Russia, China World's Biggest Spammers

An anonymous reader writes "According to this ZDNet article, The Spamhaus Project has warned that organised cirminal gangs in Russia are supplying U.S.-based spammers with details of compromised PCs that can be manipulated to send junk mail. According to Spamhaus director Steve Linford, the Russian gangs aren't constrained by any anti-spam or cybercrime laws in their home country and have no respect for legislation implemented in other countries. Also, apparently 70 percent of spam is sent from China by American spam outfits who in turn have hosting arrangements with Chinese ISPs."

What is the best way to stop this?

[TJ_Phazerhacki]

Maybe not completely relevant to the specific subject, but what is the best way to stop this?

User end filters are a necessity these days, and even then, I still spend at least 15 min each day dealing with the spam. My personal box - No One else knows the address, it is for my own internal network purposes, is chock full of the stuff.

What do other slashdot'ers do? What can we hope to see in the near future?

Re:What is the best way to stop this?

[YrWrstNtmr]

Maybe not completely relevant to the specific subject, but what is the best way to stop this?

Due to the global nature of the internet, the only way is to wait until the governments of China and Russia change due to public, internal pressure. Note that this may take some time.

In the meantime, SpamBayes might help.

Re:What is the best way to stop this?

[chimpo13]

Going after the money would be more effective. Sure, we can't go into China and Russia, but we can make life HELL for USA spammers. If we make it unprofitable here and send more of them to jail, that'll stop most of the jerks. Even if it's just Scott Richter that goes to jail, that'll put a major dent in the action.

Re:What is the best way to stop this?

[halowolf]

While end user filters are a necessity, they should be the last line of defense, because by the time the SPAM has reached you, it has stolen the bandwidth, CPU cycles and disk space to get there.

I currently sit in the "email itself must change" camp to fix the problem of SPAM. Of course its an impractical camp to sit in at the moment, but things are moving along slowly.

I can't see that addressing the problem of SPAM on an international law basis is going to yield any results in the near and not so near future.

Just random opinions on my part...

Re:What is the best way to stop this?

[zangdesign]

The other method is to go after the advertisers who hire the spammers in the first place. Spammers are bottom-feeders, for sure, but if you cut off their customers, then you cut off their income.

Re:What is the best way to stop this?

[pe1chl]

The best way is to make sure this way of advertisement of your services is illegal in the USA, and actively go after those that still do it.

90% or more of all SPAM advertises a product or service in the USA. While it may be difficult to track the spammer, it should be simple for law enforcement agencies to track down the actual advertiser.
I cannot imagine one would not be able to find the guy who offers you a low-interest mortgage, for example. Make him go out of business. Then his competitors will no longer spam.
Same for the sale of unlicensed health products.

Re:What is the best way to stop this?

[lars_boegild_thomsen]

Aren't you missing one important fact here? That most of the spam are promoting american products? This is a big like fighting drugs by throwing the addicts to jail and hitting small time street pushers. The only way to deal with this is to his the ones that profit big time - which are the ones trying to sell their products using these questionable means.

Fact is if I look at my inbox - something like 95 % of all Spam promote questionable american products, 2-3 % is in russian so I don't even know what it promotes - and I have yet to see ONE spam mail that actually try to sell a Chinese product.

Re:What is the best way to stop this?

[dilvish_the_damned]

Even if you never publish your address, people you send to may do so inadvertantly by way of forwarding. Also, we have seen an agressive amount of username probing at our mail server, people cultivating valid email addresses dictionary style. If your email name prefix is common enough, then its not too suprising you get spam.

As a solution at my workplace, we deployed dspam at the mail server about 7 weeks ago. At first I was discouraged at the results so much that I thought I had made a worthless call. Gradually I saw improvment and now it is running at about %99.7 accuracy. I get something over 200 spam a day into my account. I now see about one spam in my in box every three or four days, the rest go into my spam folder. Our other users found the system to be far better than I did, faster learning even. One user reported near pefection in about a week, he gets 10 spam a day. Except for one user (but there is one in every croud), it has nearly fixed the spam problem at our orginization.
I expect this to be a more realistic and permanent solution far beyond what legislation will ever do to inhibit spam from using my time.
I mean, other than right now.

Re:What is the best way to stop this?

[RT+Alec]

1. ISPs (and any other business that gives a workstation a "real" IP address) need to block egress port 25. Comcast is going to be doing this soon, others should soon follow suit. This plugs the zombies.
2. IP addresses that continue to send spam will be blacklisted. With the zombies effectively out of the loop this will become easier (albeit never quite perfect).
3. SPF and other authentication schemes need to be adopted to prevent "spoofing" and so called "Joe jobs".
4. E-mail providers (including small companies) need to deploy mature e-mail systems for their users. In 1995 it was fine to accept e-mail from anyone on port 25, with no authentication and no encryption. In 2004, remote clients need to have an SSL connection available (both for sending mail and accessing inboxes), and must require authentication before accepting initial mail submission (SMTP+TLS+AUTH). Not only is this more secure, but it also addresses the issues always raised by blocking egress port 25 and deploying SPF.

Once these techniques and practices be come commonplace, it won't matter if spam originates from lawless areas of the world. Existing laws against fraud (and other illegal business practices) will cover the extreme efforts that will be necessary to continue spamming.

Appendix:
SMTP+TLS+AUTH is not that tough, no whining. All modern mail clients support it, on all platforms. There is a little bit of work to do on the server end, but that's what you pay your ISP (or IT department) for:

• postfix
• sendmail
• exchange
• qmail

Re:What is the best way to stop this?

[dfeist]

"ISPs (and any other business that gives a workstation a "real" IP address) need to block egress port 25. Comcast is going to be doing this soon, others should soon follow suit. This plugs the zombies."

I hate it when people like you try to split the internet in to parts, "clients" and "servers". The great thing is that everyone can be both client and server! Let's not change this!

Additionally, this measure achieves virtually nothing. Port numbers can be changed; and opening a connection to port 25 is still the normal way to send e-mail.

Re:What is the best way to stop this?

[1u3hr]

Most appear not to have read even the summary here, let alone the article. Let me draw your attention to: "organised cirminal gangs in Russia are supplying U.S.- based spammers with details of compromised PCs"> Aside from the atrocious spelling, note that the spam relays are "compromised PCs", probably mostly in the US. So geographical blocks aren't going to stop them. One part of the problem that could and should be fixed is to prevent the "compromises". I suppose these are email "click me and see a movie star's tits" trojans, or maybe more devious direct probes into Windows. In both cases there are simple solutions. Though we'd like to say "DON'T USE WINDOWS YOU MORONS", it will take a while for that to come to pass. But otherwise, a basic firewall and anti-virus, both available free, will prevent almost all these attacks, regardless of patching the OS, and thus reduce the number of zombies.

Re:What is the best way to stop this?

[TiggsPanther]

The best way is to make sure this way of advertisement of your services is illegal in the USA, and actively go after those that still do it.

This idea seems so obvious, and so potentially effective. So why won't the governments (or whoever else has the authority to do so) do this?

What I'm guessing contributes to it is two simple facts.

1. Companies pay taxes.
2. Knowing where to draw the line between what is Spam and what is legitimate advertising.

The first I'm guessing in itself is only a very small factor. But when a billion-selling company pays its taxes, then you want to be very sure they're not legit before pulling the plug or slapping them with hefty fines.

The main problem is the second. A great deal of mail is easily flagged as Spam. A great deal of mail (including some advertising) is definitely legit. The difficulty is that there is also mail all across the scale.
Too relaxed and you don't block enough Spam, people still complain, and there's enough leeway for the Spammers to adjust tactics to stay in the "grey areas".
Too restrictive and you run the risk of arresting/fining/whatever people who were sending mail that in that case was totally legit. And in the current knee-jerk sue-em mentality, that could be a bad move to make.

You could make it illegal to advertise certain product types over the internet, but again this could easily meet corporate resistance.

Now banning advertising would be cool. But that's only in my personal opinion, and highly unlikely to ever happen. Besides, even I understand that sometimes advertising revenue is important - even though I perosnally hate seeing adverts anywhere I go.

I guess that the Follow the Money idea is one that although would be the msot effective, is also the one with the biggest legal minefield.

Tiggs

Re:What is the best way to stop this?

[squiggleslash]

Blocking outbound port 25 also undermines SPF. SPF advocates argue that roaming will still be possible if ISPs allow non-local connections to their SMTP servers with one of the new SMTP authentication schemes used to verify that the connection is valid instead of simple IP addressing. However, if outgoing port 25 isn't accessable, contacting the SMTP server you're supposed to use to send email under the profile you want to use simply will not be possible.

Not that this means I necessarily think SPF is a great idea either, but...

Re:What is the best way to stop this?

[fdiskne1]

The other method is to go after the advertisers who hire the spammers in the first place. Spammers are bottom-feeders, for sure, but if you cut off their customers, then you cut off their income.

I'm doing this with one spammer's customer right now. Since they are a legitimate company in my town, I have collected evidence that the spammers they do business with are using dictionary attacks, web page harvesting, and zombies. I've explained to them that all this is illegal and if any of my 20 email domains receives another spam from their business, all the evidence is going to the FTC for prosecution via CAN-SPAM. The law is far from perfect, but at least legit companies can be punished for breaking it. They are listening and reconsidering unsolicited commercial bulk email as an advertising route.

I know, many people would say fsck it and just turn them in. I figure I'd be nice first. I've explained the consequences and I've convinced them I will follow through. If others out there live in the same city (not necessary, but it IS easier) as a legit business that is spamming, be professional and courteous, but make them wish they never spammed you.

70% from US?

[westendgirl]

If 70% 70 percent of spam is sent from China by American spam outfits, wouldn't that make the US the biggest spammer?

Re:70% from US?

[WIAKywbfatw]

No, the solution isn't just in Russia and/or China, it's in the US too. Cut off the demand (by, say, making the use of unsolicited spam by businesses illegal) and you've solved the problem.

Saying that the solution to spam is only in Russia and/or China is like saying that the solution to the war on drugs (as stupid as that is) is only in Colombia, etc.

Re:70% from US?

[MoonBuggy]

How do you track which business authorised the spamming then? For example, what if Ford wanted to up it's web presence in order to sell more of it's new car aimed at geeks - it pays an advertising firm who take out banners for this car on Slashdot and setup a mailing list on the Ford website. The advertising firm outsources list management for all clients to India, the Indian outsourcing center then mails every address they have with Ford Geekmobile information rather than just sending it to the people on the Ford-optin list.

Who gets the fine there? If you say Ford since they're the ones who benefit, what's to stop them spamming adverts for other car companies and getting them fined? The ad agency didn't actually spam anybody, so they don't deserve any fine. The Indians aren't bound by US law so they don't have to pay.

Why does this remind me of illegal drugs?

[Infonaut]

It's the damned Columbians making all that cocaine! The friggin' Afghans are selling opium again!

Evil Russian spammers! Chinese spammers want to take down America!

And yet, in both cases there is plenty of demand from within the States. If it ain't rich kids experimenting, it's poor kids escaping with drugs from South America or Asia. If it's not a "bulk emailer" in California, it's a "clever marketer" in Florida sending millions of unsolicited email via servers in Russia or China.

its great...

[drfrog]

to see them embrace captialism so readily

we should be proud!

Well, technically

[dedazo]

The US is the largest spammer in the world. Russia and China would be the largest spam relays.

That title is wrong.

so lets see...

[ForestGrump]

Russia for mafia controlled zombies
China for high quality spam warez
Africa for business relations about that recently deceased relative.

GOT IT!
-Grump

Bullshit

[autopr0n]

Headline should read, US Spammers using services of Chinese ISPs, Russian mob. The Spam originates here, and ends up here. The vast majority of Spam is in English, and targeting an American audience.

Re:Bullshit

[RollingThunder]

More correctly, the vast majority of spam you recieve in the US is in English, and targeting an American audience.

At my last job, I adminned machines in Seoul. 95% or more of the spam was pure Korean, targeting Koreans.

The spammers know their audiences, and target accordingly. The other-language spam you get is errors.

Start Bombing

[rstidman]

President Bush just outlawed China forever. We start bombing in five minutes.

Steve Linford's corrections

[alanw]

in this posting to news.admin.net-abuse.email, Steve makes a couple of corrections to the article:

> Linford also told the conference that some 70 percent of spam is sent
> from China by American spam outfits who are hosting their servers with
> Chinese ISPs.

That should say: "70% of spam advertises URLs hosted in China" (not "is
sent from").

...

> Unless things change drastically, we predict that 80 percent of
> email will be spam by December this year, and it's very likely to go
> to 90 percent by this summer," Linford warned.

That should of course say "next summer".

Surprise, surprise...

[ImpTech]

Seems like every day we have a story about such-and-such is the biggest cause of spam. In fact, I bet we've accounted for at least 400% of spam with all these stories combined.

If these trends continue, I'm afraid that one day soon I'll check slashdot and find out that 97% of all spam is coming from my IP.

That old bone song..

[TidyKiller]

It's interesting how the Russian Mafia is helping American Marketers take advantage of Chinese Equipment. My question is: How involved are the actual Chinese people? Are they all victims of circumstance, or are they helping in some way?

Re:Hmm

Dear Sir,

It is common known that Russia and China are the source for White and Chinese mail-order brides. However their population has not the African type to satisfy your cravings. Therefore I and my colleagues who have the contact you for V aig r a already have prepared a business venture in which you can test your new supply. For only a small investment we will connect you to the premium provider of African mail-order operating out of our Locations in Congo, Liberia, and Somalia. Please reply post haste with your reply.

Sincerely yours,
DOCTOR M. BOKUZUWANDI

Wasn't it Windows PCs...?

[osobear]

There was just an article on how it was infected windows PCs.... and I remember everyone assuming that it was PCs here, so are we talking about Windows in China, now? How do you plan on education in that case?

Re:Solution?

[theguywhosaid]

or 1. people could just stop being assholes.
or 2. people could just stop reading it and buying the junk.

i would rather my first solution happens, because as a side effect there wouldnt be any more assholes. number two wont happen, because sometimes you just want to see if it really will make your junk bigger. your idea is GREAT, but... i dont really know what the new paradigm would be.

X% of Spam is caused by This

[SJrX]

You know in the past month I have seen that 80% of Spam is caused by infected PC's in Windows. That 80% of Spam comes from China. That 70% come from Russia and China. That the US accounts for 60% of Spam. That Eastern Europe Accounts for 60% of Spam. So from this I know that there is 80+80+70+60+60= 350% Spam. This also tells me that Russia accounts for Negative 10% of Spam. Don't believe me, take this The Reg Story, http://www.theregister.co.uk/2004/06/04/trojan_spa m_study/, This one, http://www.theregister.co.uk/2004/05/25/spam_delug e/ and thats just El Reg. The only conclusive thing I have been able to determine is that these stories are worse than spam, not only are they useless, but we actually read these stories.

New laws

[Claire-plus-plus]

The USA is quite obviously the source of the spam. It is up to the USA to legislate in some way to stop the flood of spam that is hurting people all over the world. The real question is: how do you stop the spam when it is being sent from countries like China where the USA has no power to arrest spammers?

Well I think I have a possible solution and it can be illustrated by a case study. In Australia we had an international Paedophilia problem, Paedophiles were travelling to countries like Thailand where sex with children was not illegal and thus were not getting arrested. The solution that was eventually found was new laws whereby anyone who broke Australia's anti-paedophile laws could be arrested no matter where the offence was enacted. Offenders were met at the airport by police and arrested for crimes in other countries and the problem of "paedophile sex tourism" was solved.

My Solution to spam is similar. The USA needs to pass laws allowing them to track down the companies and individuals that are using the Chinese spam services and arrest them. Make the law such that sending spam is illegal no matter which country it is sent from. The spammers might get so scared they will stop Spamming

Re:New laws

[humankind]

why moderate the above comment down? Makes no sense

With all due respect, it would make sense to you if you had sense.

We have a ton of spam laws already. Passing more laws doesn't change a damn thing. Almost all spammers are already breaking numerous laws, criminal felonies involving computer tampering are just the start. In fact, the USA Patriot act could even be employed to consider the activities of most spammers to be terrorism and thus subject spammers to capital punishment. What more do you need? The problem isn't more laws. The problem is.... say it with me.....

E N F O R C E M E N T

Our law enforcement branches are more interested in going after people downloading Metallica or Martha Stewart's stock dealings than they are enforcing the plethora of violations done by spammers. Passing more laws has not proved effective.

The Russian mafia

[drgonzo59]

That is the other (electronic) Russian Mafia. Unlike the dumb Italian teamstears who beat people with baseball bats, some of these guys are very skilled and intelligent. The counterparts of many American geeks in Russia couldn't find a well paying job, have plenty of time, and nowadays on the Internet, they have access to all the technical information they need on any subject. They will use the best asset they have, their brain, to make money or build recognition for themselves. And the way the laws are shady there they think they can get away with anything as long as its online. If spam will make a couple of hundred rubles - they'll get into spam, if they can extort money from banks by compromising their webservers, they will do that. How do I know all this? I grew up in those part and still visit friends and family once in a while...

Re:The Russian mafia

[21mhz]

The counterparts of many American geeks in Russia couldn't find a well paying job
Yeah, cry me a river. At least in major sities, this is not the case. The definition of "well paying" may vary, but we're talking about Russian standards here. It's more like the employers can't find adequate geeks to man the jobs.
In small shitholes, it can be tougher (what country has it the other way?). But nothing really prevents people from moving anymore.
The bottom line is: these people have deliberately chosen to be scumbags.

Re:The Russian mafia

[drgonzo59]

I will have to disagree with you. It is not always true that in even in the major cities you can find computer related jobs. Sure you can clean the street or even work as a waiter, but I was talking about computer jobs, anything hardware or software. There are some very good software firms in Russia and ex-Soviet republics but computers are still not as pervasive as they are in US or Western Europe. That is another reason why so many of them leave and I am one of them. And as far as nothing preventing people from moving, you forgot, we are talking about Eastern Europe here, you can't just pack your bags and move to America or Europe, you gotta go through a lot to get a visa and be allowed to come in those other countries.

Spamassassin 3.0 and URIBL_SBL

[alanw]

The soon-to-be-released Spamassassin 3.0 will have the URIBL_SBL test. This will test the IP address of domains referenced in the body of the spam against lists of known spammer hosts. This will reliably trap all of the 70% of spam that advertises web sites hosted in China.

http://www.spamhaus.org/sbl/howtouse.html
http://www.spamassassin.org/full/3.0.x/dist/rules/ 25_uribl.cf

Re:Conflicting stories

[twistedcubic]

So which is it, then?

It's both. They use non-Euclidean statistics.

NEXT!

[humankind]

The USA is quite obviously the source of the spam. It is up to the USA to legislate in some way to stop the flood of spam that is hurting people all over the world. The real question is: how do you stop the spam when it is being sent from countries like China where the USA has no power to arrest spammers?

Hey, what a brilliant idea. We currently have only a hundred or more anti-spam laws across the world, most in the US. Let's pass a few more. I am certain that when we pass the 500 anti-spam law mark, spammers will suddenly start to cower in their boots and realize that 500 anti-spam laws that aren't being enforced or have no legal/civil/criminal teeth are a formidible obstacle to overcome!

Re:NEXT!

[humankind]

do any of the current anti-spam laws allow prosecution even when the spam is sent from another country? Because that is what I think is needed. I assume that it is currently sent from china because you can get arrested for sending if from the USA, make sending spam from anywhere an arrestable offence.

The source of the spam is ultimately in the United States. Using a foreign network to route spam serves to make the spammers harder to track and catch, but not impossible. The truth is, most of the largest spammers are easily trackable and can likely be proven guilty of numerous laws, whether they use foreign servers or not. The problem is it's a very low priority for law enforcement authorities unless, for example, the spammers mailbomb The GAP or Macdonald's company headquarters... then there'd be hell to pay.

Another problem is District Attorneys in most states in the United States have no interest in prosecuting spammers. Either they are ignorant or apathetic, but numerous spammer criminal cases have been presented to authorities for prosecution only to have them turned down.

Oh no!

[YeeHaW_Jelte]

"According to Spamhaus director Steve Linford, the Russian gangs aren't constrained by any anti-spam or cybercrime laws in their home country and have no respect for legislation implemented in other countries."

Criminals with no respect for the law! This world is surely going to the dogs!

My new spam fighting techniques.

[ffsnjb]

I implemented some new spam fighting techniques last night. The most effective one from logs since implementation was making HELO checks mandatory in Postfix. If the sending client doesn't submit an EHLO response, Postfix rejects the client. Since this happens before message transmission, it seems that not nearly as much bandwidth is being used (haven't verified that yet.) I'm surprised this isn't on by default in Postfix, but it sure is funny to see all these hosts rejected. None of them even resolve, there's no way that it's legitimate mail. If it is, too damn bad.

Re:My new spam fighting techniques.

[Zocalo]

I'm not too sure what the original poster is doing from the description, but I reject some connections based on HELO/EHLO too, so I can tell you how what I do works. But firstly, since you say that you don't know the details of SMTP, let's clarify what HELO/EHLO do:

When host connects to an SMTP server in order to send it an email, it will receive a banner back which may include the string "ESMTP". If it does then the remote SMTP server supports an enhanced version of SMTP with additional features, "ESMTP". If the host also understands ESMTP, then it should respond with an "EHLO" command. If the host does not understand ESMTP, or the string is not present in the banner, then the host will respond with the "HELO" command defined in the original SMTP RFC to use the simpler set of SMTP commands.

In either case, "HELO" or "EHLO", the host should also tell the server its host name, viz:

EHLO host.company.com

Ideally, "host.company.com" will also have a valid reverse DNS record which will match the IP connecting to the SMTP server. However, the SMTP RFCs do not actually *require* that this is the case, nor for that matter that the hostname is provided at all. Frequently the hostname will be given, but will not be a valid fully qualified domain name on the Internet. So, depending on how draconian you want to be, there are a number of options for rejecting the connection before any data is sent:

• No hostname after HELO/EHLO
• Hostname given is just a host, not an FQDN
• Host domain name given does not appear to exist in DNS
• FQDN given does not have RDNS record
• FQDN given has RDNS record, but it does not match the IP connected

Using any or all of those will certainly reduce your spam intake, but may also cause legitimate email to be rejected, as usual YMMV as to how much. One thing to watch for if considering this though is that a *lot* of legitimate Windows boxes, including some operated by ISPs, seem to have been configured so that they provide their NetBIOS name when they HELO/EHLO, all but the first check listed above would refuse the conection from such a server.

Wrong headline

[1u3hr]

The headline is "Russia, China World's Biggest Spammers". The text says "organised cirminal gangs in Russia are supplying U.S.- based spammers with details...". The SPAMMERS ARE AMERICAN. The spam is mostly from Americans, to Americans. The solution is in America. Don't fuck up the whole world's Internet because you can't work out how to stop the 100 guys in Boca Raton who send most of the spam.

PS "cirminal": Jesus, Timothy, you're actually paid to edit this?

Re:Give users the power to block countries...

[1u3hr]

f I could tell my mail server to reject all but mail from my "usual" countries, I could avoid the Chinese mail bombs

Thanks. It's people like you that block my mail (I live in Hong Kong) and make me have to use devious inconvenient methods just to send a normal message.

Re:Give users the power to block countries...

[AtomicBomb]

As many around here have pointed out, the bulk (80%) of the spam are sent by compromised cable/DSL machines. In other words, even if you can find the IP the email is originated from, it offers no solution to you.

The "70%" figure mentioned earlir on refers to the percentage of url embedded in the spam (e.g. the store for the V1a4Ga) that uses an IP from China... If you manage to instruct your spam filter to read inside the email main body, you may have a solution.

On the other hand, I don't think it will be a long lasting solution.... If spammers can send spam thru compromised machine, they should be able to web host their site thru a compromised machine...

High Volume E-mail Deployers

[CHaN_316]

Did anyone see that awesome interview with Scott Richter (spammer overlord) on the Daily Show? It was so hilarious. He calls himself a high volume e-mail deployers that send useful services to people.

The best is when they posted Scott's e-mail address on national TV, which is: scottrichter442@yahoo.com

This site here has the video available of that Daily Show clip. Please try not to slashdot the site, maybe someone setup a mirror or something.

spam stats

[humankind]

Some analysis of my rejected mail logs over the last 24 hours revealed this:

Total rejected spam: 16235 (and 8178 accepted messages)
Confirmed Chinese spams: 1229
Confirmed Korean spam: 1414
Confirmed Canadian spam: 264
Confirmed Polish spam: 342
Confirmed US/comcast spam: 1363
Confirmed French spam: 181
Confirmed Southwest Bell spam: 382
Confirmed Italian spam: 114
Confirmed Spanish spam: 167 (TDE must have finally gotten their act together)
Confirmed German spam: 967
Confirmed Netherlands spam: 452
Confirmed Brazillian spam: 864

This is by no means a scientific analysis - it's based on hard-coded IP-based blacklists that are caught before standard blacklists are checked.

Spamcop RBL rejects: 5460
Spamhaus RBL rejects: 1509
Njabl RBL rejects: 1807
Homebrew RBL rejects: 6382

The big three spam sources have traditionally been Korea, China and Brazil. Comcast has been the big US spammer. France (wanadoo) has also been a major contributor though it doesn't seem to be reflected in this days' logs.

Re:Give users the power to block countries...

[arivanov]

They already do. If you try to trace the websites in "cheap oem software offers" you will notice that they are in fact compromised machines on DSL and cable spread around the globe. The last sample I followed was in US, UK, France, China and portugal and a name server doing load balancing in the US. Registered by a russian company. This about says it all...

There is a fundamental problem with email

[Daedius]

People want an open public form of communication, but are unwilling to accept email from people they don't want to hear. I think its interesting that people expect others (i.e. government) to go after these individuals in the hopes that it will put an end to all unwanted email (especially when the individuals are in other countries). If you sat down in the middle of times square, do you think its fair to expect people to stop yelling, the cars to stop honking, cellphones to stop beeping, or the people to stop shuffling past you? The truth is, you will always get unwanted email if you aren't going to actively manage what email gets to you. Do you ever get SPAM from IM? No. The reason why is because you have actually personally networked who you want to talk to and eliminated all others. I believe the future of email communication will be based around a networked process of individual/group permissions. Till that day, people are going to be lazy, unhappy, and wishing for something impossible -- that SPAM will end if they do nothing.

Reply to your business proposal.

[Dimensio]

Dear Dr. Bokuzuwandi,

Your prosal intrigues me, as I am always seeking to expand my business to new countries whenever possible. You must understand, however, that I cannot simply blindly enter into deals with people who I have never met. As such, I will require a sign of TRUST from you, in the form of photograph identification. Please understand that I will not be able to accept normal government ID cards or an international passport for this endeavour, as such things are easily forged. Instead,I shall give to you a password phrase, and you must have a photograph of yourself holding up a large and clear sign that displays this password phrase. Scan this photograph in and email it to me as an attachment. When I have received it, I will be 100% ready to trust you with your business proposal.

I do apologize, but until I receive this form of identification from you, I will not be able to provide you with any further information about myself.

The password phrase is "I LOVE ARSE FORKING"

Yours Very Truly,
Pastor Phil McCracken

(Hey, it worked before!)

Now if only I could find a way to similarly humiliate the spammers who advertise pirated software or penis pills...

Oh get off it

[Sycraft-fu]

This is simply presenting more of the story. SPAM is an international enterprise. Most of the instigators are here in the US, as are most of the compramised computers. However it sounds like from this and other articles is that much of the hacking work is being done by criminal syndicates (huge shock there) and that most of the websites the spammers are setting up are in China.

This does NOT mean that the domestic spammers are being ignored. One has already been convicted, Microsoft and Time Warner are suing a bunch more, and the justice department says it is prepping 50 criminal cases under teh new SPAM law. This was all announced on /., if you bothered to read it.

Quit with the anti-American bullshit. Yep, the problem is here. We know, we finally have a law for it, though not as strong as we'd like, and the wheels are in motion. Doesn't mean that the US is solely responsible. I do not at all think it is unreasonable that Chinese hosts should show the same standards demanded of US hosts in not hosting SPAM sites.

Shitty Russian mob

Dmitri: So Vladimir, whatever area do you specialize in these days?
Vladimir: Smuggling, my friend. Vodka, narcotics, humans... If it can be smuggled, chances are I smuggled it some time...
Dmitri: Sounds good, how about you, Ivan?
Ivan: Weapons trade, of course. Got a few good high-up friends in the Red Army that are willing to relinquish some surplus material to me at a good price, which I sell in Africa and the Middle East.
Dmitri: Good to hear you two are making a nice profit.
Vladimir: How about yourself?
Dmitri: I rent out hundreds of cracked computers to US based companies.
Ivan: ...
Vladimir: Dmitri, you suck.

A simple Question...

[Lord_Pain]

Why are we not punishing the fools who hire these spamming bastages to promote their business?

After all if the source of the spammers income dwindles then they wither. Perhaps I'm being overly simplistic.

I completely disagree

[Ummagumma]

I just installed an anti-spam appliance yesterday. So far, over 80% of the Spam that is blocked has come from DSL and Cable lines, presumably from compromised machines.

ISPs are a major part of the problem

[Skapare]

ISPs are a major part of the problem. They either know, or can know, that they have spammers and other criminals on board. Yet many do nothing about this because they would rather have the money spammers pay them. We need to stop peering with bad ISPs in every way we can.

Those who whine about their mail not getting through because they are using one of these bad ISPs are also part of the problem. They need to stop encouraging their ISP to continue, and force the ISP to decide between good and evil. If there's another ISP, switch. If there's only one and it's because the government gives them a monopoly, then the government is the problem and they need to fix that. If there's only one and it's not a monopoly, then they need to start their own ISP (and not allow spammers, lest they also be cast into the deep pink cyber oblivion).