Slashdot Mirror
71% of Spam Servers are Located in China
aspelling writes "
We all know that majority of consumer electronics and other goods sold
in US stores is produced in China. But China specialty extends beyond
consumer electronics, clothes and automotive components. According to Commtouch Software research 71%
of all spam servers are located in this People Republic. "Since Jan. 1,
we've seen probably a 30% to 40% increase" in spam traffic" Commtouch
CEO says. BusinessWeek reports
about this issue."
Isn't 71% of everything made in China? I've always thought all spam, both meat and annoyance flavors, were made in China...
Go to the press release (it is listed on the page) and click on the link for the white paper
But surprise, surprise, the "best solution" is the one they sell, but it's still an interesting read.
The grass is only greener, if you don't take care of your own lawn.
If you don't know anyone in China (or Asia) you can use a blacklist for the whole region. My firewall with OpenBSD's awesome spamd autoupdates its tarpit blacklists every couple of hours. One good list for Asian IPs is here.
I love the idea of tarpitting, seeing spammers connections being tied up for ~3300 seconds (my highest) warms my heart. If more people did it that'd mean less overall spam traffic.
Trolling is a art,
If China can keep much of the rest of the internet inaccessable to their citizens, why can't the rest of the world block the polution that China is transmitting?
---
"I can't complain, but sometimes still do..." Joe Walsh
Yet another IT service being outsourced overseas........
Write your congressperson and demand that SPAM jobs be kept at home!
I have no reason to ever get traffic from china when I'm talkin about my own personal servers.
First question is what netblocks can I block to effectivley ban all of china?
Hardly surprising, since as soon as you spam a million people, an hour later you're hungry to spam a million more. ;)
I watched C-beams glitter in the dark near the Tannhauser gate.
Does the story differentiate between the two?
Kinetic stupidity has a new brand leader: Allen Zadr.
Me Chinese, me play joke, me send ads for erectile disfunction drugs, marital aids, sites with farm animals, septic tank cleaning, unlimited monthly income potential, hot stock tips, offers to meet girls in your area, and tiny little remote control cars to your inbox.
the major advances in civilization are processes which all but wreck the societies in which they occur - A.N. White
It was along the lines of "the capitalist countries will sell us the rope the hang them with". Those driven to financial gain eschewing possible ethical concerns will at best impose a lot of friction and drag on the system. They may end up poisoning the internet sufficiently to end a lot of net freedom we take for granted. I am sure China is more than happy to take our money as we bury ourselves.
there was a tip posted to NANOG this morning. you can use china.blackholes.us as a RBL (look at their page, they have other lists) to effectively block all mail from china's IPs
Several people have mentioned blocking all of China, but what good will this do? Okay, most of the spam originates from there, but this wouldn't be an interesting study if most of the spam were obviously from China. I would imagine that most spammers are using relays of some sort and have a pretty good idea what they are doing. The country-wide blacklist may not be a bad idea but I question its effectiveness.
it is that 71% of a form of communication originates from a country that tries its damndest to stifle the voice of its people.
"I'm just here to regulate funkiness."
Spam, the food, is made right in our very own third world city of Austin, Minnesota at the Hormel plant. (also Nebraska, Denmark, Korea and The Phillipines.) See the Spam museum.
(Funny on slashdot how I have to qualify Spam as a food product...)
Have you Meta Moderated t
If you put a credit card number into a site, what bank gets the transaction? That's how to track spammers.
Strange, because USA is still #1 in all 3 categories listed (scroll down) on spamhaus.org
/me sets mode -rant
Besides - who cares where the exploited servers are? Soon (my guess is - less than 6 months) the majority of spams will be sent via zombies taken over by some worm or virus. These computers will be spread all over the world. The only solution is to nip it in the butt. Make spam illegal (as it is in Europe) and sue the pants of the spammers. Enough of those stupid atempts to pretend something is being done. We all know that the spammers are from Gods own country - hijacking machines whereever it's easiest.
75% of spam is american. American lowlifes selling american products..
At least according to my own experience, and according to research conducted outside of america..
I don't believe for a minute that the spammers are actually chinese.. You can recognize the writing of a typical american "internet entrepeneur" in most spam mail..
And the servers? Sure, but most spam servers are innocent infected computers anyway...and if you look at the number of american computers in the world compared to the number of asian numbers..it would surprize me if the majority of servers aren't american..
I have never seen a single spam email with chinese letters..why?
Will code a sig generator for food
Spam may be coming from Chinese _servers_, but I doubt 71% of the spammers are Chinese. Everyone in this thread seems to think that actual Chinese people are doing the spamming. I don't think this is the case.
.
"Since Jan. 1, we've seen probably a 30% to 40% increase" in spam traffic" Commtouch CEO say"
This accurately mirrors what I've noted, I run the mail sweeper for a medium-sized enterprise and analyse spam to improve the quality of our filtering.
I note a lot of the spam has similar formats (apart from the 419 scammers, but they're easy to filter out), leading me to suggest that spamming is dominated by a relatively small clique of big-time mailers
This does at least make it easier to write rules to stop it. We don't use Bayesian filtering, a human-monitored system can be more efficient if done right.
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
I would be perfectly willing to not receive any e-mail from China, or even all of Asia for that matter. Unfortunately, not running my own mail server, I can't block their addresses direcly, but it would be nice if someone mapped out the IP addresses to block and came up with some good mail server rules. Clearly this would have to be done as an option on an acount-by-acount basis, so it has to be done in the mail server and not the firewall, but I expect enough people would opt-out of Chinese oriinated e-mail to make it worth while for any system that supported such an option and coul long-term have a significant impact on this source of spam.
I'm an American. I love this country and the freedoms that we used to have.
>I [...] run my own mail server on my domain.
>Not everyone can run their own email servers. What about my mom or grandmother
Why don't you give them e-mail accounts on your domain and they'll get spam-free e-mail.
I don't know the meaning of the word 'don't' - J
I can't speak for the accuracy of the assertion that the web servers linked to in spam messages are located in China 71% of the time.
But I can say that of 3413 spam messages I received only 185 of them came from China.
Coding Blog
... most of my email seems to be coming from these hot, single, girls that all want to meet ME! I blush everytime!
Hmmm.
Well, that explains why so much of spam is for penis enlargement products... :-p
I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
Taiwanese servers use the tw code, cn is used by the Reds. It's not technically hard to disambiguate the two countries-- so the question then becomes-- did the authors of the study at some point take the "One China" myth seriously?
How about reading the story?
They are talking about the Peoples Republic (of China), captial Beijing, "China is notorious for its Internet censorship efforts".
This doesn't sound like they are talking about Taiwan/Republic of China, (provisional) capital Taipei.
"Between strong and weak, between rich and poor [...], it is freedom which oppresses and the law which sets free"
Doesn't anyone read the article?
It said that 71% of the URLs in spam go to web servers in China, not that 71% of spam comes from China!
The vast majority of spam that hits my mail server comes from the US (comcast, rr.com, etc) machines that have been compromised.
Tools like bigevil.cf (SpamAssassin plugin) help me to filter those spams with Chinese URLs.
http://sophos.com/spaminfo/articles/dirtydozen.htm l
Conservatism: The fear that somewhere, somehow, someone you think is your inferior is being treated as your equal.
... is that those servers are used by spammers as open relay, not that those spams are originated there.
..."
..."
...
There're just too many clueless email admins over there. They lack the skills of configuring a well behaved MTA (it's a pretty tough job these days indeed), and the language barrier is just making things worse. Most of the people are just configuring their mail servers according to howto-like articles written by some clueful guys, and those articles are mostly just laying out the steps, no how and why things should work that way. If you hop to any of the tech forums' email section, you'll find it's full of questions like:
"Help, I just configured my email server according to XXX but things didn't work out
"Help, why my smtp auth doesn't work? It'll accept any username/password
"Help, why I can send out email by can't receive?"
"Help, I got blacklisted by XXX, how can I get myself out?"
etc., etc.
So, it's a matter of educating them how to do things right. As a Chinese myself, I am trying hard to help out those poor guys by answering questions on those forums, and by helping them out translating the documentations to Chinese.
So please, don't shut the door to them, they just need to be educated.
gd
Relevant portion of the file at iana.org:
You are allowed to ban whomever you like. There are servers I control that are accessable from as little as one subnet (and others that are on a physically private network). That's my right.
It also could work to help force people to get their shit straight. Many ISPs (domestic and foriegn) are just non-responsive to SPAM/hacking complaints. One proven tactic that works is the threat of mass bans. Between a proposed UPD and a ban by the members of Nanog, UUNET was convinced to become more responsive to complains of network abuse.
The Internet does not have a police force so the community polices itself. If a group won't play by the rules, they shouldn't be supprised to find themselves excluded from a large part of it.