Slashdot Mirror
71% of Spam Servers are Located in China
aspelling writes "
We all know that majority of consumer electronics and other goods sold
in US stores is produced in China. But China specialty extends beyond
consumer electronics, clothes and automotive components. According to Commtouch Software research 71%
of all spam servers are located in this People Republic. "Since Jan. 1,
we've seen probably a 30% to 40% increase" in spam traffic" Commtouch
CEO says. BusinessWeek reports
about this issue."
Isn't 71% of everything made in China? I've always thought all spam, both meat and annoyance flavors, were made in China...
Go to the press release (it is listed on the page) and click on the link for the white paper
But surprise, surprise, the "best solution" is the one they sell, but it's still an interesting read.
The grass is only greener, if you don't take care of your own lawn.
If you don't know anyone in China (or Asia) you can use a blacklist for the whole region. My firewall with OpenBSD's awesome spamd autoupdates its tarpit blacklists every couple of hours. One good list for Asian IPs is here.
I love the idea of tarpitting, seeing spammers connections being tied up for ~3300 seconds (my highest) warms my heart. If more people did it that'd mean less overall spam traffic.
Trolling is a art,
If China can keep much of the rest of the internet inaccessable to their citizens, why can't the rest of the world block the polution that China is transmitting?
---
"I can't complain, but sometimes still do..." Joe Walsh
Yet another IT service being outsourced overseas........
Write your congressperson and demand that SPAM jobs be kept at home!
I have no reason to ever get traffic from china when I'm talkin about my own personal servers.
First question is what netblocks can I block to effectivley ban all of china?
Hardly surprising, since as soon as you spam a million people, an hour later you're hungry to spam a million more. ;)
I watched C-beams glitter in the dark near the Tannhauser gate.
What about the big firewall stuff that China uses to restrict access? I guess it doesen't affect email?, or maybe it's government approved?
Does the story differentiate between the two?
Kinetic stupidity has a new brand leader: Allen Zadr.
Me Chinese, me play joke, me send ads for erectile disfunction drugs, marital aids, sites with farm animals, septic tank cleaning, unlimited monthly income potential, hot stock tips, offers to meet girls in your area, and tiny little remote control cars to your inbox.
the major advances in civilization are processes which all but wreck the societies in which they occur - A.N. White
Hey, It's China. Give them a break. Almost all of our stuff comes from China, why not the spam? We still owe them for Chinese food.
Why not start blocking IP addresses for SMTP from China? Also start some sort of whitelist of known good STMP servers to help the legit email users in China. If the country can get (or doesn't care to) get spammers under control, like has happened in other counties, then the rest of the world should take matters into their own hands.
If China is really the source of much of it, we would see a dramatic decrease.
Or am I missing something?
Soccer Goal Plans
It was along the lines of "the capitalist countries will sell us the rope the hang them with". Those driven to financial gain eschewing possible ethical concerns will at best impose a lot of friction and drag on the system. They may end up poisoning the internet sufficiently to end a lot of net freedom we take for granted. I am sure China is more than happy to take our money as we bury ourselves.
there was a tip posted to NANOG this morning. you can use china.blackholes.us as a RBL (look at their page, they have other lists) to effectively block all mail from china's IPs
I too have gotten tired of spam, and run my own mail server on my domain. I have complete control over my email, and complete control over the spam. I get less than 1% spam. However, it's sad that it has to come to that. Not everyone can run their own email servers. What about my mom or grandmother who can't even manage to set up their email account under M$ Outlook? For anyone who has the skill/interest, setting up your own email service is a good idea.
Several people have mentioned blocking all of China, but what good will this do? Okay, most of the spam originates from there, but this wouldn't be an interesting study if most of the spam were obviously from China. I would imagine that most spammers are using relays of some sort and have a pretty good idea what they are doing. The country-wide blacklist may not be a bad idea but I question its effectiveness.
it is that 71% of a form of communication originates from a country that tries its damndest to stifle the voice of its people.
"I'm just here to regulate funkiness."
lately seems to originate in Africa. Nigeria to be exact.
Grump
Is it true that more people vote for the winner of American Idol, than vote for the president? -Ali G.
Spam, the food, is made right in our very own third world city of Austin, Minnesota at the Hormel plant. (also Nebraska, Denmark, Korea and The Phillipines.) See the Spam museum.
(Funny on slashdot how I have to qualify Spam as a food product...)
Have you Meta Moderated t
If you put a credit card number into a site, what bank gets the transaction? That's how to track spammers.
Strange, because USA is still #1 in all 3 categories listed (scroll down) on spamhaus.org
/me sets mode -rant
Besides - who cares where the exploited servers are? Soon (my guess is - less than 6 months) the majority of spams will be sent via zombies taken over by some worm or virus. These computers will be spread all over the world. The only solution is to nip it in the butt. Make spam illegal (as it is in Europe) and sue the pants of the spammers. Enough of those stupid atempts to pretend something is being done. We all know that the spammers are from Gods own country - hijacking machines whereever it's easiest.
75% of spam is american. American lowlifes selling american products..
At least according to my own experience, and according to research conducted outside of america..
I don't believe for a minute that the spammers are actually chinese.. You can recognize the writing of a typical american "internet entrepeneur" in most spam mail..
And the servers? Sure, but most spam servers are innocent infected computers anyway...and if you look at the number of american computers in the world compared to the number of asian numbers..it would surprize me if the majority of servers aren't american..
I have never seen a single spam email with chinese letters..why?
Will code a sig generator for food
Spam may be coming from Chinese _servers_, but I doubt 71% of the spammers are Chinese. Everyone in this thread seems to think that actual Chinese people are doing the spamming. I don't think this is the case.
.
"Since Jan. 1, we've seen probably a 30% to 40% increase" in spam traffic" Commtouch CEO say"
This accurately mirrors what I've noted, I run the mail sweeper for a medium-sized enterprise and analyse spam to improve the quality of our filtering.
I note a lot of the spam has similar formats (apart from the 419 scammers, but they're easy to filter out), leading me to suggest that spamming is dominated by a relatively small clique of big-time mailers
This does at least make it easier to write rules to stop it. We don't use Bayesian filtering, a human-monitored system can be more efficient if done right.
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
I would be perfectly willing to not receive any e-mail from China, or even all of Asia for that matter. Unfortunately, not running my own mail server, I can't block their addresses direcly, but it would be nice if someone mapped out the IP addresses to block and came up with some good mail server rules. Clearly this would have to be done as an option on an acount-by-acount basis, so it has to be done in the mail server and not the firewall, but I expect enough people would opt-out of Chinese oriinated e-mail to make it worth while for any system that supported such an option and coul long-term have a significant impact on this source of spam.
I'm an American. I love this country and the freedoms that we used to have.
I can't speak for the accuracy of the assertion that the web servers linked to in spam messages are located in China 71% of the time.
But I can say that of 3413 spam messages I received only 185 of them came from China.
Coding Blog
So, what's holding us off from just blackholing the entire country until they get their political act together?
i think thats a horrible idea, it could possibly silence the best form of free speech the people there have.
besides, if some other country was to blacklist US based servers, purely because of the US's politics, im sure everyone would be crying foul. You shouldn't let politics dictate what happens with the internet.
... most of my email seems to be coming from these hot, single, girls that all want to meet ME! I blush everytime!
Hmmm.
Well, that explains why so much of spam is for penis enlargement products... :-p
I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
That said, our system takes 2 minutes to ACK requests after the first error, expanding to 10 minutes/error, just before it hangs up at 20 errors. It isn't much, but it makes ME feel better.
Taiwanese servers use the tw code, cn is used by the Reds. It's not technically hard to disambiguate the two countries-- so the question then becomes-- did the authors of the study at some point take the "One China" myth seriously?
You have to know what IP addresses are physically located in China and block those.
Here you go:
http://www.okean.com/asianspamblocks.html
How about reading the story?
They are talking about the Peoples Republic (of China), captial Beijing, "China is notorious for its Internet censorship efforts".
This doesn't sound like they are talking about Taiwan/Republic of China, (provisional) capital Taipei.
"Between strong and weak, between rich and poor [...], it is freedom which oppresses and the law which sets free"
so greed is stopping the U.S. from stopping communism... that made my day :)
Our Chinese clients started complaining that they no longer had access to our US based FTP server and e-mail addresses just last week. Turns out, China blocked the DNS servers that our ISP uses! Great... yippee.
We are switching ISPs anyway, so I am not terribly concerned, I just think this is wildly hypocritical.
Most of the spams I receive are from companies in US or other English-speaking countries. The reason why many spams come from China is that there are many free email service providers there that give SMTP/POP access to users (unlike MSN and Yahoo, which only provide web access), so it's extremely easy to get a free account and start sending bulk emails.
Doesn't anyone read the article?
It said that 71% of the URLs in spam go to web servers in China, not that 71% of spam comes from China!
The vast majority of spam that hits my mail server comes from the US (comcast, rr.com, etc) machines that have been compromised.
Tools like bigevil.cf (SpamAssassin plugin) help me to filter those spams with Chinese URLs.
http://sophos.com/spaminfo/articles/dirtydozen.htm l
Conservatism: The fear that somewhere, somehow, someone you think is your inferior is being treated as your equal.
First, lets use an M-1 Carbine to hunt 'em like rats!
After that, have the Three Shotgun Dudes shoot 'em up!
If the spammer is still kick'in, fire an RPG at 'em!
And finally, to finish 'em off, use these weapons of mass destruction!
Put whatever is left of the spammer on my back yard, and I'll have The Incredible Hulk drop off my roof and SMASH 'em!
Hulk SMASH Celiac Disease
... is that those servers are used by spammers as open relay, not that those spams are originated there.
..."
..."
...
There're just too many clueless email admins over there. They lack the skills of configuring a well behaved MTA (it's a pretty tough job these days indeed), and the language barrier is just making things worse. Most of the people are just configuring their mail servers according to howto-like articles written by some clueful guys, and those articles are mostly just laying out the steps, no how and why things should work that way. If you hop to any of the tech forums' email section, you'll find it's full of questions like:
"Help, I just configured my email server according to XXX but things didn't work out
"Help, why my smtp auth doesn't work? It'll accept any username/password
"Help, why I can send out email by can't receive?"
"Help, I got blacklisted by XXX, how can I get myself out?"
etc., etc.
So, it's a matter of educating them how to do things right. As a Chinese myself, I am trying hard to help out those poor guys by answering questions on those forums, and by helping them out translating the documentations to Chinese.
So please, don't shut the door to them, they just need to be educated.
gd
Relevant portion of the file at iana.org:
Those are the people we should be going after. Spam, even under the recent federal law should be enforced against the people paying for the service.
Do you sell the penis pills advertised? Yeah? Did you request the advertisement? SLAM!
Forget about blocking all of China. I feel safe in the belief that it wouldn't stop the spam at all.
Well, it works like this:
1) The top spammers (the people) are from the USA.
2) They like to use relays (computers) in China, since most of the ISPs here don't like spammers and spamhauses (ISPs set up to do nothing but host spammers, they may even pretend to take down accounts while just shifting them to different ones, etc. Evil, really.)
3) They're also now using worm/virus-infected hosts as relays. I recently helped a friend clean out a rather nasty infestation which was being used as a spam relay without their knowledge, and which had been reported at SpamCop (this, I believe, was how we first found out about the evil relay, actually).
4) Oddly enough, today I got my first compliant spam under the FTC's rules. It actually had 'Sexually Explicit:' in the subject line unmunged. I was fairly impressed. Naturally, it was deleted immediately along with all other spam in the spamtrap.
5) Even if we don't get all (or very many of them), I think that the new spam law may do some good, though it surely won't stop spam. I would just love it if we could take out the top dozen or so US spammers, which would decrease the spam volume by an order of magnitude, I should think. Spam relays don't send spam on their own, folks (at least, not yet... hrm, hope I don't give them any ideas...). Even if the law doesn't really do much of anything, I still wouldn't mind seeing spammers in jail...
* a tour guide walks through the SPAM museum with a tour group, and points to a can on a pedestal *
This is the first can of spam that was ever produced by Hormel. It was made in 1937 in Austin, Minn.
Not too long after, it was shipped in mass quantities to Allied forces in Europe, who found it a delicious alternative to starvation.
*Picks up the can on the pedestal, pops it open, sticks a fork in and takes a bite. *
Mmmm. Fresh as the day it was made!
___
It's the end of my comment as I know it and I feel fine.
As a result, I may soon start looking around for rbls of zombie PCs, or consider running a bot to sniff these out myself. Thumb in the dike? Sure, but it beats doing nothing.
Luke, help me take this mask off
Ultimately, I think we'll need smarter spam filters. That isn't too different than what we were doing at HNC. IF the letter is from someone you don't know and talks about Human growth hormone or altering of bodily parts, it is a pretty good bet it is spam. It is really just a matter of good pattern recognition.
You are allowed to ban whomever you like. There are servers I control that are accessable from as little as one subnet (and others that are on a physically private network). That's my right.
It also could work to help force people to get their shit straight. Many ISPs (domestic and foriegn) are just non-responsive to SPAM/hacking complaints. One proven tactic that works is the threat of mass bans. Between a proposed UPD and a ban by the members of Nanog, UUNET was convinced to become more responsive to complains of network abuse.
The Internet does not have a police force so the community polices itself. If a group won't play by the rules, they shouldn't be supprised to find themselves excluded from a large part of it.
I hear complaints all the time about how much censorship of the Internet is done by the Chinese government, then what do we do? We add all of China to our RBLs to block the spam, and end up blocking what legitimate e-mail does get through. Sounds like we are doing just what the Chinese government wants us to.
-Pascal
Many of the comments here are anti-China, which we can understand, because SPAM is so much hated by all of us.
However, there is differentiator that needs to be made here: how many of these servers are actually run by spammers, vs. how many are hijacked by spammers without the owners' consent?
Isn't this an over generalization that demonizes entire people like: "All Arabs hate us!" or "All terrorists are Muslims!" or "All Jews are evil!"?
Another point is a differentiation between the people and the government. What the government does is not necessarily the same as what the people want or like.
Think about how G. W. Bush is behaving abroad (in your name) and even domestically, and ask yourself do you want everything he does to be actually in your name.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
71% of spam originates from China
yet...
80% of the worlds spammers operate from the USA?
Maybe non-tech people will finally start drawing the connection on how spam is delivered.
Then again maybe pigs will fly too...