China and its Relation With Spam

smooth wombat writes "Asia Times has a nice article about why China is becoming the spam capital of the world. Steve Linford, of Spamhaus fame, is quoted several times in the article and offers some insight into how the Chinese ISPs operate. Steves quote at the end of the article pretty much sums up why China isn't doing anything to curb the hosting of spam website servers in the country: "They simply don't want to know - China Telecom doesn't care because they're government-owned and there is no pressure coming from the government. Meanwhile, our statistics on spam volumes and the number of spammers setting up in China are going up and up and up.""

It's a good thing I don't know anyone in China

Since I'd never be able to get their email with their netblocks firewalled off on port 25.

Re:It's a good thing I don't know anyone in China

has anyone thought that the Chinese govornment might be trying to spam their way into isolation? Allow spam senders to accumulate until the entire country gets cut off from most of the world because people are blocking it, everybody wins ;(

Re:It's a good thing I don't know anyone in China

[jameszhou2000]

Yeah, right, blame China. Chinese government is already terrible, why not say it also supports porn sites and sells sexual drugs online?

Re:It's a good thing I don't know anyone in China

[edinjapan]

But that's just it! The PRC Gov't is fixated on MONEY{(3)3}. They have been ever since Deng's counter-revolution and great pickthepocket of the western powers caper. Spam, porn and other ayashii (Japanese for dubious) websites are proliferating because that's where the money is.

Why is this still an issue?

[Digital+Dharma]

I simply ban China and most other Asian countries at my router.

Re:Why is this still an issue?

[r_cerq]

Yes, well, some of us do deal with Chinese, Taiwanese, Japanese, and other Asian companies.

In case you haven't noticed, most of our high-tech toys have at least a few taiwanese or chinese components in there; Most "modded" PC cases nowadays come from China; Many American and European manufacturers sub-contract asian assembly-lines.

And, obviously, they use e-mail to communicate with us Westerners.

Re:Why is this still an issue?

[glesga_kiss]

I simply ban China and most other Asian countries at my router.

--

Ignorance is not bliss, it's annoying.

So, what's up with your sig then? Change your mind?

Honestly, I can't believe people even consider this approach. There are over 200 countries in the world, and I only know folk about 15-20 of them. Should I block the rest? Might suit for a home network, but I can't think of a multinational company that would block one of the largest population masses in the world.

Besides, most span I get is from the US, in English, selling US products, in US currency, to US people. I'd say the problem was at your end.

Re:Why is this still an issue?

[Todesmetall]

AFAICS this won't help to reduce the amount of spam you receive, since most of it comes from trojaned PCs with a broadband connection, these seem to be located mainly in the US, Europe and Latin America.

Your block will only prevent you from visiting the spammers' websites hosted by Chinese ISPs.

Re:Why is this still an issue?

[mcleodnine]

While that will prevent SPAM that originates in China, you may want to re-think your strategy.

According to this report, most of the spam comes from North America, with thanks to Zombie PCs.

Re:Why is this still an issue?

[tacocat]

And obviously you can whitelist those specific IP Addresses for those specific mail servers that you need to do business with.

If they have a problem with it, tell them to call their local sheriff, not you.

Re:Why is this still an issue?

[dcigary]

While this is certainly a great way of handling the issue, it really doesn't help the other 98% of the world that simply gets their email through their ISP and have no control of the firewall.

Plus, I'm sure that there would be some type of 'Free Speech' issue brought up if a ISP did indeed block email from an entire country, calls claiming censorship, and certainly a mention on Slashdot as well.

Isn't this a wonderful circular problem, children?

Re:Why is this still an issue?

[arivanov]

Well... Steve Linford blocked it once. So guess what they did - they closed down on spammers and opened up business for SPAMvertized websites. It is the Chinese approach when dealing with authority (and especially westerners). Smile, say yes and screw you the next second.

Re:Why is this still an issue?

[flynn_nrg]

I take you don't contribute to any large open source project then. For example, FreeBSD has several committers from Taiwan, China and other asian countries. It has developers from all over the world. By banning netblocks you're reducing the chance of ever getting in contact with people from those countries. Why?

Just today I've tried to answer a question on the freebsd-questions mailing list and the recipient's SMTP server has rejected my message because they use a stupid non-working dnsbl system that thinks my IP is dynamic.

I find it funny that this article talks about China, 90+% of the spam I get comes from residential DSL and Cable computers from... yes, USA. It's compromised Windows boxes that do the job these days, and there are thousands of them everywhere, not just in China and Korea.

Re:Why is this still an issue?

[Meostro]

Might suit for a home network, but I can't think of a multinational company that would block one of the largest population masses in the world.

How many multinational companies are there in the world versus the number of small businesses or national companies? I'd guess the number was quite small. If I sell left-handed widgets to the greater Topeka, KS area, why on earth would I ever want people from China, Brazil, or even Canada to send me e-mail?

Personally, I know people in exactly four countries, and I wouldn't lose any sleep over a default-deny rule for any ISP outside of those, primary domain contacts excepted (webmaster@, abuse@, etc.).

Also, if you R'dTFA, you would see that these are people from the US setting up business in China, because the US has started to crack down on spammers. China should do the same.

Re:Why is this still an issue?

Problem: spam from China.
Problem: spammer websites in China.
Problem: Chinese ISPs don't care, because they're owned by the government and the government doesn't care.
Fact: The Chinese government does monitor email, especially email with certain subversive keywords.

So, how can we make the ISPs and/or the government care? How about, included free with every spam complaint you send to a Chinese ISP, you thank them for their help in distributing Falun Gong literature, or delivering crates of goods to their contact in the Free Tibet movement, or mention that for their application, Semtex is preferable to TNT, or just include a block of encrypted text. It'll make the ISPs rightfully nervous about receiving such mail, and, when the secret police notice, it gives them something to do. The secret police may not care about spam, but they do care about subversion, or delivery of secret goods for subversives, or people who are sending encrypted messages. Make some of the encrypted messages easy to crack, and make some of them straight random numbers, those will be really hard to crack.

A year or so ago, a Chinese ISP was raided by police and their equipment seized, for just such causes. The police did figure out that it was bogus, and gave the equipment back, but I bet that particular ISP doesn't want anything to do with spammers anymore.

Benefit: Wastes the time of the secret police, a good in and of itself.
Benefit: Raises the noise level for monitoring email for subversive words.
Benefit: Makes ISPs paranoid about the sort of mail theyll be getting if they host spammers.
Benefit: If a spam-friendly ISP goes down in the process, are not the blessings truly multiplied?

Re:Why is this still an issue?

[razmaspaz]

Ignorance is not bliss, it's annoying.

So, what's up with your sig then? Change your mind?

I don't think this ignorant at all. It is capitalism and the "Invisible Hand" at its best. I do not want to lump slashdot into a single minded entity, but I am amazed at the GENERAL feeling on Slashdot that Evil Corporations who choose to be bad citizens and pollute and act unethically should be boycotted and should not recieve patronage, but when someone proposes doing the same to a government which is being a bad Internet citizen, they are attacked. If China chooses to Abuse the Internet it will face consequences and will suffer from market forces blocking its access to information and commerce. Only righting this injustice will restore their rights in the Internet domain. Further proof taht the Internet will regulate itself. We should be so lucky!

Re:Why is this still an issue?

[Digital+Dharma]

I do admin a mail server, and in my current situation I have no need to have any packets routed from any country but America and Germany. Granted, this approach works great for me (I tend to disagree with other poster's remarks about most spam coming from American Windows boxes. My 200+ a day spam habit stopped by adding deny rules for Asia and Russia), but is probably not the best course of action for most folks. In retrospect, I probably should have gone more into depth with that, but hey, live and learn.

Re:Why is this still an issue?

[dasMeanYogurt]

I worked as admin of a mid-sized ISP in Texas when I did this.

Out of frustration one day, I blackholed all APNIC addresses(all of Asia's IPs) and the reduction in SPAM that resulted, was amazing. The filters and RBL's caught everything else and my users enjoyed very little to no spam for a while. That is til some jerk needed to email Hong Kong....the ban was lifted and the spam started flowing in.

I'm not one for censoring whole regions, but this does work. If I knew no-one needed email correspondance with Asia at my current job, I'd blackhole them again.

Re:Why is this still an issue?

[amuro98]

While most spam comes through (not from - there's a difference) zombies located on major US broadband networks, almost ALL of this spam also points to websites that are located in...China. Due to China's spam-friendly behavior, they're now the premiere source for so-called "bulletproof" hosting.

Personally, China, Taiwan and Korea all contribute to over 50% of my spam load. Getting rid of these 3 countries, would have a *huge* direct and indirect impact on the spam industry.

Re:Why is this still an issue?

[ikkonoishi]

Because the government is Good and Right and Just.
While corporations are Double-Plus Ungood.

Re:Why is this still an issue?

[PoolDoc]

"Honestly, I can't believe people even consider this approach."

I assume that your statement is hyperbolic, and that you don't *actually* have a difficulty believing that people consider this approach, when so many report here that they've actually adopted it? I'll assume that what you are indicating is moderately polite disapproval.

Some people's attitude toward the Internet is religious; typically they have some sort of utopian anarchist belief-committment, that they worship to the point of irrationality. It's not that they are dumb; some are brilliant, like Richard Stallman. To these sort of folk, anything that blocks ANYTHING on the Internet -- spam, kiddie porn, what -- is an immorality, and thus a heinous offense.

Other people have a political view of the Internet -- it's for the people who they imagine they are politically and culturally compatible with, or at least people they feel sympathy towards. Thus, they are offended if you block China or Nigeria, but would probably help you block the "red states".

Then, there people who simply see the Internet as a new and powerful tool, but one that is being badly damaged by spammers and hackers. These folks often apply a cost-benefit approach (formally, or informally) to security steps, including spam blocking. In the US, many of these folks have found that the benefits of receiving email from, or allowing web traffic to, China are minimal and thus they drop the routes. Likewise, many have found blocking email from dynamic IPs (US and European cable and DSL ips) has little cost and great benefits, so they do that, too. But, in the US, such folks can't afford to block south Florida (arguably, spam headquarters of the world!) because they do have a lot of legitimate traffic to/from those areas.

I would assume, however, that Chinese network managers of this stripe WOULD block as much of south Florida as they could. And I, for one, wouldn't assume that their doing so with in any way racists, zenophobic, or even political. In fact, I wish that China would block access from the entire state of Florida, thus cutting off the spammer's access to their websites!

However, there's no way to reconcile the various approaches to blocking (or not blocking) spam, without considering underlying attitudes toward the Internet. In particular, it's a waste of electrons for someone with a utilitarian view to discuss spam management with someone holding a religious view!

PoolDoc

Re:Why is this still an issue?

[glesga_kiss]

In the US, many of these folks have found that the benefits of receiving email from, or allowing web traffic to, China are minimal and thus they drop the routes.

Hmm. Makes me wonder how many sites "blocked" at The Great Firewall Of China are actually blocked at the source? After all, it's far easier on the network hardware to drop the subnet at the firewall than to do it on the mail server.

Re:Why is this still an issue?

[glesga_kiss]

How many multinational companies are there in the world versus the number of small businesses or national companies? I'd guess the number was quite small. If I sell left-handed widgets to the greater Topeka, KS area, why on earth would I ever want people from China, Brazil, or even Canada to send me e-mail?

Excuse me? If you sell on the internet, you'd be missing out not to sell globally. It's no extra effort, just sign up with an international freight company like Fed Ex, then charge accordingly. It's not often you come across a site that's not willing to ship pretty much anywhere.

Re:Why is this still an issue?

[1u3hr]

Evil Corporations who choose to be bad citizens and pollute and act unethically should be boycotted and should not recieve patronage, but when someone proposes doing the same to a government which is being a bad Internet citizen, they are attacked.

But you're NOT doing it to the Chinese government, but to ordinary people like me, who live in Hong Kong, thousands of miles away from the ISPs in Beijing and Henan, to which I have no relation or control. Go picket the Chinese embassy if you want them to pay attention. Kicking me around does nothing to stop spam. Go to FLorida and stop the cunts who actually origiante the spam (95% of the pam I get is from America).

Re:Why is this still an issue?

[1u3hr]

I simply ban China and most other Asian countries at my router.

If you'd read the FA, it was explained that most spam is sent from zombie PCs, all over the world, but primarily in the US. China come into it mostly as hosting the websites that those idiots who want to buy herbal viagra go to.

Re:Why is this still an issue?

[1u3hr]

Getting rid of these 3 countries, would have a *huge* direct and indirect impact on the spam industry.

For a few weeks. Then it would be coming from another three countries. Maybe eastern Europe, the Mid East, even South Africa.

Look on the bright side, spam is financing the rapid build up of Internet infrastructure throughout the Third World.

Re:Why is this still an issue?

[h0tblack]

And according to http://www.spamhaus.org/ which the top source of spam, above China, is still the US.
China may be the biggest in terms of the market for zombie-pc network lists and does have a huge growing market for hosting spammers sites, but whose paying for these services? Most of the spam is still from a few westerners (url:http://www.spamhaus.org/rokso/) most of whom are American's.

Re:Why is this still an issue?

[Pete]

Credit card fraud.

Put it this way - you're just not going to be getting that many legitimate orders for high-end laptops from, say, Indonesia... at least compared to the blizzard of orders using stolen credit card numbers. It's much simpler and more cost-effective for the merchant to say "Nope, we just won't accept orders from $COUNTRIES."

Of course, feel free to substitute "Indonesia" for just about any close-to-third-world country with an internet connection and little or no government control of internet fraud (not that I'm really criticising of course, I'm sure such governments have much more important things to spend resources on).

It's a very close parallel to the spam situation. If 90% of your spam originates in China and you have zero legitimate emails originating from China, then it's a no-brainer to just cut off the country. Same for intrusion attempts (as mentioned by another poster).

It's not saying that all Chinese or all Indonesians or all Ukranians or all Verio subscribers are spammers or fraudsters or crackers - just saying that, for a whole range of reasons, the overwhelming majority of those connecting to your server are spammers/fraudsters/crackers. So from that viewpoint.... *snip* ;-).

Re:Why is this still an issue?

[Lost+Race]

So? I block American spammers and zombies too. What's to re-think?

Re:Why is this still an issue?

[andynz]

A lot of people seem to be under the impression that APNIC is just Asia. APNIC also covers Oceania (Australia and New Zealand) and the Pacific Islands. APNIC headquarters are in Australia.

Re:Why is this still an issue?

[AaronLawrence]

Are you dreaming? Most retail operations (with certain exceptions, such as software downloads) don't offer worldwide shipping. By far the majority ship only to their own country. I know this from experience; go looking for someone who will ship outside the US for a computer part; I'll be lucky to find one in ten.

Re:Why is this still an issue?

[glesga_kiss]

Most retail operations (with certain exceptions, such as software downloads) don't offer worldwide shipping. By far the majority ship only to their own country.

Well, my experience differs. I've been ordering things from all over for about 4-5 years, and I rarely find someone that won't ship to me. You might need to ask, but that's not going work if they are blocking your subnet entirely. ;-)

Every big player, e.g. Amazon, has done this since day one. I'd say at least half of the smaller ones do as well.

Re:Why is this still an issue?

[razmaspaz]

While I can not begin to know the complexity of the situation you face in China and your inability ot affect your govenrment, I do know this. While 95% of the spam I get comes from the US, 99% of the traffic I get from China is Spam. I will block the 95% of SPAM coming from Florida, but I will also make an effort to drop Chinese traffic becuase I am 99% sure that it is SPAM. Whereas something from Florida, while potentially SPAM is maybe 1% likely to be SPAM.

This is going to sound horribly curelgiven my relative freedom and your relative lack thereof, but if you don't like the fact that your government won't play nice, get a new one!

Re:Why is this still an issue?

[zboubi]

Same for me, at firewall level, with netfilter, geoip and this antichina filter

RBL

[tacocat]

Isn't there some way we can identify the entire Chinese IP block and just shut them down? If they don't care, then they can just go back to being isolationists as they have been for the past 5,000 years. They didn't mind and neither did we. But this kind of behaviour sucks.

Honestly, I can't think of anything else that could possibly be done short of forwarding all chinese spam to the UN and seeing if they can actually do ANYTHING in the next decade or so.

Re:RBL

[adeydas]

yes every country has its own unique IP type but i doubt whether that will be of any help. usually spammers mask IP's or send spam mails from 'zombie computers' from other countries...

Re:RBL

[Jucius+Maximus]

"Asia Times has a nice article about why China is becoming the spam capital of the world."

Funny, I thought almost all spam originated in the US (even though it is sent via Chinese webservers.) This is confirmed in the article, btw.

Re:RBL

[Chundra]

I have a better solution: Let's bomb them. Yeah! Take that you imperialist, commie isolationist spammers! Is there oil in China? Do they have bibles? Can we get them some bibles in Japanese or whatever language it is they speak there?

Re:RBL

[AhabTheArab]

Should WE just block YOUR subnets?

Go ahead. If you think that will get rid of your American spam, do it. Just because some people want to block Chinese IP addresses, does not make them racist. If I get a lot of spam originating from China, and I don't visit any Chinese websites. Why wouldn't I block them?

Re:RBL

[glesga_kiss]

ergo there's no reason for ANY connection from china to pass our firewall.

How does that make anybody racist?

I never said it was, just not a good solution. I did say there will be predicable racist anti-everyone-who-is-not-white anglo-saxon-prodestant ramblings on this thread because it's about China.

And sadly, I'm proven right. Take a look around...

Re:RBL

[realdpk]

You're reading way too much in to this. Or maybe you're racist yourself, and are concerned it may become revealed here?

I see no connection between whatsoever between race and IP firewalling. Most people you talk to would agree.

Re:RBL

[hackstraw]

I run spamassassin, and I have a rule to score URLs that reverse back to Chinese or Korean netblocks.

Over 50% of the tagged spams hit this rule. Now if these mails were actually sent from China or Korea, that is a different story (and a different rule :). I know its a cheap and easy way to send spam from compromised Windows machines that can be located anywhere in the world, but many of these drone machines are probably sending mails from Chinese and Korean people.

Re:RBL

[glesga_kiss]

I see no connection between whatsoever between race and IP firewalling. Most people you talk to would agree.

Did you READ my post. I said it was the US attitude to China that was racist, and that you can't get away from it in any thread mentioning China. Don't add "blind" or "dyslexic" to that list of popular American failings as well please... ;-)

Re:RBL

[athakur999]

Do you mind sharing how you did this? I forward all of the spam messages I get that make it past SpamAssassin to Spamcop and at least half of them end up having links to websites hosted in China. If I could add a score just for that I'd probably save me a few minutes each day.

Re:RBL

[hackstraw]

uridnsbl URIBL_CNKR cn-kr.blackholes.us TXT
body URIBL_CNKR eval:check_uridnsbl('URIBL_CNKR')
describe URIBL_CNKR Contains a URL listed in China/Korea
tflags URIBL_CNKR net
score URIBL_CNKR 2.5

For SA 3.x.

Re:RBL

[amigabill]

We need an anti-spam law that would punish companies from hiring spammers to push the send button for them. As it is, if we take down one spam kind, then Circuit City (for example as their spam a few years ago led to me boycotting them) will hire a new spam king to send me their ads. If the law doesn't discourage the likes of Circuit City from hiring spammers, they will continue to do so. If Circuit City was fined or otherwise sanctioned as punishment for spamming me, then the spam kings would not have many customers left to hire them, and they would not have nearly as many ads to send.

Doesn't this make sense? How could the lawmakers screw that up, and let the sellers continue hiring different spammers that haven't been taken down yet????????

Re:RBL

[superpulpsicle]

This is stupid. The server might sit in China, but the guy initiating the spam sending might live in the U.S or anywhere. In fact, it might be multiple people living in different countries.

Re:RBL

[ssimontis]

I used to recieve lots of spam from Asian countries. I would get spam for modchips, although I didn't have any foreign language packs on my e-mail program (I think it was Netscape at the time). I would get these messages saying I need Chinese or Korean to view this e-mail. I haven't recieved any spam from China in a while. Was it just a fad or something?

Re:RBL

[Technician]

I never said it was, just not a good solution. I did say there will be predicable racist anti-everyone-who-is-not-white anglo-saxon-prodestant ramblings on this thread because it's about China.



It's not about race. It's about an effective filter. I have Chinese friends. I've been to the Chinese New Year celebrations. I don't have Chinese as a second or third language. I don't have anybody I currently know that is on a trip to china. I have no China business connections. 100% of e-mail I get from China is of no use to me. Killing 100% of the unsolicited mail from China has a 0% false positive rate.

It's not about race, It's about anti-spammers. I'd filter out US cable providers if I could do it with a 0% false positive rate. Unfortunately some mail from cable ISP's is family.

Well, okay...

[GillBates0]

But I was thinking more along the lines of Yummy Hot and Spicy Chinese Spam:

SPAM(TM) Hot & Spicy Stir-Fry
Makes 6 servings

Ingredients
1/3 cup reduced-sodium teriyaki sauce
1/3 cup water
2 to 3 teaspoons HOUSE OF TSANG® MONGOLIAN FIRE® Oil
1/2 teaspoon ground ginger
1 (12-ounce) can SPAM® Lite, cubed
1 cup broccoli florets
1 cup chopped onion
1 cup pea pods
1 red bell pepper, cut into strips
1 tablespoon plus 1-1/2 teaspoons vegetable oil
1 (14-ounce) can whole baby corn, drained and cut in half
1 (7-ounce) jar mushrooms, drained
6 cups hot cooked white rice

In small bowl, combine teriyaki sauce, water, Chinese hot oil and ginger; set aside. In wok or large skillet, stir-fry SPAM®, broccoli, onion, pea pods and bell pepper in vegetable oil 2 minutes. Add teriyaki sauce mixture; cook until bubbly. Add baby corn and mushrooms; heat thoroughly. Serve over rice.

Re:Well, okay...

[lowrydr310]

I prefer General Tso's Spam ...still haven't posted anything 'insightful' in three months as a registered slashdot user

Re:Well, okay...

[EvilAlien]

Teriyaki is Japanese, dammit.

I'd recommend something a little bit more substantial like Thai peanut sauce. Also note that hot pepper oil is usually just canola with crushed red pepper in it, so make your own rather than getting gouged at the till buying name brand peppers-in-canola. I make my own for Guo Tie.

Re:Well, okay...

[snorklewacker]

Also note that hot pepper oil is usually just canola with crushed red pepper in it, so make your own rather than getting gouged at the till buying name brand peppers-in-canola. I make my own for Guo Tie.

Hm, the stuff I get is sesame oil with red peppers. Doesn't cost any more than regular sesame oil, so what the heck. No good for stir frying, but great for flavor. If the oil were actually pressed from peppers, it would be like putting pepper spray on your food.

"Mmmm ... incapacitating"

Re:Well, okay...

[EvilAlien]

I'll remember that next time I need to insult someone who is Chinese. "Hey man, I hear Teriyaki is a Chinese sauce... BOOYAH, IN YOUR FACE!"

Spam from Confusious

[teiresias]

Which is suprising considering the Government control on all things media.

From: Confusious
To: teiresias

Subject: Ancient Chinese Proverb

Body: "Increase your penis size with ginger root and secret ingredient. Act now and get a free webcam. Did I mention it make your wang huge!"

Re:Spam from Confusious

[dex22]

Ummm, do you have a link for that? It sounds like JUST what I need!

Re:Spam from Confusious

[jacksonj04]

Don't even *think* about putting ginger root near my penis.

Re:Spam from Confusious

[aethera]

For a moment there, I thought I was reading a letter from the ancient Chinese philosopher to the ancient Greek prophet/soothsayer, and I thought "cool!" It was a good premise anyways.

Re:Spam from Confusious

[Antique+Geekmeister]

The Chinese government *censors* all media, thez dont control it. There are things its not allowed to be used for, namely criticism of the Chinese government.

But selling connectivity to spammers, and ripping off stupid Americans by selling them Guaranteed Herbal Viagra cures is fine. It doesnt cause political dissent, it brings in foreign currency, and it encourages the growth of network infrastructure, which they badly need.

The source?

[AndyBassTbn]

Because of this, it is now meaningless to say that spam itself originates in any given place - it is truly a cyber-product.

No, I think the source has remained unchanged - the pocketbooks of those willing to actually pay for the schwag sold via SPAM email. As long as people are willing to pay for herbal Viagra, cheap mortgages, etc. based on spam, so too will spam annoy the rest of us.

Re:The source?

[Winkhorst]

"As long as people are willing to pay for herbal Viagra...based on spam"

You mean herbal Viagra is made from Spam??! Does the FDA know about this? Why hasn't Spam started an ad campaign about this? "Eat Spam and grow large in TWO places!"

Re:The source?

[jxyama]

>As long as people are willing to pay for herbal Viagra, cheap mortgages, etc. based on spam, so too will spam annoy the rest of us.

not quite. spam will exist as long there are advertisers who believe there are people who are willing to pay for junk stuff based on spam. advertizing - all it takes is the belief that it's doing something, at least until the money runs dry.

Re:The source?

[jellomizer]

Well if you look at the numbers for spam the people who are actually buying the crap is very small like 0.001% So that is 1 in a Thousand People who buy this stuff. Unfortunatly with Billions of people on the internet. That is still a lot of sales. For this population of people no amount of education reform or laws will change this. Because the 1 in a thousand person is so dumb that they will not learn from anything. What would be good is to see where there people buy the stuff so we can see where the largest population of stupid, ignorant people live.

Re:The source?

[Zocalo]

people who are actually buying the crap is very small like 0.001%

Not according to Forrester Research it's not. At first glance, Forrester's figures seem impossibly high, but it did make me think about what the figures we hear about spam actually mean. Basically, that "0.001%" figure is the number of spams that generate a response, but if each respondant to one spam in a thousand, then 1% of spam recipients are buying from spam. Think about how many spams are being sent, and all of a sudden Forrester's figures, while high, don't seem too far beyond the realms of plausibility.

Re:The source?

[badfish99]

Advertisers aren't stupid: they would very quickly stop believing that spam works if their income dried up.
And all the adverts are in English, so are obviously aimed at Americans, not Chinese people. So if Americans stopped buying the junk, the whole problem would go away in a few weeks at the most.

Re:The source?

[bitmason]

The problem is that there's likely a steady stream of greedy folks lining up to pay for sending out the next batch of spam promoting the latest "get rich" products. It's worked for years with distribution pyramids like Herbalife. Why should spam and the internet be any different?

Re:The source?

[jxyama]

AOL has been running their ads for how long now? how long have they been sending out CDs? and how long have they been bleeding their subscribers? advertisers aren't always that quick to pull the trigger, unless they are flat out broke... and spamming costs a lot less than producing CDs or TV spots. even if people stopped buying spam advertised items at this moment, i imagine spamming to continue for quite some time.

Re:The source?

[IO+ERROR]

>As long as people are willing to pay for herbal Viagra, cheap mortgages, etc. based on spam, so too will spam annoy the rest of us.

not quite. spam will exist as long there are advertisers who believe there are people who are willing to pay for junk stuff based on spam. advertizing - all it takes is the belief that it's doing something, at least until the money runs dry.

The reason advertisers continue to believe that spam brings in customers is simply that it does. People do read spam, and people do buy from spammers. Until you stop that, you can't stop the spammers from believing that spam is worth their time, because from their perspective, it works!

Re:The source?

[Technician]

all it takes is the belief that it's doing something, at least until the money runs dry.

I see you are not a student of P.T. Barnum.
Here is an interesting link to some history of the famous quote the PT didn't say.

http://www.historybuff.com/library/refbarnum.htm l

Re:The source?

[Mr+Europe]

It's funny how people accuse russian virus writers and chinese sending spam.
But the most of the spam comes from USA, maybe via owned chinese hosts.
http://spam.weblogsinc.com/entry/4463682046968893/

Re:The source?

[68kmac]

spam will exist as long there are advertisers who believe there are people who are willing to pay for junk stuff based on spam.

Unfortunately, they seem to have a strong believe. With subject lines that are almost illegible, consist of arbitrary words, or contain random names at the off-chance to make it look like a personal message, I've always wondered who would read more than the subject before throwing that junk out.

IIRC, a recent study showed that up to 12% of the recipients of spam actually went ahead and bought the advertized product.

Looks like human stupidity is still the main contributing factor to the whole spam problem ...

Re:The source?

[fm6]

As long as people are willing to pay for herbal Viagra, cheap mortgages, etc. based on spam, so too will spam annoy the rest of us.

You're right about where spam comes from. But that doesn't mean we can't get rid of it. We just have to replace the email infrastructure that was designed around the assumption that all Internet users are good citizens.

Governments

[Kipsaysso]

Ironically if the spammers make more money in China then the internet will be more profitable there then in a Capitalist society.

Re:Governments

[crazyeddie740]

China *is* a Capitalist society. What they need is another communist revolution. Maybe then they could get a democracy going.

Re:Governments

[Omniscientist]

Could you please elaborate? I fail to see how a revolution for the purpose of implementing a Communist government into its society would lead to a Democratic government being put into its society. If you were just joking, sorry!

Re:Governments

[Pxtl]

Well, as I understand it, Communism and Democracy are not mutually exclusive - it is simply an unfortunate fact that Communists tend to think they know better, and after having put in the effort to run a violent revolution they seem to think that this justifies their title as "dictator for life".

While it might not be long-term stable, I don't quite see why one couldn't implement a communism headed by a democratic body.

I'm guessing that's what the parent poster might have been referring to.

Re:Governments

[fbform]

For some governments, it is better to separate their administrative policies from their economic policies. China for instance has had economic reforms for about 20 years, and it's now capitalist in all but name. Its administration is still (for want of a better word) totalitarian (by which I mean that the government tends to control, or want to control, every aspect of its citizens' lives), but it can't fairly be called Communist.

On an sidenote, we may now ponder about whether introduction of Capitalism makes a country progress faster than introduction of Democracy, and whether they both go towards the same point in the politico-economic XY-plane, just along different paths.

Re:Governments

[crazyeddie740]

I was being a little ironic. China, while paying lip service to communistic ideals, is definitely capitalist. It has, IIRC, the fastest growning economy in the world, but the benefits are limited to an urban elite. All the workers and the rural farmers get is the shaft. In addition, the boom is causing environmental damage. In a democracy, the environmental lobbyists would step in, but under China's totalitarian government, critics of all stripes are silenced.

The situation in China is like that which originally inspired communism/socialism in Europe and America. Except that Europe and America had democratic governments, and instead of a full-fledged revolution, a very mild form of socialism was created.

If China isn't careful, its economic inequality will cause a proletarian revolution. Hopefully this revolution would create a democratic government. The alternative would be for the government to relinquish some of its power voluntarily, and allow a democratic government to develop peacefully, but I don't see that happening.

Re:Governments

[corbettw]

China's government can probably be more accurately called "fascist", not "communist". They have some limited capitalism, they preach a very aggressive nationalism (though for now it's more words than deeds), and they have many socialist trappings. Considering the police state they have in place and all the humans rights violations, it even fits the stereotypical fascism, too.

Note that they're more like the original form of fascism which Musolini started rather than the form more usually associated with National Socialism.

Re:Governments

[fbform]

You may be right. Take this test for instance: http://www.politicalcompass.org/. (No I don't run that site, nor do I claim that it is necessarily accurate. I merely claim it is one way to represent political thinking and it may be useful). Now where would the current Chinese government fall in that graph? Probably in the low-positive-x, high-positive-y range?

Apostrophe? (nit-pick warning)

[lukewarmfusion]

Steves quote...

Or lack thereof...

no mail of value

[lophophore]

I get no mail of any value from China. I don't know anybody there. So I don't feel bad about automatically trashing all mail that originates in Chinese netblocks. It's amazing the effect that has had on what spam I actually see.

If everybody did this, it could become a real problem for the Chinese. (duh)

Re:no mail of value

[glesga_kiss]

I get no mail of any value from China. I don't know anybody there. So I don't feel bad about automatically trashing all mail that originates in Chinese netblocks.

What if you had a friend traveling over there, that had to get in touch with you? Or someones company switches hosting to a .cn company. Or a mail gets relayed through a .cn mail server as the regular one is down for maintainence?

I guess you'll never know. Oh, your mom called; you didn't reply to her mail about the free first-class tickets she was going to send you to visit her; so you missed out.

Re:no mail of value

[dubl-u]

So I don't feel bad about automatically trashing all mail that originates in Chinese netblocks.

I'm not willing to go that far, but I do assign a 1.5 point penalty (out of 5) to all Chinese and Korean IP space. It has made a substantial difference as spammers get smarter about skirting Bayesian filters.

Re:no mail of value

[realdpk]

If mom can call, why did she send an email? When her son didn't reply, why not call then?

Your logic makes no sense. Your racism (your concern about racism barely masks it) is showing.

Re:no mail of value

[glesga_kiss]

f mom can call, why did she send an email? When her son didn't reply, why not call then?

I was (trying to) be funny. Funny comments don't always make logical sense.

Your logic makes no sense. Your racism (your concern about racism barely masks it) is showing.

Because I dislike the way that the vast majority of Americans treat China, that makes me racist? How'dya figure? I don't like the way you treat Arabs either, does that make me Hitler?

If you are in any doubt of the usual anti-Chinese sentiment with any US citizen, grep /. for topics with "china" in the blurb, and read. It's sickening.

But it's your funeral. China is going to be the biggest mover in the first quarter of this century. I see them as a potential friend in this world. Where do you stand?

Re:no mail of value

[XopherMV]

Maybe we should start spaming them with ads for free Taiwan. Maybe then, they'd stop the spamming.

Re:no mail of value

[NeMon'ess]

Free Taiwan? Awesome! I'll take a dozen please. Oh, did you mean ads for A free Taiwan?

Re:no mail of value

[lophophore]

Yep. In the unlikely event that any of those things happened, I'd be hosed. A risk I'm willing to take.

Re:no mail of value

[Croaker]

What if you had a friend traveling over there, that had to get in touch with you?

Likely, that friend would use an internet cafe to connect to his/her hotmail or whatever account, and shoot of the email. The email would originate from the hotmail (or whoever) mail server, not from a chinese netblock. Not a problem.

Or someones company switches hosting to a .cn company.

The result is no different than if a company switches to an ISP that is known to be spam-friendly... they will usually get bounces stating "Your mail was refused because your subnet is blocked for spamming," or something similar. In which case, the company had best rethink its choice of ISP.

Or a mail gets relayed through a .cn mail server as the regular one is down for maintainence?

How often is mail rerouted these days? Especially to a server in a different country, likely on a different continent? I can't recall ever seeing this. Usually mail is held until the mail server comes back up. The mailserver going down is one of those things guaranteed to get the IT people awoken in the middle of the night, so its downtime isn't going to be long anyhow.

Oh, your mom called; you didn't reply to her mail about the free first-class tickets she was going to send you to visit her; so you missed out.

Any idiot who relies entirely on email for transmission of important information pretty much gets what he/she deserves when there's a snafu and the email is lost. That's why really important things, such as the "DMCA take down notices" sent out by lawyers are always sent both via email and snail mail.

Re:no mail of value

[hackstraw]

What if you had a friend traveling over there, that had to get in touch with you? Or someones company switches hosting to a .cn company. Or a mail gets relayed through a .cn mail server as the regular one is down for maintainence?

Any friend of mine would use a reliable and known email server either via some kind of webmail feature or by sshing into a box back in the USofA.

Being how much China censors thier internet, I would not count email being reliably sent from there under any conditions.

Re:no mail of value

[kawika]

Try that in the IT department of WalMart. You'd be booted back to Dogpatch USA when they found out you blocked all the Chinese domains, cutting them off from every one of their suppliers!

Re:no mail of value

[beagle]

Nobody on my system ever corresponds with anyone in Korea or China, so I too have set up a bunch of netblock filters.

If I ever need to correspond with someone from those networks, I can update my filters, but I don't ever see that happening.

I used to block individual IP addresses of spam hosts, but that list got unbelievably huge (well over 1,200) so now I filter entire CIDR blocks from which I get spam. I only do this for non-US CIDR blocks. I'd love to do it for US CIDR blocks too, but that's a bit too restrictive. Instead, I just block hosts.

My spam levels have gone WAY down. If only the same trick could work for my .Mac address... :/

Oh, the beauty of iptables.

Re:no mail of value

[Eggplant62]

Really, man. I'm wondering why we don't simply drop their router blocks into a blackhole and let them live inside their own private Chinese Intranet. It's not like they depend much on the Internet outside their own country, right?

Re:no mail of value

[rk]

Given where Walmart's headquarters are, you'd actually get booted out of Dogpatch USA.

Re:no mail of value

[Miara]

If everybody did this, it could become a real problem for the Chinese. (duh)

Hmmm.

Maybe that's what they want.

The Chinese government seems to be doing everything they can to make sure that people in China don't have access to any information that is potentially critical of their regime. This is easy to do with websites (including Google it seems) but somewhat harder with email.

If they allow spammers to run free though, and every admin in the west blacklists all .cn sites as a preventative mesure ... that severely hampers email exchanges between Chinese citizens and the rest of the world.

I wonder ...

Re:no mail of value

[ae]

Croaker wrote:

The result is no different than if a company switches to an ISP that is known to be spam-friendly... they will usually get bounces stating "Your mail was refused because your subnet is blocked for spamming," or something similar. In which case, the company had best rethink its choice of ISP.

If you are bouncing spam you are just contributing to the problem. Spammers always fake the originating addresses, often using innocent peoples' addresses, who will find their mailboxes full of spam bounces. Can you tell this happened to me? :)

The correct way to do it is to deny the spam message on the SMTP level.

Re:no mail of value

[nihaopaul]

well find an isp in china who is up for fighting spam and tell me where they are, i have the biggest issues with this, seems everyones answer is to just block everyone, what if you get your ips from the isp? and that there is only one isp in the country (3rd largest at that)?

what i'm saying is its the bad few that FUCK IT UP for the rest of us. but yeah something has to be done, i use spam filtering and it catches most, but i cant set it to delete as most of my comunications come from people in china.

ehm shouldn't they shut the spammer down and not the server?

thats my rant

Is it just me

[jbich]

or are those silly bastards who do the "first poooooooooost" thing almost as annoying as getting 1500 variations of "hot, wet, young asian delight" in my email box every day?

Let's re-route all of our chinese spam to those guys.

ASFAIK

[Dasch]

... The US is still the main exporter of SPAM...

That makes it easy on me...

[Transcendent]

...I just started blocking IP subnets from china...

Actually, after reviewing logs on my firewall I found a lot of brute force attacks coming from Korea, and only a few from China, so most subnets blocked are Korean owned. But, needless to say, I'm spam free.

Re:That makes it easy on me...

[0racle]

I had some problems on and off for a week or two with a few addresses in Japan. Only like an hour at a time and was no match for my OpenBSD pf and my fantastic (simple) ruleset. It was a few hours at a time, then began to trail off. Not really anythnig to block a whole subnet for, don't you think you might be overreacting a little.

Re:That makes it easy on me...

[Transcendent]

Yea I am overreacting... I'm not worried about anyone breaking in mainly because their SSH/FTP brute forces involve root (which, of course, is disabled by default as a remote login), and names that have no login shell on my system or are disabled for ftp. I just do it out of spite, and because I like to watch the block statistics from pf to go up.

The main reason I DID start this was because a few attacks started to slow down my internet connection... So it's not really security, as it is to keep my connection fast.

Is there any reason accept mail from China?

[RealAlaskan]

Is there any reason not to ban all mail originating from (or relayed through) addresses in China? I supose that big universities have a lot of students who use email to keep in touch with family in China, but most ISPs could probably do this without any harm to their customers.

If you were willing to put some effort into it, you could combine it with a whitelist, which would allow your Chinese customers to get email from the old country.

Wait a minute ... effort, ISP ... those two don't go together. Ok, never mind about the whitelist.

Re:Is there any reason accept mail from China?

[RealAlaskan]

Actually, I was thinking that for most of us, blocking all email from Korea and China would be a feature, that we might even pay extra for. I probably wouldn't, because I know people in both places. Of course, I could send them a Gmail invite, and they already use hotmail or yahoo accounts, so maybe I would be interested in a feature like that.

... doesn't that seem to go against the connectiveness that the internet provides?

There are places I don't want to be connected to, at least not by default, at least not constantly. Sewage pipes and spam havens are both on that list

Re:Is there any reason accept mail from China?

[eaolson]

Is there any reason not to ban all mail originating from (or relayed through) addresses in China? I supose that big universities have a lot of students who use email to keep in touch with family in China, but most ISPs could probably do this without any harm to their customers.

The problem is that the spam email usually isn't sent from China. It originates from Brazil, or Argentina, or one of the many, many zombie PCs out there. China is just willing to host the spammer's website.

This is why I've been saying that the (current, temporary) solution to spam is to find any fiber optic line that connects China to the rest of the world and go at it with an axe. When they behave like responsible adults, they can have another one.

Re:Is there any reason accept mail from China?

[RealAlaskan]

The problem is that the spam email usually isn't sent from China. It originates from Brazil, or Argentina, or one of the many, many zombie PCs out there.

Well, an ISP which allowed you to choose to ban email from China, Brazil, Argentina and anyplace else you don't have friends or family, would probably find that it could make a few extra bucks from the service. Or, it could be a setting in the extra-cost spam filter that most ISPs already seem to offer.

... find any fiber optic line that connects China to the rest of the world and go at it with an axe.

My way is more likely to be implemented, because the ISP can charge for it.

Re:Is there any reason accept mail from China?

[eaolson]

Well, an ISP which allowed you to choose to ban email from China, Brazil, Argentina and anyplace else you don't have friends or family, would probably find that it could make a few extra bucks from the service. Or, it could be a setting in the extra-cost spam filter that most ISPs already seem to offer.

I've been telling everyone I know to use SpamPal. (Windows, client-side, blah, blah blah) It lets you block email originating from all those countries, and more. And with the URLBody plugin, you can block mail containing URLs hosted in those countries, too.

Re:Is there any reason accept mail from China?

[RealAlaskan]

Yuch. Windows.

I have Mozilla doing spam filtering, and it works, sort of. Just like SpamPal, it requires that I waste my bandwidth downloading the junk to classify.

I might be willing to pay a bit for a feature which let me ban email from certain countries, so it never gets downloaded at all.

This is a good thing

[sfjoe]

Keeping all the criminals in one place (China) is great. I blocklist all of China, Taiwan and Korea and don't have to worry about these trespassers. I do feel sorry for those folks that have to communicate with them, but just consider it the price of doing business.

Re:This is a good thing

[jellomizer]

Unless you have customers who are in china.

Re:This is a good thing

[Donny+Smith]

Judging by the current account deficit, it seems everyone's got SUPPLIERS who are in China...

Will it stop with "IPv9"?

[catalax]

Probably it will stop when the Chinese govenment introduces their own "IPv9" network protocol to have better control about what is good for their citizens and what is not.

"Spam Capital"

[Hank+Chinaski]

"Asia Times has a nice article about why China is becoming the spam capital of the world. " You forgot to mention which country is the spam capital of the world now ... the U.S. And why is that? Because the ISP are privately owned and there is no pressure coming from above?

howto

[Camel+Pilot]

5 mod point to the person who provide a link or describes how to block the chinese ip net block.

Re:howto

[duffel]

If your block inconveniences even just a few email users with honorable intentions, you worsen the effect spam has on our society significantly.

I know how annoying it is to have to deal with these kinds of restrictions, because my ISP made sure that all email not sent via their official servers was rejected by servers using the MAPS blacklist. In any case, it made contacting people a nightmare. I felt hard done by.

And that was just an ISP. Once you blacklist an entire country, you're crossing a very pertinent ethical line. It's discrimination by country of origin. A brand new internet prejudice that we can do without.

"Welcome to the internet. No chinese people allowed."

Re:howto

[swmccracken]

Easiest option, if you've already got the infrastructure to use a DNSBL and only really worried about SMTP.

Add "china.blackholes.us" as a standard for DNSBL. It supports TXT lookup too.

(Alternatively, "cn-kr.blackholes.us" if you want to ignore Korea as well as China.)

Alternate provider of country information is countries.nerd.dk.

Re:I once saw.

[Transcendent]

IP spoof?

The only way to go after spam

[hsmith]

is go after the companies that sell their products through spam. outlaw that as an advertising form, fine companies that advertise through them and you have your solution

Blocking Chinese IPs not always the solution

[hellfire]

Only two dozen posts in and I see half of them appear to suggest blocking email from China. This is a good individual solution on an ISP by ISP basis but not a good universal solution. Businesses have to deal with other businesses in China, and well there are plenty of families who legitimately want to email from China to the US and back.

Any solution that involves blocking everything from China won't work for everyone, and every solution that tries to selectively opt in or selectively block from China is a greater expense to set up.

Considering most of the spam originating from China is poured into the US, and the money's paid to the ISPs are money flowing from out of the US economy and into China's, I hardly think they will care any time soon.

Re:Blocking Chinese IPs not always the solution

[pavera]

Blocking all traffic from china while draconian, will fix the problem faster than anything else. If china can no longer do business with the US because of their spam policies, the business sector in china will quickly put pressure on the gov't to change the situation and it will change.

Re:Blocking Chinese IPs not always the solution

[gad_zuki!]

Its an old-fashioned boycott. Once the ISPs begin to freak out that no one is getting their mail or able to access their sites then it might change their mind in regards to policing spam.

I'm all for it as a temporary "show of force" solution.

Re:Blocking Chinese IPs not always the solution

[fmaxwell]

Only two dozen posts in and I see half of them appear to suggest blocking email from China.

I suggested blocking all traffic. If they want to host spammers' web sites, then block web traffic. If they want to communicate over IRC with zombie machines to send spam, then block IRC. Just block everything for a week and watch the sudden interest on the part of China to deal with the spam problem.

This is a good individual solution on an ISP by ISP basis but not a good universal solution. Businesses have to deal with other businesses in China, and well there are plenty of families who legitimately want to email from China to the US and back.

So what? Make it tough on businesses, families, and everyone else and then there will be pressure to address the spam problem. I don't really give a rat's ass if some company incurs inconvenience and added expense when dealing with China. Maybe they will choose to stop doing business with Chinese firms until the spam blockade is lifted. China needs the west more than the west needs China, from an economic standpoint. They rely on exports to survive.

Any solution that involves blocking everything from China won't work for everyone, and every solution that tries to selectively opt in or selectively block from China is a greater expense to set up.

Blocking trade with Cuba doesn't "work for everyone," but we do it anyway. There's no reason that China can't be knocked off of the net (at least for traffic to/from the U.S.).
These namby-pamby attempts to keep from inconveniencing people are counter-productive. You get action when you inconvenience lots of people.

Re:Blocking Chinese IPs not always the solution

[pyrotic]

Why not bomb the bastards too? Seems like a good partiotic response.

Most people responsible for sending spam are based in the US... According to network management firm Sandvine, about 80% of spam is now sent via legions of PCs owned by ordinary - and usually oblivious - computer users around the world.

From the article.

Re:Blocking Chinese IPs not always the solution

[DocSnyder]

Businesses have to deal with other businesses in China, and well there are plenty of families who legitimately want to email from China to the US and back.

So what if they can't because the rest of the world doesn't exchange *any* Internet traffic with China? They'll have two possibilities - live with their intranet and use phones or other communication methods - or make Chinese ISPs solve their spam problems. If e. g. Volkswagen China can't use Chinanet as ISP because no one can access their Web site and nobody wants to receive their emails, they'll have to find a solution - using own infrastructure or different ISPs, maybe tunneling their IP traffic to Europe and use European email and web servers. So some other, whitehat ISPs will get their money, not Chinanet. This is the most (and only) effective way of the Internet itself solving spam problems if legislation can't and/or doesn't.

A few years ago a German ISP, Primekom, was harboring many spammers and offering de-facto bulletproof hosting. Blacklisting helped only as much as most legitimate customers backed away from Primekom and choose different ISPs. After some time, Primekom's peering partners became less amused routing spam traffic, so they cancelled their peering contracts, leaving Primekom alone with a slow, thin uplink to somewhere in Eastern Europe, being even to slow for spammers.

So Primekom couldn't but get rid of these spammers. Now Primekom (or what has been remaining, which is not really much) is considered cured. Same with other ISPs in different countries.

AFAICT there a two thresholds of blacklisting effects: The lower one with occasionally delivery failures may be ignored, with recipients being told to no longer use a certain blacklist. The higher one with frequent delivery failures can't be ignored without asking almost *any* recipient for whitelisting. The only solution in latter case consists in getting rid of the blacklisting itself.

It's time to turn China (together with their peers if necessary) into an intranet and make them choose between spammers and non-spammers. Collateral damage due to blacklistings and nullroutings is bad, but collateral damage due to spam, fraud and phishing is worse.

Re:Blocking Chinese IPs not always the solution

[tirnacopu]

No, I say hit them at the money source - block all US IP blocks now!
Boy am I gonna get it..

Re:I once saw.

[northcat]

I mean the ISPs. The poster said that major ISPs like msn et al did it. But I'm not sure what it was he said. Maybe something completely umimportant. It just looked interesting.

Solution? Bounce with the 550 power.

[Tackhead]

> "They simply don't want to know - China Telecom doesn't care because they're government-owned and there is no pressure coming from the government.

550 - Thank you for your support of the steganographic communications payment protocol.
550 - Your continued support of Falun Dafa [Falun Gong] in the face of continued oppression from the butchers of Beijing is appreciated.
550 - The following token shall constitute both a receipt for your payment and a public key with which you may send your next message to your allies in the resistance.
550 - KEYBLOCK 6x5 F81IZ FOLG3 VOLSX CIOP3 F7JJ2 EYMNX

Now, is it my fault if my crontab edits the last line of that message to a different series of random characters every 30 seconds? Is it my fault if the owner of the spam-relaying machine is... dealt with... in the name of protecting his fellow citizens from mysticism and supersition?

Hmm, I suppose it is.

But hey, there's a critical shortage of corneal and kidney transplants. And a critical oversupply of server administrators who support spammers. I'm just the invisible hand of the market, smoothing out the discrepancies.

My standard response

[acceleriter]

to a Chinese originated spam or to a Chinese spamvertised website. Since they ignore reports and are happy to collect spammers' dollars, I figure the outside chance one might get a bullet to the head is the best that can be hoped for:

(first in probably very bad Chinese, thanks to Babelfish)

Dear Spamhaus,

You have won our promotion in the FREE TIBET, Falun Gong, Remember Tiananmen, rebellion against the Glorious Communist State Sweepstakes!

The number on the bullet (free to you, billed to your family), which will hopefully go through your head when the censors in your godless heathen illegitimate bastard country who can filter out everything except spam see this, is 7417.

Congratulations!

Re:My standard response

[IO+ERROR]

Your post advocates a

(x) technical ( ) legislative ( ) market-based (x) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which vary from state to state.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires cooperation from too many of your friends and is counterintuitive
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
(x) Anyone could anonymously destroy anyone else's career or business
( ) Ideas similar to yours are easy to come up with, yet none have ever worked
( ) Other:

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
(x) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
( ) Other:

and the following philosophical objections may also apply:

( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
(x) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures cannot involve wire fraud or credit card fraud
( ) Countermeasures cannot involve sabotage of public networks
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(x) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(x) Killing them that way is not slow and painful enough
( ) Other:

Furthermore, this is what I think about you:

(x) Nice try, dude, but I don't think it will work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:I get Chinese Spam...

[YOU+FAIL+IT(it+being]

YOU FAIL IT(it being the duration of time in which you get hungry again.)

So much for the Great Firewall of China..

[d_jedi]

You mean they don't check outgoing e-mails, which might have anti-Communist content? Gasp!

Multilingual spam

[antifoidulus]

Slightly off topic, but do people here seem to have a problem with getting spam in every language under the sun?
So far I have receieved spam in:
Chinese
Russian
German
Urdu(Maybe, I'm not sure what it was, something that looked south Asian)
French
and Japanese(which recently has been almost every day all about the same thing, some girl meeting club or something, probably run by the Yakuza)
I have only been to a country that speaks one of those languages, and yet I get spam in all of them, fascinating.....maybe because I have an easily searchable university address...

Re:Multilingual spam

[robogun]

Youre' not getting Spanish spam from Argentina? I got on a list down there, & get a lot of n00b spam with real email addresses for the responses. I like to fill up their hotmail boxes with a lot of 900kb responses, with their own email as the sender and reply-to in case it bounces. But getting off that list is like trying to get rid of herpes.

Re:Multilingual spam

[Detritus]

I get tons of spam in Chinese, Korean and Russian. Why, I have no idea. I can only guess that my email address is on the lists that spammers sell to each other, and that they are too lazy to use lists targeted at users who can actually read their spam.

Re:Multilingual spam

[acceleriter]

Or maybe you pissed someone off who signed you up for some of that foreign spam.

Re:The solution is simple...

[acceleriter]

If we want to put an end to the spam from China, stop routing their data. Knock them off of the Internet and their citizens will demand that the problem be addressed.

Given the PRC government's (not to be confused with the legitimate government of the Republic of China in exile in Taipei) methods for dealing the the people demanding anything, I don't think that's too likely.

Here you go

http://www.okean.com/asianspamblocks.html - Detailed blocks so you get fewer innocents.

Don't remember the /. post but here's an idea

[davidwr]

Even without spoofing IPs, if you take control of a PC connected to a Chinese ISP, you can spam "from" there.

This can be done with or, using OS holes and illegal break-ins, without permission of the computer owner.

I wouldn't be surprised if there are some Chinese making $1/day off of spammers to rent the use of their PCs.

What I do...

[trudyscousin]

I have no family, contacts, or business in China. I do not speak Mandarin or Cantonese or any other Chinese dialect. There are no domestic businesses, as far as I know, whose Web content is hosted in China.

It therefore does me no harm whatsoever to blacklist the entire country. Using blackholes.us as a foundation, I built procmail rules to accomplish this. Whenever the occasional spam message of Chinese origin reaches me, I make another change to the rules. As it is, my procmail.log shows fifteen to forty-five spam messages a day from China being routed to /dev/null.

I realize this isn't a suitable solution for everyone, but it's done a pretty fair job for me.

Re:What I do...

[trudyscousin]

Replying to one's own message is lame, I know, but I wanted to clarify: "There are no domestic businesses with whom I want to trade, as far as I know, whose Web content is hosted in China."

Makes it easier to block

[GuardianKnight]

I'm glad it's all going to china. It will make it REALLY easy to block the SPAM.

Set Firewall to block all port 25 connections from Asia based IP addresses.

Maybe I have an over simplistic view on the matter.

Blocking China and other rogue IP space

In addition to blocking spam, we mod our /etc/hosts.allow to keep these systems from connecting to many services:

ALL:61.0.0.0/255.0.0.0:deny
ALL:62.0.0.0/255.0. 0.0:deny
ALL:80.0.0.0/255.0.0.0:deny
ALL:81.0.0. 0/255.0.0.0:deny
ALL:82.0.0.0/255.0.0.0:deny ..etc..

It's better to block, then individually authorize. Most of the Chinese IPs are not only spamming, but constantly probing for vulnerabilities in SSL, SSH, FTP and other services.

Re:Blocking China and other rogue IP space

[1u3hr]

n addition to blocking spam, we mod our /etc/hosts.allow to keep these systems from connecting to many services:

Living in Hong Kong, it's really irritating to clik on a porn site and get redirected to a 403 because "Too much traffic from your country, try later". Of course, I can then use a proxy if I really want to see the page, but it's a pain.

It's WAR!

[Dark+Coder]

Time to declare an all-out Internet WAR!

Now, if someone can translate the "Arts of War" into for Internet uses, we'd win.

the Chinese Gov't would like that

[davidwr]

Knock China off the net you say?

Hehe, the Chinese Government would call that a good solution to the twin problems of "evil ideas" coming into China over the wire and "dissident communication" getting out.

OK, seriously, I'm surprised China doesn't have two-way filtering on port 25 and other ports, blocking anything that doesn't promote Beijing's ideals.

Re:the Chinese Gov't would like that

[fmaxwell]

Hehe, the Chinese Government would call that a good solution to the twin problems of "evil ideas" coming into China over the wire and "dissident communication" getting out.

It also would devastate them economically. The Chinese government may not tolerate political dissidents, but they rely on their booming export business to bring money into their country.

What goes around, comes around...

[Zocalo]

I pretty much have all of China (and a few other countries) blacklisted, in the case of China this is both at the .cn ccTLD domain and their IP allocations from APNIC. Yes, it's draconian, but I can (and do) permit specific IPs if need be and it keeps the spam *way* down. If enough people were to do this, especially at ISP level, then that's going to start having an impact of the ability of Chinese companies to trade with the rest of the world. Should that happen, how long do you think it would take for the Chinese government to take notice, and subsequently some action?

Of course, that's when the payback happens, because it's going to take more than a promise to be good to convince many admins to remove a blacklist entry, null route, or whatever. It basically boils down to a choice between quick money from dodgy spammers now, or long-term money from serious business investments further down the road. At the moment, it sure looks like the Japanese are the only ones that have really grasped the concept of long term business plans being better than cash now; tomorrow's problems belong to someone else.

Blackhole?

[SonicRED]

I'm looking for a way to blackhole the entirety of China.

Every single hacking attempt on my server originates from a Chinese IP. This is also true of every single spam connection attempt as well.

Now there are probably some of you reading this saying "But where do you draw the line? Oh the slipperly slope!" If you are one of these people I have this to say: give me a break.

I have no Chinese customers nor any relevant content on my site. Given their draconian Government firewall it is a bit hypocritical to criticize me for wanting to block access particularly when I'm doing it for secuirty purposes. This is not going to harm the Utopian dream of a free and open internet. In a brief grep through the logs I was unable to find a single legitimate hit to my server from any Asian addresses. The same check showed literally thousands of hacking/spam attempts per week. The line ends with China and they drew first blood.

So my question is this: does anyone publish or maintain a list of IP ranges that I can block through IPtables? That entire country is a stain on the internet and I'm looking for the bleach.

Re:Blackhole?

[CritterNYC]

I'm looking for a way to blackhole the entirety of China.

Every single hacking attempt on my server originates from a Chinese IP. This is also true of every single spam connection attempt as well.

Now there are probably some of you reading this saying "But where do you draw the line? Oh the slipperly slope!" If you are one of these people I have this to say: give me a break.

Without getting into the "slippery slope" argument, blackholes.us maintains a pretty detailed list of Chinese IP space. They also have other country IP lists for origination points of high amounts hacking and fraud like Nigeria, Russia and Brazil.

Re:The solution is simple...

[fmaxwell]

Given the PRC government's (not to be confused with the legitimate government of the Republic of China in exile in Taipei) methods for dealing the the people demanding anything, I don't think that's too likely.

When China can't use the net for business relating to their massive exports, the government will have an intense interest. They may not give a damn about human rights, but they sure care about their economy.

Re:Racist kneejerk:This is a good thing

[sfjoe]

...Yes, this makes them accomplices, but using such inflammatory satements such as criminals, trespassors is rediculous.

Accomplices ARE criminals. How is calling them such "rediculous"?

Do you see the irony?

[SharpFang]

Quite soon the chineese government won't have to try to censor the net. The western world will just filter off all the traffic coming from China, doing the job much more efficiently.

Re:Racist kneejerk:This is a good thing

[Staplerh]

You neglected to mention the 'criminals' in Europe and the United States. It is a small percentage of Chinese users using the internet for spam purposes, and this is using a rather broad brush to paint a variety of users in a very negative way.

Certainly, I won't change your views and you won't change mine.

Reverse the SPAM: use Chinese addresses ...

[Herschel+Cohen]

How about some porn site flyers - telling receipients this is what your servers send to us!

Ask them: Do you approve or do want to be added to the mail lists?

It's a start.

Re:Reverse the SPAM: use Chinese addresses ...

[WormholeFiend]

I think Pro-Falun Gong spam would get the PRC government to move more quickly on this issue...

My recent spam anecdote

[tacocat]

This is all very interesting, and I was even thinking to just block the asian nations would solve a lot of spam. But then I realized that I don't get much spam from there.

Most of my spam, greater than 90%, comes from the zombied US DSL machines as proof of their addresses when trying to connect I believe a large portion of the spam that exists also links back to chinese websites, not delivered from chinese mail servers.

I recently turned on greylisting and all the viagra/herbal/biggus diccus stuff is 100% gone. Not one in a week, normally there are >30 per day. Now all my spam is from France and somewhere in Asia. But that's like 2 a day.

Re:My recent spam anecdote

[msblack]

Most of my spam, greater than 90%, comes from the zombied US DSL machines as proof of their addresses when trying to connect I believe a large portion of the spam that exists also links back to chinese websites, not delivered from chinese mail servers.

I don't understand why so many DSL users fail to provide a reverse DNS entry for their SMTP gateway. Is it ignorance or are they too stingy to pay the ISP fees for their creation and maintenance?

It's amazing how much spam and viruses we don't receive due to blocking DSL users:

• BlacklistByNames = ( "*.client.attbi.com", "*.client2.attbi.com", "*.client.comcast.net", "*.client.dsl.net", "*.dyn.optonline.net", "adsl*.ameritech.net", "adsl*.bellsouth.net", "adsl*.pacbell.net", "adsl*.swbell.net", "*.dsl-verizon.net", "*.dsl.genuity.net", "*.dsl.telesp.net.br", "*.dsl.telesp.net.br", "pool-*.verizon.net", . . . );

Re:My recent spam anecdote

[Skapare]

I probably would get lots of zombie spam from US DSL links, too, were it not for the fact that I block all those. I'm working on blocking all the Chinese networks, now. I think I have most of China-Telecom blocked. But there is definitely a lot of spam coming in from spamware driven servers in China.

I run some open spamtraps that don't block anything. They get lots of spam from all places. But lots of the zombie spam from US DSL links does indeed point back to Chinese web servers. But who knows where the control of those zombies is coming from, since the DSL providers won't help. So if my blocking of DSL "accidentally" also blocks their mail servers, do I care? No.

Re:My recent spam anecdote

[tacocat]

When you block legitimate mail from a legitimate server that's properly configured, you have failed. I can block spam very effectively be pulling the cable out of the wall, but it's not very effective at allowing people to send mail.

Draconian at best.

Re:My recent spam anecdote

[tacocat]

I think if you look into this further, you will find that they are sending email from legitimate mail servers, not zombies.

419 and other lottery types of spam do this with regularity.

Re:My recent spam anecdote

[Lost+Race]

Zombie spam cannons can easily get around greylisting just by doing every spam run twice. Everyone using greylisting gets one copy of the spam; everyone else gets two. Future spam blasting software will probably make a second (and maybe third and fourth) attempt automatically on every 4xx error. Greylisting is a very temporary solution.

Re:My recent spam anecdote

[Lost+Race]

The "dynamic address" RBLs that I know of build their lists from information provided by the ISPs. If your ISP calls your "static" address space "dynamic" then you have a problem. If your ISP refuses to segregate static from dynamic, you need a better ISP.

Re:My recent spam anecdote

[Lost+Race]

When you block legitimate mail from a legitimate server that's properly configured, you have failed.

Not at all. My servers "block" mail by rejecting the SMTP "DATA" command with a rather verbose 5xx error which includes an alternate mailing address and a link to a webmail form. Any "blocked" user will get a bounce from their own mail server with this error message, and can easily contact me by alternate methods. This is not a failure, it is a temporary setback.

The only alternative is to let enough spam through that I'll miss more legitimate mail by false positives in my filtering stage (be it wetware or software) than by "blocked" users giving up. Mail filtered to /dev/null or a spamheap is effectively lost without a trace; at least a "blocked" user knows what happened.

Re:My recent spam anecdote

[tacocat]

It has nothing to do with DNS. My ISP does have a reverse DNS list for my Dynamic IP address. But that has nothing to do with being a zombied machine or not.

The effective method of killing off the zombies is to use greylisting for your email.

Link for China net blocks (and Korea, too)

[gammygator]

http://www.okean.com/thegoods.html

I thought someone might find the link useful.

How to get it

[A+nonymous+Coward]

Post your email address here. Offers will be coming soon.

You're on slashdot. Why don't you already know this?

I've been saying that for years.

[crovira]

Until the fines are substantial enough, and the collection if the money is local to the sender, you're not going to see it happen.

People are looking after their own pockets. As long as there are fools to fill them, not ever the threat of a bullet to the head is going to deter them if its in some other jurisdiction.

Re:Solution? Bounce with the 550 power.

Care to share your scripts and setup with us?

Thanks in advance.

China isn't doing anything?

[rokzy]

whereas the US, the actual number 1 spamming country, is doing so much isn't it?

but China is far away isn't it? the US passing the CAN-SPAM act was just a random fluke, China isn't stomping out spam because THEY ARE EEEEEVVVVVIIILLLL!!!!1*

*if they do do something, they are anti-free speech, anti-business EEEEEEVVVVVVIIIILLLL!!!!!!111 commie scum.

Re:China isn't doing anything?

[taustin]

Several spammers have gotten prison sentences in the US in last few months. There is no reason to think this won't continue.

Not for the right reasons, but it's progress.

China, on the other hand, has made it clear they will do anything for hard western currency, and if it pisses off Americans, so much the better. I don't believe they don't care. I think they care very much.

Re:China isn't doing anything?

[taustin]

But none of them would be in prison if they hadn't spammed.

Re:China isn't doing anything?

[taustin]

Simple historical truth.

Slashbot math lesson

[klipsch_gmx]

the people who are actually buying the crap is very small like 0.001% So that is 1 in a Thousand People who buy this stuff.

I salute you, sir.

Re:Slashbot math lesson

[obdulio]

So that is 1 in a Thousand People who buy this stuff.

So if the spam reachs ten million people, there will be 10.000 buyers. That's enough....

Lily Tomlin said it best...

[Samrobb]

They simply don't want to know - China Telecom doesn't care because they're government-owned and there is no pressure coming from the government.

"We don't care. We don't have to. We're the phone company."

- Lily Tomlin (as Ernestine the operator on SNL)

Re:Simple...

[Spellbinder]

but there is at least one problem
they have nukes toooooooo

Re:Racist kneejerk:This is a good thing

[0racle]

Are ALL Chinese assisting with this? Thats why its rediculous, inflammatory, xenophobic and racist.

Re:Solution? Bounce with the 550 power.

[SonicRED]

I second this.

internet blockade

[Se7enLC]

The Chinese government already blocks their citizens from a lot of the internet.....why don't we just block the rest of it from their countries? Eventually, if enough of the internet is just *missing*, they might try to fix the spam problem

Re:Racist kneejerk:This is a good thing

[bani]

No, just the chinese government.

susceptible to spam rings

[Dishwasha]

Yeah, one of my clients got their Exchange server hit pretty hard by a spam ring; we ended up getting blacklisted by Spamcop of course. After trying to track down the messages between the message tracking tool and W3C logs, I started denying full IP blocks in the firewall. This spammer had zombies in San Juan, Taiwan, Buenos Aires, Chile, Puerto Rico, Isreal, Iran, Taiwan, China, and Japan. By the time I had all the locations blocked I found the beauty of NCSA logging on the SMTP service and was able to track the spamming to a single compromised account that had a very common logon of 'info' which just so happened to match the password. Suffice to say increasing password complexity was the next step. I think we cut down our outgoing e-mail queues by over 40,000 message a day.

Filterning from china but in the body

[Gyorg_Lavode]

How hard would it be to impliment filtering that scanned email bodies for links to China, Korea, and Taiwan and then filter those emails out? Would it be hard to impliment this in spamassassin or such?

Re:Filterning from china but in the body

[ahodgson]

SpamAssassin already does this. It can score if a URL in a message resolves to an address on an DNSbl, like the SBL or your own list. You could filter on seeing the rule mentioned in the tagged mail.

Re:Filterning from china but in the body

[Scutter]

How hard would it be to impliment filtering that scanned email bodies for links to China, Korea, and Taiwan and then filter those emails out? Would it be hard to impliment this in spamassassin or such?

SA already does URI scanning in the body.

Oups...

[zeux]

One of the biggest ISP in Europe is using ip addresses that matches 82.0.0.0/255.0.0.0 so I think you are stopping email from Europe too.

But maybe you don't want it either.

chinese spam? what chinese spam?

[Indy1]

I stop noticing Asia being a spam problem after this sucker got put into use.

http://mail.btfh.net/asia-spam.txt/

Re:chinese spam? what chinese spam?

[Indy1]

ack! should of been

http://mail.btfh.net/asia-spam.txt

It's the ONLY solution for now.

[bani]

It's called behavior modification.

Right now, chinese ISPs simply don't give a shit. Because spam isn't "their" problem. You're the victim, not them. So why should they give a shit?

The only way to make them give a shit, is to make it their problem. By blocking all email from china, you force them to come to terms with the problem.

If their customers can't email anyone outside of china, and their customers start raising hell about it, maybe then they will finally start dumping the criminals from their networks.

Wasn't all that long ago that chinanet ran a lying autoresponder for abuse@chinanet that responded to every complaint with:

"In your SPAM eMail,I can't find the IP or the IP is not by my control.Please give me the correct IP.Thank you."

No wonder china gets blocked?

Until china's abusive attitude changes, they will become more and more widely blocked. They are hellbent on turning their entire country into a LAN, who are we to argue with them?

Re:Solution? Bounce with the 550 power.

[dr_dank]

I've seen a similar idea a while back on here and I echo that same sentiment:

Is having a possibly innocent person's nuts hooked up to a car battery or be tossed into the gulag worth a silly prank like this? I know people here have a hairy coniption over spam, but lets not forget the true face of the Chinese government (or any government for that matter) when they get sufficently riled up.

At best, this shoots the messenger. If nobody bought anything from spam, it would disappear overnight.

Seriously...

[Chordonblue]

If spam in any way threatened the hegemony of the Chinese government - people would be beaten, tortured, and killed - not necessarily in that order.

As it is, I think they LIKE the idea that the U.S. hangs itself with spam. Hacking into Chinese computers to do it make the irony that much more thick.

A lot of people could just block the whole Country

[Photar]

Hmm, I bet most westerners don't do a lot of correspondence with China, might be safe for a lot of people to just block the whole country.

You misunderstand.

[pavon]

The spam is not comming from china - china is simply hosting the spammer's websites. Here is the spam ecology:

American spammers pay Russian crackers to write viruses. These viruses infect Windows machines across the world. The spammers use the zombie machines to send spam which link to websites hosted in China. This has been the prototypical arrangement for many years.

Re:You misunderstand.

[lophophore]

Oh I read what it said in the article. But the truth is, 100% of the mail I get from Chinese netblocks is spam. So my solution works, to some degree...

Re:You misunderstand.

[Monkelectric]

The spam is not comming from china - china is simply hosting the spammer's websites. Here is the spam ecology:

That sword cuts both ways. So you're saying if a messaged contains an URL whose IP is in china then im pretty sure its spam?

Free Tibet!*

[Pfhorrest]

*Limit one per customer.

Re:A lot of people could just block the whole Coun

[taustin]

A lot of people do block the entire country. I certainly do, and will until the heat death of the universe.

Re:Solution? Bounce with the 550 power.

[andfarm]

For what it's worth, the Chinese government treats Falun Dafa / Falun Gong the same way you'd expect to treat a militant group.

Re:Solution? Bounce with the 550 power.

[NeMon'ess]

whoop de doo. if everyone obeyed the law we wouldn't need as many police. so since people are going to keep breaking the law and hoping to increase their dicks, working up the chain to the sitehosts who know spam is happening makes sense.

Re:Put the money where they belong!

[taustin]

Your post advocates a

( ) technical ( ) legislative (x) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
(x) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(x) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
(x) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
(x) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
(x) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
(x) Jurisdictional problems
(x) Unpopularity of weird new taxes
(x) Public reluctance to accept weird new forms of money
(x) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
(x) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
(x) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
(x) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(x) Countermeasures must work if phased in gradually
(x) Sending email should be free
( ) Why should we have to trust you and your servers?
(x) Incompatiblity with open source or open source licenses
(x) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(x) Sorry dude, but I don't think it would work.
(x) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:Double-sided Great Firewall

[beh]

Don't you think that this is something the Chinese might actually LIKE?

If Chinese email to the outside gets blocked on a wide scale, so does email traffic to chinese dissidents on the outside world...

If all of us just block port 25 that will primarily hurt the "little" man in China. Chinese corporations will undoubtedly also have counterparts in Japan, the US, or Europe, which could act as their "main" mail servers so that "proper" commercial email from legitimate Chinese companies will still get through.

Spam Originating In Asia

[CritterNYC]

Even though most spam is sent through zombied networks in the US and Europe, a lot of spam still originates within Asia. Here's a list of the top IP netblock spam sources I see from APNIC along with the percentage of spam they represent:

211.x.x.x (Asia-Pacific): 8.0%
61.x.x.x (Asia-Pacific): 6.0%
218.x.x.x (Asia-Pacific): 4.2%
221.x.x.x (Asia-Pacific): 4.1%
219.x.x.x (Asia-Pacific): 3.7%
220.x.x.x (Asia-Pacific): 3.0%
210.x.x.x (Asia-Pacific): 1.9%
203.x.x.x (Asia-Pacific): 1.1%
202.x.x.x (Asia-Pacific): 1.0%

This means fully 1/3 of the spam received at my mail servers originates within APNIC. Of course, we can't forget our friends in that other big spammy IP block on LACNIC (Brazil, another huge identity theft/phishing locale):

200.x.x.x (Latin America): 3.6%

Now, if you're a local company or running a personal mail server for contact with only your known contacts, blocking most of that address space becomes quite tempting. If you're a national or international or have any possibility of communicating with folks in those areas of the world, blocking would be a bad idea. Still, there are many mail admins that have taken just this step with many of the above-mentioned IP blocks.

Re:Spam Originating In Asia

[TheLink]

"This means fully 1/3 of the spam received at my mail servers originates within APNIC."

And employees have about a 40% probability of calling in sick on Mondays and Fridays.

Any other stats? Like what percentage of spam comes via the USA?

Re:Spam Originating In Asia

[CritterNYC]

Any other stats? Like what percentage of spam comes via the USA?

Quite a bit. I don't recommend blocking the US, though. Nor do I recommend blocking Asia... or even China. Much of the US spam I don't see as the CBL blocks most of it. (Nearly all of US spam is sent from zombied PCs whereas lots of Chinese spam is sent from real mail servers)

For US users with no contacts in Asia, though, it is quite tempting to just block Asia off, as I was attempting to illustrate. And also to make a counterpoint to the article which makes it seem like most spam isn't sent from Asia even though a large amount of it is. For Asian users who only do business within their own countries, blocking the US might be tempting for the same reasons, especially if they aren't using any DNSBLs.

Personally, I use a combination of DNSBLs (Spamhaus SBL, Spamhaus XBL/CBL, SpamCop and ORDB) along with bayesian filtering to handle the ~250 spam messages a day I get sent to my personal email account.

Re:Spam Originating In Asia

[Ruzty]

I block all of:
200.
203.
210. - 222.
61.
I have partial blocks in 202. because some of those IPs are in Australia and New Zealand and not spammy.

It has worked well for me. Anyone in those blocks who actually knows anyone who uses mailservers I run has our Gmail addresses if they want to send anything.

-M

Re:Spam Originating In Asia

[CritterNYC]

I have partial blocks in 202. because some of those IPs are in Australia and New Zealand and not spammy.

Quite right, which is one great reason not to use wholesale blocks without understanding them. I'm more of a fan of using some of the blackholes.us country-based lists to block China, etc than full IP blocks is someone wants to block certain countries.

Re:Spam Originating In Asia

[TheLink]

How good are the DNSBLs? "false positive" rates?

The antispam software at my previous workplace had a DNSBL feature (SpamCop?). When it was on, it was flagging _entire_ network ranges (whole ISPs), so it blocked email from legitimate companies - customers, partners etc.

Fortunately it didn't just drop connections with a 500 message - it used the DNSBL as a weighting (but had a pretty hefty default weight). So it was easier to figure out what it was doing wrong.

I see so many users using DNSBLs and they're so happy about the spam reduction... They probably don't correspond with anyone from the blacklisted ISPs, but even if I don't either, I am not going to rely on antispam tech that blocks entire ranges of IPs just because of spam from a few IPs.

Re:Spam Originating In Asia

[CritterNYC]

How good are the DNSBLs? "false positive" rates?

They vary widely. The ones I mentioned earlier are the ones I've seen used the most. Maybe add in NJABL and SORBS to that, too. I recently did a statistical analysis of the spam I get. Here are the DNSBLs I use and the percentage of the spam I receive that they have the sending server blacklisted:

ORDB: 0% (recent occurence, was ~1%)
Spamhaus SBL: 12.4%
Spamhaus XBL (aka CBL): 66.3%
Spamcop: 72.0%

As to false positives, it depends on the DNSBL again. ORDB only lists open relays, which are much fewer and further between these days, so, technically, it can't be a false positive. That said, I've never had a legit piece of mail that would have been blocked by it.

The Spamhaus SBL blocked bulk senders of spam, namely the 200 worst offenders in the world who have been thrown off 3 ISPs in a row and are now at an ISP that won't remove them. It's pretty good, but you will get an occasional false positive for places like Topica that send both legitimate newsletters and spam. I think I saw a false positive sent through sina.com or another horribly spammy ISP once before as well. Overall, though, it will be VERY low on false positives.

The Spamhaus XBL (which is really the CBL) is an excellent DNSBL. It lists compromised boxes that are zombies or open-proxied. I've never seen a false positive on the XBL.

The Spamcop BL varies according to who has reported what spam at Spamcop's site. As such, if a real mail server is used for a spam run, it may wind up listed temporarily. I recommend weighting spam based on the Spamcop BL, not blocking. I've seen about a dozen false-positives in the last 12 months with Spamcop's BL.

The antispam software at my previous workplace had a DNSBL feature (SpamCop?). When it was on, it was flagging _entire_ network ranges (whole ISPs), so it blocked email from legitimate companies - customers, partners etc.

It may have been Spamcop's BL. It used to be quite bad, actually, but has stabilized a bit. Even THEY don't recommend blocking mail based on it. Weighting is fine, though.

I see so many users using DNSBLs and they're so happy about the spam reduction... They probably don't correspond with anyone from the blacklisted ISPs, but even if I don't either, I am not going to rely on antispam tech that blocks entire ranges of IPs just because of spam from a few IPs.

Some people don't bother to research them well enough first to understand what the different lists do. Some DNSBLs make a point to say that they do block legitimate mail servers next to spammers on certain networks. It's called collateral damage. Of course, it is their right to list whatever they want... as long as they're clear about it. Some admins are perfectly happy with that as it puts pressure on ISPs to dump their spammers to keep their legit clients happy. I prefer just catching the spam for myself and my clients.

Re:Solution? Bounce with the 550 power.

[taustin]

If spam is coming from their machine (and it is, in the scenario above), they are not innocent. They are either willfully participating, or so fucking stupid they shouldn't be allowed to breed.

Re:Solution? Bounce with the 550 power.

[bani]

554 is more powerful than 550:

554 5.7.1 thank you for your support of falun gong/free tibet now/free and democratic china.

I find the three pronged approach more satisfying. I might go for the four pronged approach and throw in taiwan eventually :)

Use The System Against Itselt ;-)

[ackthpt]

Have one of the chinese sites spam chinese addresses with seditious talk of democracy, human rights, freedom of speech, what a swell COUNTRY Taiwan is, etc.

May the ISPs live in interesting times...

A means to block citizens email access

[JohnnyGTO]

to the internet? I mean if we blackhole more and more of their servers are we not cutting of more and more Chinese from communicationg with the rest of the world ?

Taiwan

[ACNiel]

We need to dupe some poor spam creating company to push a spam email through one of these Chinese ISP's that claims Taiwan independance.

As soon as that happens, the Chinese government will shut down the spam servers in a heart beat.

Maybe we could convince Eddie Veder to try to spam the world about freeing Tibet.

Re:Racist kneejerk:This is a good thing

[rf600r]

Accomplices ARE criminals. How is calling them such "rediculous"?

Because he wanted to start an argument about racism with somebody, even if none existed. Off-topic flaming is fun. Welcome to slashdot.

China As A World Power

[CHaN_316]

I was watching Lou Dobbs on CNN, and he was discussing how disturbing it was that China has a government policy to become the world leader in biotech, high tech etc. They want to be world leader in everything. So, I guess if you want to become a world leader, you have to be #1 in everything including being #1 in spamming. Nations will tremble at their might.

uh, no.

[bani]

sorry, i don't speak mandarin. or cantonese. or any other chinese dialect. i can't read gb2312 or big5 or any other chinese encodings.

so into /dev/null they go. about 200 messages a day of purely-chinese-language-spams, according to my filters.

now if i could just figure out how to filter out all the purely-spanish-language-spams, life would be good.

Re:Simple...

[thomasdelbert]

nuke their nukes. Then there's no problem :)

- Thomas;

insightful? bullshit.

[bani]

you obviously do not admin a mailserver.

most spam is sent directly from chinese "bulletproof hosting", or from trojaned hosts in korea.

a small (very small) percentage is from the us, europe or latin america. precisely because us, european and latin american ISPs are very quick to act and shutdown spammers.

the same is not true of china or korea. china because they simply don't fucking care, and i don't know what korea's problem is.

put china telecom officials emails on your website

[Khopesh]

put email addresses like content@beijingnet.com everywhere you can and let the spambots pick them up; if they get enough hard-to-block spam, maybe they'll start applying the needed pressure.

thanks to Zombie Microsoft PCs.

[Teun]

Strange that these "journalists" nearly always "forget" to mention virtualy all these Zombie PC's run on a Microsoft OS.

The spam generated by Zombies can only exist due to the leaks in the MS products.

Re:thanks to Zombie Microsoft PCs.

[Shikatsu]

Virtualy all these Zombie PC's run on a Microsoft OS

Of course they do, it's the most common operating system. I don't think that if another operating system were to gain popularity above Windows, they wouldn't find some way to exploit it as well. The problem wouldn't be solved if everyone switched to Linux or OSX, because the fact remains that there will always be people who just don't know how to make their computers secure. Not all problems in IT rest on the shoulders of crazy ol' Bill.

Re:thanks to Zombie Microsoft PCs.

[JollyFinn]

You forgot take account of Total cost of 0wnership. Your estimations are way off.

Re:thanks to Zombie Microsoft PCs.

[Teun]

Ah but it's not just the proven vulnerability of MS products, it's just as well the unhealthy mono culture that Bill has inspired and is trying to continue.

The analogy in the real (biological) world is incest.
This would be just as true if all computers were running the same distribution of say Linux.
For me this goes without saying.

Re:thanks to Zombie Microsoft PCs.

[Shikatsu]

Precisely my point, though that sort of conformity is only natural anyway. It's also effecient in certain ways, developers don't have to spend more money in order to to cross-platform unless they already have a following large enough to back that sort of concern. It's a boon to software development. However, said boon also applies to those who write malware, which has been around in some form or another since before windows was even a glint in Bill Gates' eye.

Re:thanks to Zombie Microsoft PCs.

[Shikatsu]

And how many people do you know that stopped going to work because of the increased transportation expense? As long as there is some amount money to be made here, and there always will be, it's not going to go away.

Re:thanks to Zombie Microsoft PCs.

[JollyFinn]

The comment was most importantly this, thiefs don't typicly go for a house which has alarm system. They try to break in easy targets mostly. For the money they don't need break in for hard system. ANY system will do. Windows is and will be nr1 target regardless of marketshare, as long as there is adequate number of windows systems out there on the net. And overall MS has lower total cost of 0wnership, and as long as there is reasonable supply of MS drones they are not going to switch over. They don't NEED to be nr1 in numbers, only the easiest target and enough of them for the task.

Suggested reply to chinese spammer....

[earthforce_1]

I suggest you reply to them in the following manner via a disposable email account:
--
Received your coded message. Operation "Rx Meds" is on track. Further supplies for Tibet liberation front will be delivered via usual contacts when in cases marked "Herbal Viagra" when payment in full received via cook island account.

Long live free Tibet!!
Long live Falun Gong!!

--

Rest assured, with all the net monitoring that goes on, their government WILL put him out of business, or at least you will keep him up at night waiting for a knock on the door.

Censorship technique?

[triffidsting]

I have to wonder if they don't do this on purpose - I mean, if 90% of the traffic comming out of the country is spam, and ISPs block all mail traffic as a result, the few mails offering details about something the gov't wants hushed up would be dropped.

blocks to boycotts

[rodentia]

Why not consider raising the bar. Rather than firewall Chinese IP blocks, make it a boycott. Block all traffic originating in China. Publicize it and while you're at it, boycott Cisco, Oracle, Bill Clinton and all the freedom loving US corporations and politicians that enabled the Great Firewall of China. Put those bastards behind a global TCP/IP boycott and we can move them off their totalitarian ways right quick.

Should take about a week or two, by my reckoning.

Fight back with sendmail

[Matt+Perry]

Add this to sendmail.mc:

# Really give the Chinese Spammers a mouthful...
changequote([[,]])dnl
define([[confSMTP_LOGIN_MSG]], [[EFGIC: U.S. Congress Condemns China's Oppression of Falun Gong on\nU.S. Soil and in China\n\nHouse Concurrent Resolution 304 calls on China's agents in\n the United States to halt all operations being carried out against\n practitioners of Falun Gong on United States' soil, as well as the brutal\n persecution of millions inside China.\n\nLONDON (EFGIC) - Last week, the US Congress introduced a concurrent\n resolution calling on the Chinese government to end its brutal\n persecution of Falun Gong in China and stop all activities against Falun\n Gong practitioners inside the United States.\n House Concurrent Resolution 304 (full text), introduced by Congresswoman\n Ros-Lehtinen of Florida, references China's own constitution and\n international human rights accords in calling for China to uphold\n freedom of belief, assembly, and speech for the millions of Falun Gong\n practitioners in Mainland China.\n Resolution 304 also specifically mentioned section 401(a)(1)(B) of the\n International Religious Freedom Act of 1998 (22 U.S.C. 6401(a)(1)(B)):\n \"Whereas the Constitution of the United States guarantees freedom of\n religion, the right to assemble, and the right to speak freely, and the\n people of the United States strongly value protecting the ability of all\n people to live without fear and in accordance with their personal\n beliefs...\"\n Harassment, libel, and imprisonment have been widespread in\n Jiang Zemin's four-year campaign to eradicate Falun Gong. Torture and\n abuse in custody have led to thousands of wrongful deaths.\n]])dnl
changequote(`,')dnl

Re:Fight back with sendmail

[Skapare]

That almost makes me want to switch back to Sendmail from Postfix (which can't seem to handle something like that very well).

Re:Fight back with sendmail

[jameszhou2000]

No, not chinese spammers. The reality is that most spamming emails and spamming traffic coming from China are created by US-based spammers.

Maybe it's deliberate strategy

[judd]

Perhaps the Chinese government likes it this way for other reasons. If the whole world firewalls off China, that will be more effective at blocking subversive communication than any amount of official censorship. Why pay Cisco et al (boo!) to do it when you can induce others to do it for free and make a buck on the way?

Re:Maybe it's deliberate strategy

[patbob]

more effective at blocking subversive communication

How does the rest of the world blocking outgoing (from China) SPAM email affect any kind of subversive communication? Even if the entire world blocks all email from all Chinese ISP, it still doesn't mean their subversive blocking efforts are any easier -- they still have to block the free access to subversive information (e.g. outgoing HTTP requests, incoming HTTP responses, incoming email, etc.).

Re:Double-sided Great Firewall

[X0563511]

He said everything. Essentially partition China out of the global internet. Might that make them stop and think?

Re:Double-sided Great Firewall

Don't you think that this is something the Chinese might actually LIKE?

If Chinese email to the outside gets blocked on a wide scale, so does email traffic to chinese dissidents on the outside world...


Because no one in China knows about Hotmail. (Or the dozens other webmail sites out there.)

The Great Fire Wall of China

[Nom+du+Keyboard]

Sounds like the Great Fire Wall of China is distinctly one-way.

Of course, you could fix this by spamming anti-Chinese government spam through the servers in an attempt to spread the truths that the Chinese government seeks to suppress from its people.

Then watch how quickly spam servers get shut down!

Re:Put the money where they belong!

[Vadim+Makarov]

Thank you very much for assessing the approach.

I respectfully disagree with the following items in your assessment:

(x) No one will be able to find the guy or collect the money
- This doesn't apply because money are collected BEFORE one is able to start getting the escrow tokens. It has to be a 100% pre-payment service.

(x) It will stop spam for two weeks and then we'll be stuck with it
- It has a chance stop the spam forever. We will eventially have other types of electronic scams instead, but email spam as we know it today will either be limited to the average of several messages a day that emanate from compromised accounts, or cease to exist.

(x) Requires too much cooperation from spammers
- It's true that spammers will immediately try to break any scheme devised or find a workaround in the least expected ways, which is a very valuable contribution we expect from them. If the scheme stands the test, however, no further cooperation from spammers is required.

(x) Anyone could anonymously destroy anyone else's career or business
- Exactly how?

(x) Lack of centrally controlling authority for email
- We have DNS. It has been introduced at some point in the development of electronic communications, not from the very beginning. It is a central controlling authority for several services, including email. It is a paid service. It works. It is possible for another central controlling authority to be introduced.

(x) Incompatiblity with open source or open source licenses
- Why?

I do not think the following items in your assessment are in principle possible to satisfy with any solution:

(x) Requires immediate total cooperation from everybody at once
- Chicken and egg problem is not new to this world. It gets solved all the time, however.

(x) Sending email should be free
- Impossible to satisfy beyond a small closed society where everyone knows everyone.

Furthermore, this is what I think about the assessment in general:

[x] Your assessment is mostly realistic.
[ ] You are taking constructive approach and try to improve the proposed imperfect ideas.
[ ] You are taking the spam problem seriously and genuinely want to solve it permanently.
[ ] You or your employer have means and market leverage to solve the spam problem permanently.

Also, the following may apply to the expert who has performed the assessment. Please excuse me in advance for taking things to the personal side:

[x] Spam war is a great fun for you as an IT specialist / system administrator / programmer, and you are not interested in peace for this reason.
[x] Spam war is a great educational environment for you as an IT specialist / system administrator / programmer, and you are not interested in peace for this reason.
[x] Spam war is probably partly or wholly justifies your own employment as an IT specialist / system administrator / programmer, and you are not interested in peace for this reason.
[x] Unfortunately we have no social mechanism in place to fix any of the three problems above. Overally the society loses, of course.

Re:SPAM Outsourcing.

[ReTay]

"Sounds suspiciously like protectionism."

No it is the normal anti-spam mesures.
Why try to make it more then it is?

Re:Put the money where they belong!

[taustin]

I left out one item:

[x] You are an idiot. Report for sterlization immediately. Bring any living children with you.

Percentages and units.

[khasim]

Of course they do, it's the most common operating system. I don't think that if another operating system were to gain popularity above Windows, they wouldn't find some way to exploit it as well.

Ah, the old "Marketshare == Security" claim.

That is based upon the mistaken assumption that all systems have similar bugs and similar vulnerabilities.

In other words, Security cannot ever be improved.

The problem wouldn't be solved if everyone switched to Linux or OSX, because the fact remains that there will always be people who just don't know how to make their computers secure.

But a large portion of that can be handled by the vendor. Just shipping with the ports blocked will prevent worms from cracking your computer.

If 90% of the workstations were running Linux, it would still be easier to crack one of the remaining Windows boxes via worm.

You might see an increase in the percentage of Linux machines that were cracked ...

but the total number of cracked units would be a fraction of the number of cracked Windows boxes today.

Marketshare != Security

Security != Marketshare

Re:Percentages and units.

[Shikatsu]

If 90% of the workstations were running Linux, it would still be easier to crack one of the remaining Windows boxes via worm.

yes, but ease isn't necessarily that much of an issue, if %90 of the market were Linux machines, no one would care to crack Windows workstations at all, if the majority of the machines were harder to crack, they'd try harder to crack the majority of machines. These things are created solely to infect as many as possible, that's their whole motivation. you may eliminate a few spammers from the field, but the more dedicated and knowlegeable pushers of such trash could quite possibly increase their gains through the heavier difficulty and lack of competition. You'd simply end up with less people making more money, and just as much spam.

That is based upon the mistaken assumption that all systems have similar bugs and similar vulnerabilities.

I'm not assuming that at all, but show me a totally flawless operating system and gladly eat my words. To assume that they wouldn't adapt to different bugs and vulnerabilities is naive. Security can be improved, but so can cracking.
These people aren't stupid, they're just assholes.

Ouch...

[Firethorn]

And the spammers, if chinese, do NOT want the government to take negative notice.

Remember, even if the country is more or less capitalistic, the government is still totalitarian. They execute people for drunk driving and such...

Re:Ouch...

[1u3hr]

Remember, even if the country is more or less capitalistic, the government is still totalitarian. They execute people for drunk driving and such...

Actually, there have been several recent cases when drunken cadres have killed pedestrians in hit and runs, and when the families of the victims tried to get justice they found themselves beaten and imprisoned. Communism didn't work out the way Marx thought; it's a long way from a Workers' Paradise.

Re:Ouch...

[Firethorn]

Which still means that if the spammers annoy the higher ups, that various unkind things will happen. And as for the higher-ups doing the spamming, well, they have better (corrupt) things to do with their time with better profit margins.

ISOC China isn't

[ae]

Some of you might have thought it somewhat weird to read the stance of Internet Society of China (ISC). I know I did. Well, it turns out that Internet Society of China isn't a chapter of Internet Society (ISOC), as the name might lead you to believe. Lynn St.Amour, President, CEO of ISOC writes in a letter to the editor of The Economist, in reply to a similarly confusing article:

Your September 5 [2002] story "Stop Your Searching" on censorship of the Internet in China referenced an organization backed by the Chinese government that calls itself the Internet Society of China. I would like to make it absolutely clear that this group is in no way affiliated with the Internet Society (ISOC), a global not-for-profit membership organization founded in 1991 to provide leadership in Internet related standards, education, and policy development. ISOC has offices in Reston, Virginia, and Geneva, Switzerland, with chapters throughout the world.

Complete letter

Why should the Chinese government want to stop it?

[markh1967]

Given that the chinese government seems intent on censoring and isolating their citizens on the Internet so they don't get funny ideas about freedom and democracy and such like from outsiders, having chinese servers spamming the rest of the world with impunity probably looks like a good policy to chinese authorities; the great firewall of china will soon be more opaque as more and more outside servers just stop receiving amy emails from chinese servers and other blocks on traffic are imposed.

So long as they don't spam other chinese servers there isn't really a downside to it for the chinese authorities.

What would you expect?

[Indentured+Lackey]

What would you expect from a country whose government has poor ethics, no baseline for right and wrong, and a warped sense of morality? They are communitsts, if curbing this plague isn't going to profit them, why would they care?

Solution

[a3217055]

Just don't let any email server in China to send email. Block all incomming chinesse email server requests. Why not they block rest of the world's 'free information' why not block there messages to rest of the world. (Just allow the universities, definately no goverment and some web hosting companies ) I mean this is not a nice soln. but then after a few months the goverment will enforce there rules. If they can play hard so can we. Then all we would need is chinesse food workers to go on strike. Solution is to pressure the goverment into havin antispam policies.

There was an article a little while ago.

[khasim]

Comparing the attacks on various systems.

Win2K was cracked almost instantly.

Win2K + sp2 was not.

The Linux box was attacked about twice an hour.

Un-advertised boxes, located by simple scans.

yes, but ease isn't necessarily that much of an issue, if %90 of the market were Linux machines, no one would care to crack Windows workstations at all, if the majority of the machines were harder to crack, they'd try harder to crack the majority of machines.

Yes, I see your point. That is why every bank is robbed every day.

It isn't about trying, it's about succeeding.

A good security model means that they don't succeed.

These things are created solely to infect as many as possible, that's their whole motivation.

And if they don't infect the machines, so what?

you may eliminate a few spammers from the field, but the more dedicated and knowlegeable pushers of such trash could quite possibly increase their gains through the heavier difficulty and lack of competition.

Look at the statistics for Apache deployment vs IIS. Yet Apache systems are cracked less than IIS/Windows boxes.

The real world does not seem to reflect your claims.

I'm not assuming that at all, but show me a totally flawless operating system and gladly eat my words.

Nice try. No one said Linux was flawless.

But it doesn't have to be flawless to be better than Windows.

And better means fewer compromises.

To assume that they wouldn't adapt to different bugs and vulnerabilities is naive. Security can be improved, but so can cracking.

Again, you've just stated that there is no such thing as "Security".

No matter how much effort is put into Security, you believe that it will be cracked and that it will be cracked as often as insecure systems are.

Yet, strangely enough, every bank is not robbed every day even though they have lots of money in them and lots of people going into them.

All you see is Marketshare.

Marketshare != Security

Re:There was an article a little while ago.

[Shikatsu]

Oh, i'm not debating wether or not Linux is better than windows, don't get me wrong. That's really not a point I care to argue. Trying to do so could almost be considered flamebait 'round these parts, and i really have no interest in the jihaad, people use what they prefer. I'm just trying to say that spam and malware is never going to go away completely. Everyone seems to think there should be some magical solution to it, when really the only thing you can do is try to improve discretion on the part of the individual or organization.

Re:There was an article a little while ago.

[Fallen_Knight]

The Linux box was attacked about twice an hour.

did they break in or was it a unseccussfull acttack?

Blocking legitimate senders

[Skapare]

If I were able to block 100% of spam and let through 100% of legitimate mail, then I have still failed because of the fact that I still need to do blocking. My mail server still gets pounded by spam. And if was able to do that, and everyone else copied from me to do so, too, then spammers would figure out how to make their spam look like legitimate mail, and then we'd be back to square zero.

See ... the goal is not (entirely) about preventing spam from getting into my mailbox. The goal is to not have the costs of spam imposed on me, my network, my servers, my users, and my customers.

Those who choose to use providers that let spammers (actually, they are taking a pink commission to do this) cause me to lose computer and network resources are not really all that legtimate, IMHO. So while they are not necessarily directly responsible, they are indeed indirectly responsible. So I have no qualms about forcing them to go through hoops, like getting whitelisted in advance, to be able to have their email accepted. At least I'm allowing almost every network to make an SMTP connection so I can see if the email is from a known (whitelisted) legitimate sender.

Much of this issue is about knowing in advance if the email is legitimate. If I whitelist your email address, then I am considering you to be a legitimate sender. Even still, it's a weak form of identity, since a spammer might discovered that you are whitelisted and start forging your identity by using your email address as the sender on spam.

You are responsible for making your email rise above all the spam in terms of legitimacy (while spammers are trying to make theirs rise above yours). Only if I known it to be legitimate can I consider it to be so.

If all the legitimate customers of some ISP that harbors spammers were to leave it, then that ISP would be nothing but illegitimate, and then everyone could block them solidly, right at the border routers. Some of those ISPs might not be able to survive without some legitimate customers. In part legitimate customers are the hostages used to prevent being totally blocked. Are you a hostage for your ISP's partnership in crime with spammers?

If every ISP feared total loss of all legitimate customers (which will lead to total blockage of their network and in turn loss of their spammer customers, too), they would not host spammers.

I do block the masses of cable and DSL connections. Does that mean your home mail server on such a connection gets affected? Probably so. I do that blocking by (sub)domain name, so if by chance you have one of the few clueful ISPs that do this, and get static IP, you can have your address identified in reverse DNS with a name different than the ISP's generic identity (such as by using your own domain name). Then you can get through. Or use an outside mail forwarder / smarthost (in many cases the provider of those cable or DSL lines does not have their own mail servers blocked, so try using those).

Here's an idea how to stop Chinese SPAM

[DrDebug]

All we have to do to get the Chinese government involved:

Get ahold of a few SPAM friendly Chinese ISP's.

Send a few million SPAM messages advocating the violent overthrow of the Chinese government.

Sit back and watch the s**t hit the fan.

Voila! No more Chinese spam hosting problems.

Routing

[Grand+Facade]

all of their packets to /dev/null.

That'll get their attention!

RicKB

Spam to get democratic news into China

[MrGHemp]

The title pretty well sums it up. What if an underground effort to counter act the Google filters the Chinese gov places against democarcy, started using spamer techniques to inform the Chinese masses... After all news and information is at the heart of the internet. Could the power of spam become a force of good? Or at least enlightenment. I'm not takling about spyware, more like a seti style smtp engine which received email feeds form some central source. If milions of users world wide sent info-email to Chinese citizens how would there goverment stop it?

Food for thought

Spam e-mails DO come from China.

[gottabeme]

No, you misunderstand. Spam e-mails DO originate in China. If you actually report some of them with SpamCop, you'll see for yourself.

If you want a really bad one, look up wholesalebandwidth.com. From what I can tell (and I'm no expert on it, so I could be wrong), it's a high-tier ISP-level spam host. Meaning, they have a backbone connection and can spam all they want because their backbone contracts don't care and they own their own connection.

Re:Double-sided Great Firewall

[X0563511]

Why, exactly, is that a troll?

I am aware that that would be a very drastic measure, and very unfair. But it is one of the ways that would get the Chinese government to step in and start regulating their ISPs, without fail.

I am also aware that their economy is not the only one that would suffer.

Banner ad for Chinese ISP on spamforum.biz

[Animats]

There's now a banner ad for cheap bulletproof hosting on spamforum.biz.

• "Our servers are all China-based to ensure no problems arise from complaints generated by email you send. We do not allow: Scam or Anti-Chinese Government sites.

  Most "bulletproof" hosts are made to jump between connectivity providers and countries very frequently to avoid being shut down. In comparison, we are allowed by our upstream to operate freely and openly. This makes our operation simple and reliable.

  Our ISP allows us and our customers to send bulk email. They will never shut us down due to complaints. Most other so-called "bulletproof" hosting providers cannot guarantee this.

However, they're really a US company run by a known spammer in Ann Arbor, MI. Microsoft is suing them.

Here's the story.

[khasim]

http://slashdot.org/article.pl?sid=04/11/30/193224 5