Walling off Asian E-mail to Prevent Spam

SomeoneYouDontKnow writes: "Seems there's been lots of spam news lately. This piece from Wired describes how frustrated sysadmins in the West are responding to a torrent of Asian spam by simply refusing all e-mail from that part of the world. As anyone who's ever reported spam to Asian ISPs can attest, getting a response of any kind is almost impossible, so some ISPs are simply giving up on receiving any mail from them. Setting up barriers like this is regrettable, but when the originating ISPs refuse to take responsibility for the actions of their users or close their open mail servers, there would seem to be no other choice. Has anyone ever had any kind of constructive conversation with one of these ISPs to see why they are unable or unwilling to do anything?"

Sadly, this is the only way to go

[InterruptDescriptorT]

I feel bad for the legitimate Asian users of e-mail trying to communicate with their comrades in the West, but it has been proven that this is the only way that ISPs will finally own up to the task of stopping spammers abusing the networks. Look what just the mere threat of the Usenet Death Penalty did to @Home--they have cleaned up their act significantly.

Strange as it is to say, this 'denial of service' is one that I think may actually have some future positive effect. The way the world seems to work is that no one will bother to do anything unless you threaten them with the loss of their service, and then they take action. Sad, but true.

Re:Sadly, this is the only way to go

[#if+0]

It may be necessary to eventually threaten those ISPs with being blocked, but still there are a lot of *constructive* steps that could be used to help the situation.

**Like actually bothering to translate your contact messages into various non-English languages. After all, when was the last time You, as a sysadmin, responded to an informative message to postmaster@your.org that was written in an Asian language?? I didn't think so...

I have done my bit for mankind!

[doctor_oktagon]

In November 2000 I spent 1 month in Hong Kong sorting out the Spam problems one of the largest ISPs was having, in my job as security consultant.

The situation was dreadfull, with no abuse department and no way of detecting/stopping abusing customers, or even stopping customers being abused.

I killed 99% of the Spam by warning all customers we were testing for open relays, and offering to actually help them if they didn't know.

I then spent 2 weeks trying to configure about 30 different mail servers I had never even heard of, and one which didn't even return 1 result on Google!!

We got there in the end, especially once we firewalled port 25 for those customers who didn't want to listed.

The next step was to write belt-and-braces Terms of Service for the client and ensure the abuse@isp address was checked and actioned on a daily basis by a full-time member of staff. If abuse went unchecked, then we pulled the plug on the customer and banned them from coming back, or we'd prosecute (sometimes tricky in HK)

I *always* check who sends me spam, and I'm pleased to say none has originated from that ISP since I did my work there.

We tried to re-sell the solution to all other ISPs in the region, but they didn't bite due to a) expensive consultant fees, and b) not really caring.

I pointed out they were large ISPs who fully deserved their .net addresses, but were rapidly losing face amongst their peers for continuing to ignore the problems. *sigh*

okay, fine - so we block

[hrieke]

But what else can be done to solve this problem with China and other Asian countries?
I agree that the 'no response' from many of these places is frustrating, but has anyone offered to train[1] some of these people in setup and configuration of their servers?
Has anyone who is bilingual offered to translate the user manuals into Japanese, Chinese, or Korean?
Has anyone taken the time to explain to them that by lax secuitry / improper setup on the EMail server usually points to more problems with in their network?
Education is the answer to this problem, and we need to take the lead.

[1] Okay, it might be impractial to fly halfway around the world to train someone in server configurations just to stop spam, (although a cost /benfit analysis might prove otherwise if the volumn is extream!) but has anyone offered to train someone from Asia on this side of the globe?

Watch out with that scheme

[phr2]

I've been doing something like that for a while (periodically changing addresses for news posts). The trouble is that every address you use gets on spam lists and gets spammed forever. By having 100's of addresses, you get 100's of times more spam than you otherwise would. Even if you can filter it on arrival so you don't have to see it, it's still clogging your bandwidth and you can always filter a legitimate email.

I don't generate unique reply addresses per news post, but change addresses a few times a year. I have a bunch of old addresses that mostly get spam, so my filters dump incoming mail to them into a mailbox file that I look in every now and then. That's much less annoying than seeing the spam as it arrives, but still, it's better to keep the volume down.

I think I'll completely stop putting replyable email addresses on news posts. I'll just have a URL for my web site where people can leave me messages through a CGI. That lets me make another political statement too, since my web site runs SSL so any incoming messages I get from the CGI will be encrypted while in transit. We tell people to use ssh instead of telnet--we should also try to avoid sending email in the clear without a reason.

Chinese ISPs need to think globally

[mblase]

The article says:

Some Chinese and Korean systems administrators said documentation for the software they use is often available only in English, which complicates securing their systems.

This is an honest problem, because it's not the the ISP's fault that they can't get native-language documentation for the software. But if they're running the software at all, it becomes their problem. Why would any responsible system administrator install software when he can't read the documentation? Educated English speakers aren't such a minority in the far East. It's the ISP's responsibility to hire them, or else get software documented in their own language.

Cultural issues also contribute to the problem. Many spammers in Asia say they do not understand why spam is a problem. "It's a sign of respect that someone sends you an electric business card. It means he wants you as a customer."

This is just willful naivete on their part. If they think that sending an electronic business card is a "sign of respect", that's fine. But they need to understand that in the West, unsolicited advertising is an overwhelming inconvenience and is not welcome by the vast majority. Cultural relativism swings both ways.

Piracy is free and open and common in the far East, which irritates Western corporations and makes poor Western college students and hackers giggle with glee. It's rampant and unpoliced because the notion of information ownership and copyright just don't exist over there. But here's the flip side to that coin: unrestricted dataflow from the West into the East also means unrestricted dataflow from the East to the West. As music, movies and software comes in, spam goes out. Like it or not, they're both travelling through the same door.

If the Chinese ISPs want to provide their people a gateway to the free world, then it's their responsibility to cooperate with how the free world works and act responsibly within that setting. If they don't, then they get blacklisted like this and lose their right to be a gateway.