Slashdot Mirror
Walling off Asian E-mail to Prevent Spam
SomeoneYouDontKnow writes: "Seems there's been lots of spam news lately. This piece from Wired describes how frustrated sysadmins in the West are responding to a torrent of Asian spam by simply refusing all e-mail from that part of the world. As anyone who's ever reported spam to Asian ISPs can attest, getting a response of any kind is almost impossible, so some ISPs are simply giving up on receiving any mail from them. Setting up barriers like this is regrettable, but when the originating ISPs refuse to take responsibility for the actions of their users or close their open mail servers, there would seem to be no other choice. Has anyone ever had any kind of constructive conversation with one of these ISPs to see why they are unable or unwilling to do anything?"
On the other end, if many of those domains are in the Orbz or other blacklists, maybe just using those would be better.
Berto
Well blocking whole areas is a start, but not an ideal solution. I'm going to start filtering my email so that unless it meets one of the following conditions it gets rejected and sent back to the sender :-
1. The mail claims to be From someone I have pre-approved.
2. It's from a mailing list I've registered with.
3. It's sent To: a special purpose address within a couple of days of creating that address. (So I can post to newsgroups with addresses like jb10202 which will be valid for a couple of days for replies only)
4. The email contains a special approval code to bypass the checking.
The purpose of 4) is that when I get an email that is rejected it will send it back to the sender with an apology and a 4 digit random code which is valid only for a single mail from that address and only for 48 hours. They can simply forward the mail back to me and it will contain the code and get through.
I get *so* much spam, and 99% of my real email is from the same few address that I need to block the junk, and I think this scheme will annoy relativly few people, and not too much but should cut ALL the spam.
I've not implemented this yet, but it shouldn't be too hard to write.
Sig is taking a break!
I run a small mail server, mostly providing mailing lists to the automotive community. While my lists weren't affected (I have reasonable anti-spam rules in place), a server in Taiwan was spamming every address it could find in my domain with dozens of unique spam per day.
The usual ip tracing ensued and I tracked it back to a small ISP. Hoping that I would reach someone who spoke (or wrote) English, I sent a copy of my logs and an explanation to "postmaster@", "abuse@", "webmaster@", and any other address I could think of. Amazingly enough, after about 12 hours, I received a reply (in somewhat broken English) asking for more logs, and a confirmation of the time zone I was using in my logs (UTC, for what it's worth). After I replied, I received an appology that one of their "clients" had bothered me and assured me it would be taken care of.
To this date, I have not received another piece of spam that I have attributed to that ISP. I realize that this is the exception and not the rule, but I thought it was worth noting that there really are reasonable sysadmins "over there".
-- "Other than that, how was the play Mrs. Lincoln?"
The first parallel that came to mind was the "death sentence" proposed against UUNet a few years ago for their fostering spamming activity.
The action represented the response of a group of responsible internet members that had finally tired of both the activity and the lack of response from a greedy company who seemed to have no respect for bandwidth and privacy issues.
It seemed to work then and maybe it's just what's needed now.
It's about time that some of these ISP's discover what happens when the fecal matter hits the oscillator.
We have met the enemy and he is us - Pogo (Walt Kelly)
The response was "without full e-mail headers, we can't do anything."
Hmmm. It's not e-mail.
I am discussing with my employer the option of blocking all 202/8 203/8 210/8 211/8, all of Road Runner but the MX'es, *.cn, *.tw, *.ru, *.pl, and *.mx domains too. I don't know the ip range assigned to the domains, so if you do, post a follow up! (I have Road Runner netblocks, there are just too many to put them here.)
Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves.
No it's not a huge setback. Eventually the various Asian admins that are causing this will get the clue and fix their mail systems.
I get roughly 100 messages or so of SPAM a day on my Hotmail account -- I can't give an accurate number because I keep blocking entire domains (some jackhole, and I think I know who, decided to add me to various coupon and ad sites, which becomes a deluge as they share mailing lists). Of the 150 or so blocked domains, about 10% of them are Asian (surf to xyzzy.net and note that entire webpage is in a font I don't have installed).
Make a law? Sure. In which country? Or do you mean you want to outlaw SPAM in the US, and then somehow think you're going to be able to prosecute a company located entirely in North Korea under US Law? Things just aren't that easy. I'd like to see a reasonable way to legislate SPAM to be illegal, even if it only did affect the US, but I'm yet to see anything that has teeth AND makes logical sense.
in fact for a few months I blocked:
Hotmail
Yahoo
MSN
USA.net
When those folks learn how to close their relays and strip a virus then we can deal with the Asians....
This
I dunno, but I think a moral hacker would find it quite rewarding to screw up a spam creaters cash cow.
-- Dan
How much time do you expect a Chinese bureaucrat to spend prosecuting a fellow countryman because he made 1000 foreigners delete a bothersome message?
I hate spam, but the last thing I want is a bureaucratic solution. The free market will find a way grasshopper....
Slashdot: Liberal News for Nerds. Liberal Stuff that Matters.
the place where i colo is just now doing this after tracing the bulk of the spam coming into their own network from chinese ISPs and most especially china.com
rather than refusing email from the offending ISPs, they are going to the rather extreme measure of refusing connections entirely (at the router, i guess, though i'm not certain how the network is set up...) from the entire IP ranges of a number of the offenders.
so, now all my domains (and all those colo'd at my ISP) will basically be inaccessible to anyone in china. big deal. all the traffic i get from china is either spam or nimda requests. woo friggin hoo.
it has yet to go into effect, but i expect it will make a big difference in my monthly bills, as i pay for bandwidth, even if it's spam sent to people on my mail server.
as some folks are bound to say, it's more than a bit presumptuous to basically say "play by my rules or get off the field" where "my rules" are typically those of the mostly american, english speaking internet population, but in this case it's more a case of "play nice or go home"
- Entertaining Bits from the Ancient Kernel Tree
The Asian nations would not be in this situation if they understood the proper way to run a mailserver and dropped the insane cultural notion that obnoxiously shoving a business card in someone's face is courteous and expected. I worked in Asia during the early 90s (mainly Singapore, Hong Kong and Taiwan) and from my experience of working with Asian businesses, this problem will not go away. Unless it's not hurting their bottom line, it doesn't matter if its hurting ours.
Strange women lying in ponds distributing swords is no basis for a system of government.
A few months ago my email address ended up on a Korean spam list. I've been using the following procmail rule since:
:0:
* (^From:.*\.kr |\
^.*ks_c_5601)
SPAM
It catches about 95% of the spam from Korea. It's sad that I've had to resort to filtering email from an entire country.
What has amazed me about the whole thing is the spam I receive from there is usually written in the ks_c_5601-1987 character set. Since Korean is not a really popular language throughout the world, the chances of someone understanding the spam is very slim (I haven't been about to find a good Korean to English translator that actaully works). IMHO, the spammers are just wasting their time.
Go not unto/. for advice, for you will be told both yea and nay (but have nothing to do with the question)
The idea goes like this:
Why not have a sort of "Name" tag in email. This tag could be an MD5 Hash of anything you want. If the people who sent you the email knew your name, or any valid name tag that you gave them (Multiple Name tags would be simple, just sort them into folders) You could just supply the "Name" with your email address, something like "Yeah, email me at prudan@example.com, name tag (prudan)" Anything that doesn't have your name tag would be sorted into a spam / unknown folder, or you could even bounce it back saying that the name was invalid.
Some pros and cons to the idea:
Pros:
It will require more processing power for spammers to send out lots and lots of spam. Each message would need its own checksum if they are guessing at a valid name tag.
This would really make it so that you have different email addresses, without all the aliasing. You want to use a business address? Make one of your name tags "Business", and assign that nametag to a folder just for that.
Adding this to email clients would be a trivial task.
Done at the client level, so it adds no server processing overhead.
Cons:
Spammers will start trading name tags too, so changing your MAIN name tag every so often would probably be necessary.
Getting this to be accepted everywhere would be quite a chore.
Maybe this won't work. I don't know.
-- Dan
While translation is a nice idea, I don't think it's worth my time to learn 20 different asian languages just so I can complain about spam. I'm sure not going to pay someone to translate for me to complain about spam. So what OTHER constructive steps can you come up with that are REALISTIC?
The bottom line is that if asia doesn't want to get firewalled, they need to get agressive about closing open relays. Note that I don't descriminate against asia, I descriminate against EVERYONE that sends me spam. This include many european and south american netblocks / TLD's too.
Basically I don't get ANY legit email from these countries. Not blocking them would be silly.
Like actually bothering to translate your contact messages into various non-English languages. After all, when was the last time You, as a sysadmin, responded to an informative message to postmaster@your.org that was written in an Asian language??
The international language of snail mail is French. That's why air mail is par avion. It's like that all around the world and no one really complains. If the admin knows enough to postmaster@ he knows it should be in english. English is *the* offical language of email. Just look at the headers, I don't see a 'Od: instead of 'From:' or 'Temat:' instead of 'Subject:'.
Admins speak english, you can't really be a good admin if you can't communicate with your computer and 90% of software - even software created in non english speaking nations - is in english.
jedrek
However, I expect that the former British Empire has a lot to do with the widespread familiarity with English. In this case, imperialism has a lot to do with it. For instance, the country of India uses English to overcome the many, many Hindi (and other?) dialects. This is clearly because of British Imperialism.
The other poster just had the wrong imperialist country. =-)
-Paul Komarek
if everyone had the ability to run thier own dns and mail servers that might work but you really don't think everyone will go through that much trouble to fight spam do you?
http://Lenny.com
4 great justice!
it's the company's selling spam services that are the real problem not the company trying to sell the product in your spam.
http://Lenny.com
4 great justice!