly imagine.

Re:Whoa! I own the domain your.org!

[douglips]

P.S. When you guys fill out forms asking for an e-mail address, PLEASE PLEASE PLEASE do not use domains like that. Someone owns them. Use "domain.com" or "example.com" instead, which will never resolve to anything. "your.org" gets more spam than you could possibly imagine.

Note that while example.com is owned by IANA and is a true 'example' that doesn't go anywhere, domain.com is in fact a valid domain. Whether or not they deserve the spam is a different issue, but it certainly does resolve to something.

Re:Whoa! I own the domain your.org!

[Bronster]

[domain.com] is in fact a valid domain

And domain.com.au is a real-estate listing company. Strange.

Bush's Axis of Evil

[cburley]

Accoring to my spam statistics, the axis of evil consists of China, South Korea and USA. Somebody please explain it to GWB.

No, that's the access of evil.

The axis of evil started out as the States of Iraq, Iran, and North Korea.

Last week, after meeting with the Canadian Prime Minister, Bush added French Skating Judges to the list.

Meanwhile, there's a figure skater from North Korea who threatens to win Gold Thursday night, because she's the only one who can perform the dreaded Quadruple Axel of Evil.

Let's make money off of the spammers!

[Eric+Damron]

Spammers have for a long time made money off of all of us by using up bandwidth that we end up paying for. I say we turn the tables. Here's how:

We make a new unreality TV show called Slam A Spammer. We dump 20 or so spammers dressed up in Porky the Pig costumes onto a deserted island. We give them and hour or so head start.

After that 100 or so victims come on shore wearing Elmer Fud costumes.... You get the idea...

Re:No response to complaints after receiving spam

[Oliver+Defacszio]

I guess that's what happens when you have a...

huge_penis_now@yahoo.com

... mail account name.

Spam Scanner?

Anyone try to use a client side spam scanner? Are these too hard to use?

Effective, but....

[yogensha]

...blocking based on geographic location is borderline political statement. My company has lost customers over this. We eventually relaxed our policies and the spam flows freely.

One thing I noticed is that alot of these asian spammers use IP numbers without reverse DNS. This is a no-no, and any competent sysadmin will have reverse DNS for all hosts (especially important ones like mail exchangers). We implemented that yesterday and have seen a dramatic reduction. Most of the denies are from the 210 and 211 prefixes, which are delegated by APNIC. Gofigure :)

what's perplexing

[maxpublic]

What's perplexing is that some of the folks posting here seem to think that blocking beyond individual addresses is somehow morally reprehensible. How they come to this conclusion is beyond rational analysis, for one very simple reason:

My machines are *my* machines. They aren't *your* machines. Once you've grasped the basic idea behind 'property', followed by the qualifier that 'my property' *is not* 'your property', then perhaps the naysayers will begin to clue in on the fact that whatever rules I set up for the use of my machines are perfectly acceptable no matter how different they are from the rules these folks have set up on their machines. There's no moral argument to be had here, and no high ground to take.

I've blocked aol.com for years, and over time have added hotmail.com and other repositories of clueless idiots and spammers. Soon I'll be moving from a 'blacklist' approach to a 'whitelist' approach, based on the idea that if I don't know you I really don't want to hear from you. There's absolutely nothing wrong with this. If larger companies wish to ban entire blocks then that's their business; if their customers don't like it then those customers can either try to get the company to change their minds or use some other mail account. There are so many different free webmail services out there that there's no reason that someone who objects to an ISP mail policy can't use webmail instead. Hell, get a hotmail account and you're assured that *nothing* will be blocked, ever.

Sometimes it seems that some of the people here can't get a solid grasp on the idea of 'property'. Just a couple of days ago it was the concept of 'wasted cpu cycles', now it's 'shame on you for banning Asian email'. Communists.

Max

Re:what's perplexing

My machines are *my* machines. They aren't *your* machines. Once you've grasped the basic idea behind 'property', followed by the qualifier that 'my property' *is not* 'your property', then perhaps the naysayers will begin to clue in on the fact that whatever rules I set up for the use of my machines are perfectly acceptable no matter how different they are from the rules these folks have set up on their machines. There's no moral argument to be had here, and no high ground to take.

Well, of course, your ideas are not in line with the communists that troll around here. Your server is MY server.

The New Great Wall

[TrentTheThief]

I've been operating my own domain 94 or so. Since I've kept the same addresses and aliases for this long as well, I receive more spam than any Hormel-loving person can stand.

My most recent hosting moves have been spam related. The primary problem, though, has been a lack of worthwhile response from _MY_ hoster, not the spammer's ISP. Decent email blocking is almost non-existent. Well, perhaps only in the cookie-cutter dominated hosting market. You know the ones I mean. The "5OO MB and 20GB for $19.95" "control panel administration" kind of marketing identifies them fairly well.

I have changed to a dedicated host simply to be able to use sendmail's spam-blocking capability. Sure, it's about three times as expensive, and some (hell, a lot) of the 300 GB of bandwidth will go to waste, but it sure won't be wasted with spam.

The Asian spam would not be so bad if most of them would at least have the sense not to send BIG-5 encoded email to my .com. At least then I could read the porn spams.

I now block China, Korea, Taiwan (damned seed.net.tw). This is in addition to blocking open relays and a few countries in Europe.

I'm egotistical enough to think that everyone should speak English. But now, if I get spam from a country whose language I can't read, I'm going to block mail from the entire country. It isn't hurting me to refuse foreign language email. It's meaningless, anyway.

Hey, I got a responce!!!

The frequency of spam from that domain increased exponentially.

NR

What about those of us who have Korean friends?

[aoeu]

How will I get mail from my friend in Korea if some ISP sysadmin decides that Korea is no good. One thing is for sure, I pay for my mail and I want it.

Are you guys all brain-dead?

[njdj]

Americans are not renowned for knowing anything about other cultures. Guess whether cutting off all email communication with the continent where over half the world's people live, is going to improve that.
Personally, if my ISP blocked mail from Asia I'd have to change ISP immediately, because I have a friend in Beijing, a friend in Tokyo, and a friend in Kuala Lumpur. Email is by far the most practical way of communicating with them regularly.

You can reduce spam by (1) getting a Yahoo (or similar) email address - they have a pretty good bulk-mail filter - and (2) changing your email address every couple of years.

Re:Are you guys all brain-dead?

[realjungleboy]

i also suggest selling your house and moving every two years to avoid junk mail...

Re:Are you guys all brain-dead?

[luna69]

It's not appropriate to change my address to keep out unsolicited email, any more than it is my job to move my home to avoid salesmen at my front door.

Rather, it is an ISP's job to ensure that their customers are using their access in appropriate ways, and that includes ensuring that they're not facilitating unsolicited commercial email.

If they refuse to make changes to their TOS, or refuse to improve enforcement of existing TOS, then blocking traffic is an entirely appropriate means of behavior modification.

It sucks that you'll miss out on your friend's mail - but when they complain that their messages aren't getting through to the U.S., the ISP will quickly adjust their policies. And if they don't, then we were right to block traffic in the first place.

As for using a web-based email service - I get plenty of spam with Yahoo!, Hotmail, etc., despite the filters. And no, I don't publicize those addresses. Besides - allowing my choice of email service (WWW, POP, IMAP, free, pay, whatever) to be dictated by the actions of people sending unnsolicited advertising is unwarranted, because I'm not the person engaging in socially unacceptable behavior.

(the address below is heavily filtered...and some still sneaks through.)

Asian ISP's

"Has anyone ever had any kind of constructive conversation with one of these ISPs to see why they are unable or unwilling to do anything?"

All I ever got was, basically, "bite me, round-eye!" Not helpful...

Finally - China wins

Yep. If you were China and you wanted to prevent data flow with the west you would want to cause a waste of money for those enabling the data flow... say ISPs. This was a cheap tactic by China to make a different internet. By playing both sides (ie paying some US corps some money to help with some part of their problem) they draw your attention elsewhere.

once again the /. kneejerk is off target

@rsa

BTW best wishes with the gal Taco boy!!

USENET has been doing this for years.

[Pharmboy]

USENET backbones have used this policy for many years, and it works. Pisses a few people off, including the ones that are trying to send legitimate email (or usenet msgs), but in the end, if the ISP doesn't take care of business, it looses it's good customers who want to send legit email to other ISP's.

The proverbial "voting with your dollars": If the ISP can't connect because its spam policies suck, then it's customers "vote" them off by changing ISP's.

More power to them!

It's not just email

One place I worked had to block credit cards that were issued by the bank of Taiwan after a bunch of bad transactions were traced back to them. The bank never answered any querries or ever flagged the CC numbers as bad.

You're wrong

[Kris_J]

The article may think it's hype, but about three days ago I turned on all of Spamcop's blacklist options, including one that read "Korea (the country)".

Maybe they don't speak English?

[roybadami]

When you receive an e-mail from China, entirely in Chinese, do you find someone to translate it for you, or just delete it assuming it's spam? After all, all your customers are in the US, and even if some of them are Chinese, certainly none of them would expect *you* to speak Chinese. The only Chinese e-mail you've ever received is (by all accounts, though you can't be sure) spam, and it's well known that lots of spam comes from China.

When an admin at a Chinese ISP receives an e-mail entirely in English, does he find someone to translate it for him, or just delete it assuming it's spam? After all, all his customers are in China, and even if some of them are American or British, certainly none of them would expect *him* to speak English. The only English e-mail he's ever received is (by all accounts, though he can't be sure) spam, and it's well known that lots of spam comes from the US...

ABONDON SHIP!

[Jetson]

Eventually the various Asian admins that are causing this will get the clue and fix their mail systems.

Or maybe not.

I think we're well past the point where arguing with spam hosts makes any sense. We would do better spending our time developing a replacement for RFC822. When people started sniffing Telnet sessions we created SSH. When people started attacking FTP we gave HTTP the ability to do uploads. Now that spammers are killing the internet we simply have to abandon SMTP/POP and move to a more intelligent delivery system. For example, perhaps all email should be left on the originating server for pickup (with only the headers sent to the recipient) rather than filling mailboxes at the receiving end. If you're writing a completely new email protocol you can do whatever it takes. Of course, the hard part would be to introduce a new protocol without giving Microsoft the ability to embrace and extend it into a proprietary produce. I'd be surprised if MS and/or AOL aren't already working on it...

what's there to read?

[poemofatic]

Forwarding a mail to abuse@blah or postmaster@blah
with the single word "spam" and full headers should be all the info you need.

AFAIK, a sysadmin or postmaster should already understand the headers. So the only thing left which might confuse a non english speaking (yet otherwise competent) admin is the obscure single word "spam".

More effective pressure

[poemofatic]

What about those places where the local telco has a monopoly on isp services? It might not care about user pressure.

The obvious thing to do with open relays is to use them yourself. If top party leaders/businessmen in China suddenly found pro Taiwanese rants in their inbox, or penile enlargement ads, then I think the Chinese Telco would become very responsive to closing the relays.

It's a no brainer. If you have 0 abuse staff and 1,000,000 censors -- change the definition of debate.

"My portsentry logs are filled with ALO.COM"

[Choron]

I find it really funny to see people replying that they get their logs filled with "wandaoo.fr". Well for your information the correct spelling is wanadoo.fr, so please check your spelling if you want to be taken seriously.

Re:"My portsentry logs are filled with ALO.COM"

so please check your spelling if you want to be taken seriously

You have posted 82 comments, the last 24 have not rated over 1 (there are several 0's). If anyone has a problem with people taking them seriously, it's you.

Re:"My portsentry logs are filled with ALO.COM"

[Choron]

ROTFL ! Hey coward, why don't you think before posting next time ?

Wanna play a game?

[RockyJ]

Lessee.... I don't really want my people to see outside the box I have built for them. How can I annoy the world so that my people cannot see outside the box?

It's not about content.

Do we really want ISP's taking responsibilities for the actions of their users?

Yes. The issue is unsolicited bulk email (UBE), not whether it is pornographic, fraudulent or whatever. We want the ISP to be responsible for behavior, not for content.

Obligatory Cable Guy Reference...

[kev-san]

Oh my God, oh my God! My twin brother's been spammed! I think it was some Asian spam or something... there was this spam; it looked Asian! It was written in another language, I'm pretty sure it was... Asian!

God bless Ben Affleck.

How about banning Nigeria

[Taco+Cowboy]

I don't know how many of the "letter from high-placed officers" I've gotten from Nigerians.

You name it, they have it.

High places from the "daughter" of the Nigerian president, to the "son-in-law" of the Nigerian Agriculture Minister, to the "right-hand-man" to one of the "Top General Of Nigeria", all saying, one way or another, "We need your bank account number so we can transfer some dirty money and you help us clean up the money and you get a portion of it".

It's a scam of course. Even if it's NOT a scam, I won't participating in money laudrying operation.

But these scam emails come from Nigeria - or people claiming to be Nigeria - all the time.

I get these emails in my mailboxes located in Asia, Europe, Americas (North and Souths). Seems like they spam the entire globe, looking for "bank accounts".

If there is a _real_ need to ban anything, why don't we start by banning Nigeria ?

Re:How about banning Nigeria

[DavidTC]

Do we even know the people sending those are Nigerian? I always assumed not, it was just a generic 'grab the account number so we can do a money transfer' thing, but my Kenyan roommate seemed to think they were actually Nigerians. Of course, he didn't hold the entire country of Nigeria in very high regard anyway, so I don't know.

Not *all* of Asia

While I would like to block cn, hk, kr, nz, sg
and tw, and some of the begies providers in oz, I
haven't yet received enough spam from in or jp to
want to block them.

MailExpire.com is your friend

Try www.mailexpire.com. It's a very simple but very effective solution to your problem. You create a temporary address with a 'note' so you can remember what/who it was for and set a timeout, after which the addr is simply invalid. Works a treat.

Re:No response to complaints after receiving spam

[apwingo]

in the header of "enlarge your {certain male bodyparts}"-spam mails

it's called a penis. it's ok to say it.

This might work better

[rs79]

Post with an email address using a subdomain under your aegis. After a couple of days change the MX record of that subdomain to localhost.

People wanting to contact you about old posts won't be able to of course, they'd have to find a recent post of yours.

But spam would never hit your network and with any luck it'd make a right dogs breakfast out of theirs.

Richard Sexton
No, the other one

i sysaded for an asian ISP once

[zorkdork]

fitting name too, [asiagate.net] oh wait, is this e2 like linking? oh well, nm.

We had some problems with an open relay once, but just one notice from an outside ISP and we fixed it good, we were a small operation and we really could not afford to give free rides on spammers on our BW.

Why other prefer to just wait bandwidth and earn the ire of BOFHs everywhere i do not know, it aint THAT hard to fix your sendmail.cf or main.cf or whatever.cf to prevent spamming.

Cultural differences

I love the part of the article where it basically says that the Asians don't understand why spam is such a problem, and that receiving an electronic business card or communique from someone should be an honor...

NOT! Here's a tip to the Chinese and any other "culture" out there - THIS IS THE INTERNET! We have OUR culture. Respect it or get out.

You've been told, and you choose to ignore us. Now we choose to prevent you from entering until you RESPECT US.

assholes...

Block Asia, but..

[Ogerman]

..watch out for e-mails with messages such as:

"ALL YOUR BASE ARE BELONG TO US!!"
or
"YOU ARE ON THE WAY TO DESTRUCTION!"

These are obviously terrorists and should be reported to the feds. (-;

don't forget

[Navarre]

While you're at it, don't forget to block yahoo, aol and hotmail. Pretty much anyone on uunet too.

Mike

Solution to Anti-SPAM

Hello Fellow Slashdotters and ISP Admins,

I have the perfect solution (well almost perfect). We have started to filter out unverified mail servers (if you check the received: header tag) and it has been great. Within 10 days, we have caught over 100,000 SPAM messages and about 0.5-1% were actual e-mails. Currently we have our mail server filtering system to send an Auto-reply to the remote ends to fix their mail servers. This is for the legitimate mail that is going to be blocked when we go full blocking in about a month's time.

Works great, had a few complaints but atleast once it is turned on, we will be cleaning up about 80-90% of spam off our network. The rest will be handled by mail-abuse.org and other Anti-Spam blacklists.

Re:Considering that 95% of all my spam comes from

But is 95% of all mails coming from USA SPAM?
RealMail/SPAM ratio is rather poor from China.

web interface = forms != no spam

its only forms man. It would probably take me about 10 minutes to sign up a hotmail account and write a basic perl script to submit mails through it. From here its a simple step to send those 100,000 emails. Blocking them is not pointless, its a damn good idea.

As an aside have you seen how much spam you get on hotmail? sign up for an account and don't use it...don't sign up for any information or free services, just maybe mail yourself to check the account works...i guarentee within one month you will have at least 20 spams.

Re:web interface = forms != no spam

[radish]

You really think Hotmail don't have anything to detect multiple, fast, repeat postings through the same account?? Even the slashcode has that :-)

Spammers use standalone client software which hooks up to an open relay and batters it into submission. If anyone was actually watching said SMTP server they'd be sure to notice the load and shut the connection off. The thing is no one is watching...Hotmail doesn't fit into this category.

Want evidence - take a look here. These stats from spamcop show that Hotmail don't even make it into their weekly statistics as sources of spam. I rest my case.

Funny solution [RHF] Free Tibet!

[retrosteve]

Rec.Humour.Funny recently posted an elegant
answer to Asian spam, at least when it originates from China...

I don't want to give it away, read the link, but I promise any Chinese spammer getting this email in reply won't be sending spam for long...

I called a Japanese ISP once

[sharkey]

Made the mistake of saying Godzilla had been spotted, and was heading their way. There was a lot of screaming and they dropped the phone and ran. My ANI has been blocked from calling any phone number in Japan ever since.

fight spam

[4444444]

we can all fight spammers use spamcop.net

New SMTP standard

[dodobh]

SMTP AUTH will do fine.

And simply disallow plaintext auth methods, and no SSL and that kicks Outlook Express and Outlook off the net too. Major riddance for spam :)

First-hand accounts of dealing with Chinese ISPs

[xtotx]

There is a good article about dealing with China's Beijing Capitalnet ISP and SPEWS that came out yesterday at http://www.chinainternetupdate.com/index.htm#5 called Mr. Bush don't block the Chinese INternet because I guess dubya is in PRC now.

Re: [love this MX to resolve to 127.0.0.1]

[FredericDM]

MX resolving to 127.0.0.1: Bright idea !
Doing so massively would cause great trouble to owners of open relays.

BTW look at my address: it is replyable if you _do_not_ remove "nospam".

Probably real Nigerians

[GCP]

Based on some discussions with actual Nigerians, I think it's likely that they are. A few years ago, the "60 Minutes" TV crew even met with some of these bank scammers in Nigeria.

Original poster got it right

[GCP]

As a legal resident of both the Singapore and the US who has spent a lot of time working in Taiwan, I'm afraid you're the one who's dead wrong. Any given restaurant can blow it, but the consistency is remarkable, though there are local menu additions and deletions, of course.

TMDA rocks

TMDA removed my spam problem. It blocked more than 100 spam mails in the last 14 days. Enuff said.

Re:No response to complaints after receiving spam

[jhubbard]

This happened to my wife. The person used her hotmail address as the From. They included a link to a webpage where you could buy stun guns etc. I contacted the abuse people there and they removed the website.