Slashdot Mirror
Russia, China World's Biggest Spammers
An anonymous reader writes "According to this ZDNet article, The Spamhaus Project has warned that organised cirminal gangs in Russia are supplying U.S.-based spammers with details of compromised PCs that can be manipulated to send junk mail. According to Spamhaus director Steve Linford, the Russian gangs aren't constrained by any anti-spam or cybercrime laws in their home country and have no respect for legislation implemented in other countries. Also, apparently 70 percent of spam is sent from China by American spam outfits who in turn have hosting arrangements with Chinese ISPs."
User end filters are a necessity these days, and even then, I still spend at least 15 min each day dealing with the spam. My personal box - No One else knows the address, it is for my own internal network purposes, is chock full of the stuff.
What do other slashdot'ers do? What can we hope to see in the near future?
Physics is nothing like religion. If it was, we'd have an easier time trying to raise money!
If 70% 70 percent of spam is sent from China by American spam outfits, wouldn't that make the US the biggest spammer?
-- SYS 64738 --
Evil Russian spammers! Chinese spammers want to take down America!
And yet, in both cases there is plenty of demand from within the States. If it ain't rich kids experimenting, it's poor kids escaping with drugs from South America or Asia. If it's not a "bulk emailer" in California, it's a "clever marketer" in Florida sending millions of unsolicited email via servers in Russia or China.
Read the EFF's Fair Use FAQ
to see them embrace captialism so readily
we should be proud!
back in the day we didnt have no old school
That title is wrong.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Russia for mafia controlled zombies
China for high quality spam warez
Africa for business relations about that recently deceased relative.
GOT IT!
-Grump
Is it true that more people vote for the winner of American Idol, than vote for the president? -Ali G.
Headline should read, US Spammers using services of Chinese ISPs, Russian mob. The Spam originates here, and ends up here. The vast majority of Spam is in English, and targeting an American audience.
autopr0n is like, down and stuff.
President Bush just outlawed China forever. We start bombing in five minutes.
Seems like every day we have a story about such-and-such is the biggest cause of spam. In fact, I bet we've accounted for at least 400% of spam with all these stories combined.
If these trends continue, I'm afraid that one day soon I'll check slashdot and find out that 97% of all spam is coming from my IP.
Dear Sir,
It is common known that Russia and China are the source for White and Chinese mail-order brides. However their population has not the African type to satisfy your cravings. Therefore I and my colleagues who have the contact you for V aig r a already have prepared a business venture in which you can test your new supply. For only a small investment we will connect you to the premium provider of African mail-order operating out of our Locations in Congo, Liberia, and Somalia. Please reply post haste with your reply.
Sincerely yours,
DOCTOR M. BOKUZUWANDI
or 1. people could just stop being assholes.
or 2. people could just stop reading it and buying the junk.
i would rather my first solution happens, because as a side effect there wouldnt be any more assholes. number two wont happen, because sometimes you just want to see if it really will make your junk bigger. your idea is GREAT, but... i dont really know what the new paradigm would be.
That is the other (electronic) Russian Mafia. Unlike the dumb Italian teamstears who beat people with baseball bats, some of these guys are very skilled and intelligent. The counterparts of many American geeks in Russia couldn't find a well paying job, have plenty of time, and nowadays on the Internet, they have access to all the technical information they need on any subject. They will use the best asset they have, their brain, to make money or build recognition for themselves. And the way the laws are shady there they think they can get away with anything as long as its online. If spam will make a couple of hundred rubles - they'll get into spam, if they can extort money from banks by compromising their webservers, they will do that. How do I know all this? I grew up in those part and still visit friends and family once in a while...
http://www.spamhaus.org/sbl/howtouse.html/ 25_uribl.cf
http://www.spamassassin.org/full/3.0.x/dist/rules
So which is it, then?
It's both. They use non-Euclidean statistics.
The USA is quite obviously the source of the spam. It is up to the USA to legislate in some way to stop the flood of spam that is hurting people all over the world. The real question is: how do you stop the spam when it is being sent from countries like China where the USA has no power to arrest spammers?
Hey, what a brilliant idea. We currently have only a hundred or more anti-spam laws across the world, most in the US. Let's pass a few more. I am certain that when we pass the 500 anti-spam law mark, spammers will suddenly start to cower in their boots and realize that 500 anti-spam laws that aren't being enforced or have no legal/civil/criminal teeth are a formidible obstacle to overcome!
why moderate the above comment down? Makes no sense
With all due respect, it would make sense to you if you had sense.
We have a ton of spam laws already. Passing more laws doesn't change a damn thing. Almost all spammers are already breaking numerous laws, criminal felonies involving computer tampering are just the start. In fact, the USA Patriot act could even be employed to consider the activities of most spammers to be terrorism and thus subject spammers to capital punishment. What more do you need? The problem isn't more laws. The problem is.... say it with me.....
E N F O R C E M E N T
Our law enforcement branches are more interested in going after people downloading Metallica or Martha Stewart's stock dealings than they are enforcing the plethora of violations done by spammers. Passing more laws has not proved effective.
"According to Spamhaus director Steve Linford, the Russian gangs aren't constrained by any anti-spam or cybercrime laws in their home country and have no respect for legislation implemented in other countries."
Criminals with no respect for the law! This world is surely going to the dogs!
---
"The chances of a demonic possession spreading are remote -- relax."
PS "cirminal": Jesus, Timothy, you're actually paid to edit this?
Thanks. It's people like you that block my mail (I live in Hong Kong) and make me have to use devious inconvenient methods just to send a normal message.
As many around here have pointed out, the bulk (80%) of the spam are sent by compromised cable/DSL machines. In other words, even if you can find the IP the email is originated from, it offers no solution to you.
The "70%" figure mentioned earlir on refers to the percentage of url embedded in the spam (e.g. the store for the V1a4Ga) that uses an IP from China... If you manage to instruct your spam filter to read inside the email main body, you may have a solution.
On the other hand, I don't think it will be a long lasting solution.... If spammers can send spam thru compromised machine, they should be able to web host their site thru a compromised machine...
Some analysis of my rejected mail logs over the last 24 hours revealed this:
Total rejected spam: 16235 (and 8178 accepted messages)
Confirmed Chinese spams: 1229
Confirmed Korean spam: 1414
Confirmed Canadian spam: 264
Confirmed Polish spam: 342
Confirmed US/comcast spam: 1363
Confirmed French spam: 181
Confirmed Southwest Bell spam: 382
Confirmed Italian spam: 114
Confirmed Spanish spam: 167 (TDE must have finally gotten their act together)
Confirmed German spam: 967
Confirmed Netherlands spam: 452
Confirmed Brazillian spam: 864
This is by no means a scientific analysis - it's based on hard-coded IP-based blacklists that are caught before standard blacklists are checked.
Spamcop RBL rejects: 5460
Spamhaus RBL rejects: 1509
Njabl RBL rejects: 1807
Homebrew RBL rejects: 6382
The big three spam sources have traditionally been Korea, China and Brazil. Comcast has been the big US spammer. France (wanadoo) has also been a major contributor though it doesn't seem to be reflected in this days' logs.
They already do. If you try to trace the websites in "cheap oem software offers" you will notice that they are in fact compromised machines on DSL and cable spread around the globe. The last sample I followed was in US, UK, France, China and portugal and a name server doing load balancing in the US. Registered by a russian company. This about says it all...
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
People want an open public form of communication, but are unwilling to accept email from people they don't want to hear. I think its interesting that people expect others (i.e. government) to go after these individuals in the hopes that it will put an end to all unwanted email (especially when the individuals are in other countries). If you sat down in the middle of times square, do you think its fair to expect people to stop yelling, the cars to stop honking, cellphones to stop beeping, or the people to stop shuffling past you? The truth is, you will always get unwanted email if you aren't going to actively manage what email gets to you. Do you ever get SPAM from IM? No. The reason why is because you have actually personally networked who you want to talk to and eliminated all others. I believe the future of email communication will be based around a networked process of individual/group permissions. Till that day, people are going to be lazy, unhappy, and wishing for something impossible -- that SPAM will end if they do nothing.
When host connects to an SMTP server in order to send it an email, it will receive a banner back which may include the string "ESMTP". If it does then the remote SMTP server supports an enhanced version of SMTP with additional features, "ESMTP". If the host also understands ESMTP, then it should respond with an "EHLO" command. If the host does not understand ESMTP, or the string is not present in the banner, then the host will respond with the "HELO" command defined in the original SMTP RFC to use the simpler set of SMTP commands.
In either case, "HELO" or "EHLO", the host should also tell the server its host name, viz:
Ideally, "host.company.com" will also have a valid reverse DNS record which will match the IP connecting to the SMTP server. However, the SMTP RFCs do not actually *require* that this is the case, nor for that matter that the hostname is provided at all. Frequently the hostname will be given, but will not be a valid fully qualified domain name on the Internet. So, depending on how draconian you want to be, there are a number of options for rejecting the connection before any data is sent:- No hostname after HELO/EHLO
- Hostname given is just a host, not an FQDN
- Host domain name given does not appear to exist in DNS
- FQDN given does not have RDNS record
- FQDN given has RDNS record, but it does not match the IP connected
Using any or all of those will certainly reduce your spam intake, but may also cause legitimate email to be rejected, as usual YMMV as to how much. One thing to watch for if considering this though is that a *lot* of legitimate Windows boxes, including some operated by ISPs, seem to have been configured so that they provide their NetBIOS name when they HELO/EHLO, all but the first check listed above would refuse the conection from such a server.UNIX? They're not even circumcised! Savages!
Dmitri: So Vladimir, whatever area do you specialize in these days? ...
Vladimir: Smuggling, my friend. Vodka, narcotics, humans... If it can be smuggled, chances are I smuggled it some time...
Dmitri: Sounds good, how about you, Ivan?
Ivan: Weapons trade, of course. Got a few good high-up friends in the Red Army that are willing to relinquish some surplus material to me at a good price, which I sell in Africa and the Middle East.
Dmitri: Good to hear you two are making a nice profit.
Vladimir: How about yourself?
Dmitri: I rent out hundreds of cracked computers to US based companies.
Ivan:
Vladimir: Dmitri, you suck.
Why are we not punishing the fools who hire these spamming bastages to promote their business?
After all if the source of the spammers income dwindles then they wither. Perhaps I'm being overly simplistic.
-- What's this '-r *' file doing here? -- Oh well, a simple 'rm' should do the trick.