China Signs Anti-Spam Pact

Iphtashu Fitz writes "The Chinese government has joined an international anti-spam effort started by the U.S. and UK. Over the weekend China stated that it would join international enforcement efforts against spam by adopting the London Action Plan on Spam Enforcement Collaboration. The London Action Plan was launched after a conference on spam enforcement hosted jointly by the UK Office of Fair Trading and the US Federal Trade Commission in London in October 2004. It was the first international forum to focus exclusively on spam enforcement. China is well known for being one of the biggest origins of spam, with as much as 20% of all junk e-mail originating from within its borders."

China is only 4th (or so)

[Greg+Wright]

China is a very distant 4th place when it comes to spam. You want to know who leads the world in spam output; its the wealthy EU countries followed very closely by Japan-Korea and the US. I don't know where that 20% for china comes from. From a study done in March of 2005:

1) Europe(*) 24.70
2) Japan-Korea 24.24
3) US 22.80
4) Greater China(**) 14.45

(*) European Union countries: 21.85%; Top spam-distributors: French, Spain, Germany, UK
** Including: China, Taiwan, Hong Kong.

source: http://www.clickz.com/stats/sectors/email/article. php/3491796/

Of course, I also see numbers like this from a slightly older article:

"Sophos, Inc., an anti-virus and anti-spam company based in Lynnfield, Mass., reports that the U.S. -- sending out 42.53 percent of all spam -- sits far atop its list of the world's Top 12 Spam-Producing Countries."

So, just depends on who you ask on how it breaks down, however, either way, it isn't China.

Re:China is only 4th (or so)

[Rosco+P.+Coltrane]

And what's more, given how well CAN-SPAM is working, the chinese aren't taking much risk joining this anti-spam posse. They'll just keep on spamming as long as they don't reach the top of the list.

Re:China is only 4th (or so)

[Rei]

Per capita, China is a net saint (1/4 of the world's population, 1/7th of its spam). Per net user, it's pretty bad (China has about 40 million internet users; America has about 190 million). All in all, it is about what you'd expect for a newly-emerging net-connected nation (only about 2.4% of the population, last I checked, had net access).

Re:China is only 4th (or so)

[Martin+Blank]

Per capita, China is a net saint

I hear the Amish are also very good about not polluting the internet. :)

Re:China is only 4th (or so)

China has 94 million internet users, not 40 million.

Re:China is only 4th (or so)

[Rei]

Actually, 40 million was a typo; it was supposed to read 30 million.

2.4% penetration, 1.3b people = 30m people. A reference for China's net penetration is here:

"In the case of internet connectivity, South Korea once again comes out with flying colours. Twenty six out of every 100 South Koreans are connected to the world through internet while 12 out of every 100 persons in Malaysia have internet connection. Around 2.4 out of every 100 Chinese have internet access but India again is at the bottom of the list with a net penetration of just 0.4 per 100 persons."

Where's your number of 94 million coming from? Perhaps my ref (from Nov. 2004) was using out-of-date info. And does that 94 million number sync up with the timeframe of the spamming data?

Re:China is only 4th (or so)

Where's your number of 94 million coming from?

I'm not the grandparent, but there was a Slashdot story last Friday about how there were now 100 million Chinese with Internet access. The source was from the BBC, and it was an article entirely on that topic rather than just a passing reference, so it's probably pretty accurate.

The story did mention that broadband users in China numbered 30 million, so perhaps that's what the other article meant?

Re:China is only 4th (or so)

[yourfnmom]

Thank GOD. I thought I was the only one.

Re:China is only 4th (or so)

[Rickler]

I could of sworn number 1 was Russia...

Re:China is only 4th (or so)

[MerlinTheWizard]

Would you really trust statistics on spam coming from an online marketing company (clickz.com)? Come on! To me, but that may just be me (I don't think so), this kind of marketing sites are responsible for a huge amount of spam... Figures coming from a respected computer security company: Sophos (sophos.com), which you mention, are in my opinion more to be trusted.

Anyway, of course China is not the top spammer for now; and here is my hypothesis on that. If you closely look at the figures, you realize that the top spammers are the countries that are the wealthiest, have the most economic activity and, most of all, have the most agressive marketing strategies. I think that really is as simple as that, since, in my opinion (and in the studies of many people on the topic), most of all the spam is actually used for business reasons...

Re:China is only 4th (or so)

that source you are referring to is November 04, 2004. link here you don't know how fast things are going now in china. no matter it is about internet users, or mobile users, a three-month statistics is already not up-to-date.

Re:China is only 4th (or so)

[Kojiro+Ganryu+Sasaki]

Could HAVE sworn.

Re:China is only 4th (or so)

[mister_llah]

Well, if you went on a percentage of spams per user, the percentages begin to change a little, I'd imagine... but interesting stats, none the less :)

===

Why the US hasn't enacted stricter spam legislation is beyond me, I doubt congressmen are getting "spam kickbacks" (except perhaps from Hormel)... so the usual hold-up of 'greed' isn't in action...

So... WTF?

Re:China is only 4th (or so)

[SacredNaCl]

It probably depends on where you dip your measuring stick in. My own numbers taken from abuse reports do not support their conclusions.

I looked through my last 300 abuse reports and over 80% of mine go to...(drum roll) Korea! Most of them from Kornet. Does anyone know if Kornet has actual legit customers that aren't spammers/scammers? Or are these folks just a bulletproof hosting company?

The second largest country of report is China, and after that the good ol' USA (most of them go to Comcast).

Re:China is only 4th (or so)

[aminorex]

That's a ludicrous statistic. At that rate, I've already cybered with more schoolgirls in China than there are online....um, wait a minute...

Re:China is only 4th (or so)

[Captain_Chaos]

You want to know who leads the world in spam output; its the wealthy EU countries followed very closely by Japan-Korea and the US.

Can I just point out that Europe is not one country!!! . I get a bit tired sometimes of all these comparisons (mainly by Americans) of the US or other countries with Europe, as if they are comparable entities...

Re:China is only 4th (or so)

[anotherview]

most of them can not speak english,maybe you should learn chinese first

great!

[DeathByDuke]

now wheres the one for zombie pcs?

Re:great!

[daniil]

These are not zombie pc-s. These are Communist pc-s (running Red Flag Linux -- what else?), working together for the common good.

so the spammers..

[VolciMaster]

sign a pact to not spam? How does that work? The Chinese government is having enough trouble censoring normal internet traffic as it is. With 100 million internet users in the country, how big do those gateway mail relays need to be to be effectively blocking spam?

Just think, SpamAssassin on a cluster of Crays.

Re:so the spammers..

[Tackhead]

> > so the spammers.. sign a pact to not spam? How does that work? The Chinese government is having enough trouble censoring normal internet traffic as it is. With 100 million internet users in the country, how big do those gateway mail relays need to be to be effectively blocking spam?

It's even less than a "pact not to spam".

Read between the lines of the "protocol" they've signed onto. It's basically an agreement between a bunch of bureaucrats to get together with fellow bureaucrats and gab at each other about how spam's bad, mmmmmkay. Not a damn thing on the list that could possibly result in the slightest hint of policy, let alone legislation or any other form of action.

> 1. Designate a point of contact

"which in the case of our country, happens to be /dev/null".

> 2. Encourage communication and coordination among the different Agencies...

"Hi Joe, how's things in your neck of the bureaucracy? Pretty cool too, huh? Great! Kthxbye!"

> 3. Take part in periodic conference calls, at least quarterly, with other appropriate participants to...

"See #2. Well, see #2 in 90 days. Reading this post out loud means we're already done for this quarter."

> 4. Encourage dialogue between...

"When we talk, we'll even say we'd like other people to talk to!"

> 5. Prioritize cases based on harm to victims when requesting international assistance.

"This guy pissed off a campaign contributor of a buddy of mine, so his folder goes to the top of the stack of papers in the disused lavatory at the bottom of the stairs with the sign on it saying 'Beware of the Leopard'. But it's due to get our attention faster than the ones at the bottom of the stack."

> 6. Complete the OECD Questionaire on ...

"If we can host one conference call per quarter, I suppose we can also approve funding for a #2 pencil."

> Encourage and support the involvement of less-developed countries in spam enforcement cooperation.

I could read that as...

"J0IN N0W! MAKE L0BBY1ST FA$T! WOR-K IN UR OWN PVT GOVER|\|MENT OFF1CE! All u need is 2 fill out paper and be SITTING IN ON ONE FONE CALL EVRY 90 DAYS!"

...but you might think I'm cynical or something. *sigh*

Re:so the spammers..

[carpltunl]

In Communist China as spam you pacts.

Hey, it's a thought!

Good

[mfh]

China is being really smart. This is not just a move to demonstrate they are against spam or limit liability; I think it's to show that they can be a lovable government. Would Mao care about spammers? China appears to be taking a page from Canada in how to be a liked country. They are ratifying a London anti-spam accord and that to me spells maybe some change in their normally opressive attitudes? How long before China starts ratifying UN human rights accords and the like? It could not be soon enough and this is a sign that they are moving in the right direction. I applaud this and only hope that it is as good as it looks. Please, China, keep progressing towards a free society. (and I could say as much for the USA, too)

Re:Good

[commodoresloat]

China appears to be taking a page from Canada in how to be a liked country

They're letting Americans slip into the country for cheap drugs and medical care?

Re:Good

[Rosco+P.+Coltrane]

China appears to be taking a page from Canada in how to be a liked country.

I don't remember Canadian mounties shooting people at the Gate of Heavenly Peace square in Ottawa...

Re:Good

[eosp]

That might solve their overpopulation problem. Very quickly, I might add.

Re:Good

Actually i've heard a lot of people are oncerned about china's rapid development as a country. It's not my opinion personally, but since china has such a huge population logic would dictate it need a huge supply of resources.

With demand for things such as labour, automobiles, gasoline, power, and other such resources on the rise, it could reak some havoc on the balance of the world. One can imagine the resources a country of that size would eat up if it had an economy comparable to say, USA or Japan.

Re:Good

Perhaps i missed the sacasm, but any anti-spam law would just be another form of censorship.
It almost seems odd that China wasn't first with anti-spam laws.

Re:Good

Oh so wrong.

That would be Cananda taking a leaf from China's book.

Re:Good

[whitehatlurker]

Yeah, we covered that one up pretty well.
[mystical Jedi hand waving] These are not the Gates of Heavenly Peace you're looking for.[/mJhw]

Re:Good

[1u3hr]

At least in China, it might be possible for spammers to get the death penalty.

They could extradite Ralsky and give him a bullet in the back of the head. The same way the US sends "terrorist suspects" to countries that have no qualms with torturing them.

Hard one

This is going to be a hard one as most spam coming from China is either from sold botnets or router international traffic. The purpose of this Act is to increase cooperation between countries to share information but this isn't going to help much with China.

In Communist China....

[Alex+P+Keaton+in+da]

In Communist China, computers spam you...
China can stop spam much more easily because the state has control over the internet... Sort of like how my parents used to have more control over me when I lived with them (what are these Kmart Brassiere Catalogs doing under your mattress) than they do now, when I live with my grandmother.

Re:In Communist China....

So what you're saying is now you have your Grandmother's brassieres under your bed?

How long until the US does the same?

[mcrbids]

It seems to me that a tremendous amount of SPAM comes from Florida, USA! So, when will the US decide to sign a similar pact to deal with it?

Re:How long until the US does the same?

[Kphrak]

If you even read the summary, you'd see that this pact was started by the US and the UK.

I know Slashdotters are famous for not reading the article...but geez.

Re:How long until the US does the same?

According to the main story, they already have!

Re:How long until the US does the same?

The president will refuse to do that, claiming that the pact would hurt the American economy.
Just like he refuses to do anything for the environment, poverty, or whatever other topic that does not boost his economy or vote.

In Related News

[DanielMarkham]

In related news, China will continue to be the world's leading supplier of hacked DVDs and CDS, they're just promising not to pester you about buying them.

Screensavers as Corporate Message Boards?

Re:In Related News

[oringo]

What you said is true, but I'd like to say something in defense of this doing. It's not that Chinese don't want to follow the rules, it's simply because the "legal" ones are too expensive for common Chinese people. You talking about selling a $20 movie DVD to someone who makes that much money in a week (even in America I think it's too expensive). The ill-alligned marketing strategy creates a huge demand for illegal CDs and DVDs. It's no surprise that most of the piracy happen in countries where average salary is low.

But what about the hosting of spammed sites?

[remmy1978]

China is well known for being one of the biggest origins of spam, with as much as 20% of all junk e-mail originating from within its borders.

But what about the so called "bullet proof" hosting that you can get in China? A lot of the Viagra spammers have their ordering site in China and no number of complaints filed make any difference. I think that might be a bigger issue than spam originating *from* China.

Re:But what about the hosting of spammed sites?

[Ronald+Dumsfeld]

But what about the so called "bullet proof" hosting that you can get in China?

That's exactly what I was thinking when I read this. China isn't such a big problem with regards to the spam I see and report to SpamCop, it is the URLs within the spam. You'll see the same damn email address as the abuse contact for days, sub-domains off some site that has fairly non-contentious or spammy content, and it takes forever for them to get taken down.

Honestly, sometimes rather than report the spammers to SpamCop I just follow their "unsubscribe" link and tell them not to send mail to uce@ftc.gov. I'm sure they don't want to get in trouble by spamming the US government.

Re:But what about the hosting of spammed sites?

[glesga_kiss]

But what about the so called "bullet proof" hosting that you can get in China? A lot of the Viagra spammers have their ordering site in China and no number of complaints filed make any difference.

Can you please back that statement up with a few examples? I'm having a hard time figuring out how capitalist scams are taking place in a communist country that isn't all that favourable to foreign business. IIRC you need government approval to do business in China as a foreigner. Which Chinese banks are transfering the profits back to the US? Which hosting companies are doing this?

I suspect that this "china is to blame for all our woes" is simply just plain racism. It is slashdot after all...

Re:But what about the hosting of spammed sites?

[remmy1978]

Can you please back that statement up with a few examples? I'm having a hard time figuring out how capitalist scams are taking place in a communist country that isn't all that favourable to foreign business. IIRC you need government approval to do business in China as a foreigner. Which Chinese banks are transfering the profits back to the US? Which hosting companies are doing this?

I suspect that this "china is to blame for all our woes" is simply just plain racism. It is slashdot after all...

Well... that is just lovely... calling me a liar and a racist when you don't even know me at all. And what is even worse is that your comment suggested that I am just making things up when it is you that is making things up out of thin air.

Since you asked for examples, I'll just point you to
http://www.spamcop.net/w3m?action=inprogress;type= www which lists all the spamvertised sites which were recently submitted to spamcop. Just have a look and see how many are China based at any given time.

Re:But what about the hosting of spammed sites?

[glesga_kiss]

I'll just point you to http://www.spamcop.net/w3m?action=inprogress;type= www which lists all the spamvertised sites which were recently submitted to spamcop. Just have a look and see how many are China based at any given time.

Less than a fifth by my cursory glance, with the majority of the remainder being US and Russian hosts. But I am surprised that there were even that many; as I said, doing business in China is not all that easy. I'd suspect that these hosting companies aren't quite legal in China. (whether they crack down on them is another story!!).

Well... that is just lovely... calling me a liar and a racist when you don't even know me at all.

Well, I'd say I was fairly polite, I merely said "can you please provide examples", and explained why I thought it wasn't the case. The racist observation was more to the general feel of the thread, where many folk were pretty much stating that ALL spam comes from China, which is compete bullshit. All my spam is priced in dollar signs, I don't know about yours! Should I block US ranges for incoming mail? I'd lose contact with many friends, but it would stop most of my spam.

A Checkered Past

I hope China takes this more seriously than they have taken their commitments to prevent piracy in the past.

What about Nigeria?

[IcyNeko]

I maen seriously, the US is in on it, but what are they doing to that lamer who makes a living by running spamming servers? I mean, isn't that considered a "spam zombie"?

BTW, when will Nigeria join the anti-spam ring? I mean honestly, with the bajillion dollars that each citizen has over there that they are dying to get off their country, it's a surprise they don't agree to have better computer protection worldwide.

^_~

Re:What about Nigeria?

[linguae]

BTW, when will Nigeria join the anti-spam ring?

As soon as you send their president $50 to put inside a bank account, in which $50 million will be deposited into the account, and you'll get 20% of it. He promises it.

Re:What about Nigeria?

[IcyNeko]

Which president? They've had so many that have offered me the same thing. Sometimes it's Military Generals, and other times it's an american who visits there and ends up with a family.

Re:What about Nigeria?

We, the Nigerian Armed Robbers, will handle the Spam Originating here. I accept that we are not as ruthless as our government, but we have dangerous weapons, and (unlike the government) a will to succeed.

For and on hehalf of

Nigerian
Armed
Independant
Robbers
Association

Re:Easy Solution!

[grub]

I'm assuming your friend's school has no Chinese students that would never need to keep in touch with family and friends back home? If I tried that at my workplace I'd be keelhauled (on a junk, but keelhauled nonetheless)

Weird idea...

[erroneus]

I just had this weird idea and I can't imagine that it's a "new" idea by any means, but I would be curious as to why people think it wouldn't work:

Make commercial emailing legal, but tax and regulate the hell out of it. Make rules that make it easy to block them where they are unwanted and all that... nothing new there (CAN-SPAM) but taxing it will give added muscle to encorcement since almost anything they do to skirt regulations might be twisted or spun into some form of tax evasion or another. (We know that while spam emails often come from other countries, the actual source and instigator is most likely somewhere in the U.S.)

So just tax it and put'm in jail for tax evasion and be done with it.

Re:Weird idea...

[taustin]

Given that virutally all spam is already criminal - advertising products that do not exist, that do not do what is claimed, that are blatantly illegal on their face, like drugs or child porn - and the criminal laws being broken are almost completely unenforced, given all that . . .

Why would you think that a new law would be enforced?

Re:Weird idea...

[erroneus]

We're talking about the IRS here...

Re:Weird idea...

[taustin]

We're talking about the IRS here...

That rather supports my point. The IRS is well known for only going after victims who have money. Very few spammers have a pot to piss in or a window to throw it out of. Mostly, they sit in their trailers, at the edge of the swamp, surrounded by greasy, empty KFC buckets.

China signed = good. BAD for spammers :)

Now that is cool. At least there we can hope for the death penalty for spammers. Go on, admit it - YOU want to wring their filthy necks every time your mailbox fills up. China will DO it, instead of the PC slap on the wrist the US/UK/Euro courts impose.

Re:China signed = good. BAD for spammers :)

Yes, human rights is "PC". Thats a great one.

I love the lynchmob mentality of the anti-spam crowd.

Please, lets be sensible in how we approach the situation.

Re:China signed = good. BAD for spammers :)

[Ced_Ex]

Please, lets be sensible in how we approach the situation.

I'll be sensible once my daily inbox number becomes a sensible amount.

LAPSEC?

LAPSEC? Damn, that came one letter away from making an acronym where I could really get behind this plan.

Good

[Conspiracy_Of_Doves]

At least in China, it might be possible for spammers to get the death penalty.

Re:Easy Solution!

[Kainaw]

I have an easy solution, provided by a friend of mine at a major local university -- Block ALL mail from China.

I work at a university and about 1/3 of my email is between people in China. So, how is this solution supposed to work? Perhaps we need a better solution: Block all email from Earth!

Taxing commercial email???

[flajann]

The last thing we want is for governments to take an even greater role in regulating us.

Let's find better technological solutions to spam control, and less government-based solutions.

After all, government never get it quite right. Moreover, there is the enforcement issue. It's just not workable. Anyone can purchase a web server in any other country other than the one they live in, so enforcement becomes a joke at best, or worse becomes so draconian that it will hurt hammers as well as spammers (or may not hurt spammers at all, since they can skate the loopholes in the system).

Ulterior Motives?

[twifosp]

I wonder how much of China's decision had to do with actual spam, rather than an additional form of information control.

Spam could potentially provide China's citizens with additional knowledge the government doesn't want them to know about.

It also cuts down on the amount of bulk China has to process to know what's happening with "its" internet. If China doesn't have to contend with spam, it can devote more resources to scanning their citizens software for disent.

Hey, I just thought of something: Maybe spam isn't a malicious, egregious and unsolicited marketing technique after all! Maybe it's just those countries trying to clog the internet filters with junk so they can disguise their normal communications. Spam is freeeeedom! If you try to squash spam, you're just one of them!

The revolution exists in penis enlargers and pain killers and we didn't even know it!

Re:Ulterior Motives?

(You knew it was coming... .)

Help! I'm being held prisoner in a Chinese Spam factory!

Re:Ulterior Motives?

[Valiss]

Spam could potentially provide China's citizens with additional knowledge the government doesn't want them to know about.

How? Letting them know their penis size isn't up to snuff, so they better order some more viagra?

Re:Ulterior Motives?

[twifosp]

As laudable as it might sound, China doesn't want its citizens knowing about western technology. The less China's citizens know about the outside world, the less China has to explain, therefore the less China appears to be hiding from its Citizens.

Re:Ulterior Motives?

[Valiss]

Heh. Who would have guessed: freedom through spam.

Re:Ulterior Motives?

[glesga_kiss]

As laudable as it might sound, China doesn't want its citizens knowing about western technology.

More laughable than laudable! What a stupid thing to believe! What, do you think they censor out every gadget in the hollywood DVDs available everywhere in China? Why? It's POLITICAL thought they censor, not technology.

We aren't much better ourselves, unpopular speach isn't exactly welcome and is likely to get you a one way ticket to camp xray.

In other news, Hitler signs non-aggression pact

And will attack in the morning.

Mod this as troll, mod it as flamebait. Apply Godwin's law (which is nothing but a dodge anyway...).

Then read about how Hitler signed a treaty with Joe Stalin saying the Germans wouldn't attack.

Re:In other news, Hitler signs non-aggression pact

[daniil]

Actually, there is evidence that Stalin was planning an attack on Germany, but Hitler beat him to it (by just a few weeks). So they were both backstabbing pricks (which isn't really much of a surprise).

On a related note, it turns out that Hitler may have been the inventor of the inflatable sex doll.

Re:In other news, Hitler signs non-aggression pact

[Peter+H.S.]

Actually, there is evidence that Stalin was planning an attack on Germany, but Hitler beat him to it (by just a few weeks). So they were both backstabbing pricks (which isn't really much of a surprise).

Actually there is zero evidence showing that the USSR was planning an attack on Germany. Somebody once wrote a book claiming what your saying, but scores of military historians has failed to find anything that could support that thesis. OTOH there is tons of archives supporting the thesis, that the USSR did not have any immediate plans for an attack of Germany, and that the German attack came as a surprise.

Re:In other news, Hitler signs non-aggression pact

[daniil]

Somebody once wrote a book claiming what your saying

Vladimir Rezun, aka Viktor Suvorov. I've read some of his books, and i agree that most of the stuff he writes is bullshit. The only one of his theories that has, as far as i know, held water (might have something to do with the fact that it wasn't actually his idea), the only one that even his opponents agree with, is the one that USSR was planning an attack. But no matter how Suvorov tries to spin the facts (for him, Stalin was a genius of military strategy and everything he (that is, Stalin) did, even the obvious mistakes, was yet another sign of his brilliance), there is still no denying that the German attack did come as a surprise to the Soviets.

Shameless plug

[mi]

Use SKEM to automatically block IP-addresses, which your spam-filter(s) suspect of spamming.

SKEM ( /usr/ports/mail/milter-skem on FreeBSD) will not eliminate spam, but it will throttle the volume of it arriving from rogue servers and hi-jacked PCs, while the worst effect of a false-positive is delayed (rather than rejected) legitimate e-mail.

your missing the point!!

China has a hostile regime in place, and is also paranoid about outside influences.

Needless to say, spam is one big outside influence! Most spammers are from the US, right?

: )

In Other News

[jetkust]

Due to bad publicity, Hormel renames it's canned meat product back to its original name, Junk Mail.

Re:In Other News

Prince John: Such an unusual name, "Latrine." How did your family come by it?
Latrine: We changed it in the 9th century.
Prince John: You mean you changed it TO "Latrine"?
Latrine: Yeah. Used to be "Shithouse."

A long time. And right now.

[jfengel]

The US is already in on the pact, along with the EU. But the plan doesn't say "Do not spam"; it's the beginning of a process for fighting spam.

Yeah, you know spam when you see it, but it's a little harder when you tell a country to filter every outgoing email. What's required is a lot more complex: a mechanism for coordinating, tracking, and aggregating complaints; for tracking down offenders across countries without violating sovereignty; resolving problems with private individuals in foreign countries.

Just defining "spam" is incredibly hard; look at the way the US government botched it. They called it "unsolicited commercial email", which is wrong. Not all spam is commercial, and not all unsolicited commercial email is necessarily spam.

This is just the beginning and it's going to be a long time before this yields any actual spam reduction.

But they're in first place where it counts --

[commodoresloat]

the brutality of their human rights situation. While American spammers get off easy with a mere 9 years of taxpayer-subsidized television and weightlifting, we can expect Chinese spammers to receive the torture and hard labor they so richly deserve...

Re:But they're in first place where it counts --

[blueZhift]

we can expect Chinese spammers to receive the torture and hard labor they so richly deserve...

OK with me as long as it includes those blog spamming online poker dicks!

Re:But they're in first place where it counts --

[rworne]

Actually it is far more profitable for them to use the spammers for organ harvesting.

Re:But they're in first place where it counts --

[rduke15]

Actually it is far more profitable for them to use the spammers for organ harvesting.

Only if spammers actually use the products they advertise, and if these products actually do work as advertised.

Yeah, like China really cares about the rule of la

[ShatteredDream]

And how many extrajudicial executions still happen in China? How about the laogai? Buy something at Wal-Mart lately? Well it could have been made with slave^H^H^H^H^Hprison labor. Tibet, the Uhigurs in Western China, the censorship of the internet, their bellicosity toward Taiwan, aborting babies because they're girls and more. Oh and they pretty much let their hackers take pot shots at the US' infrastructure with maybe a slap on the wrist.

The US, EU and Japan aren't perfect, but they are a lot better than China. For my money, I blame it on the "middle kingdom complex." Let's be realistic, China doesn't even really pretend to care about any law other than what it creates, and even that is flimsy as there are numerous loopholes for the state to get out of trouble with. China isn't going to really do anything to stop spammers unless it means they might not get the 2008 olympics or they might lose their MFN status in the US and neither of those will happen over spam.

Move on kids, this is just another feel good thing by the politicians. Nothing to see here that you couldn't see on C-Span.

The usual suspects are still up.

[Animats]

The notorious Black Box Hosting ("Our offshore bullet proof web hosting plans allow bulk email hosting, spam friendly web hosting and bulletproof host.") is still up. They claim to be in "some province in the highlands of China", and their netblock (219.148.32.234) comes up as "CHINANET HEBEI PROVINCE NETWORK".

There's no indication on the spammer forums of any fears about China-based hosting yet.

So, thus far, any crackdown is vaporware.

Re:The usual suspects are still up.

[Animats]

Oh, and yes, they send spam, too. They offer dedicated rackmount servers for spam sending. Really. It doesn't get any more blatant than this.

Proxy Mailing Servers -- 1 server for $499/month

• Dedicated Proxy Mailing Server
• Unlimited GB Bandwidth
• Windows 2000 or 2003 Servers
• Remote Desktop & pcAnywhere software
• P4 2.4 GHz CPU or better
• 512GB RAM
• 80 GB Hard Drive
• 24 hours to setup
• Email and IM Support
• Servers Located in China
• Price : $499 per month
• No Setup Fees
• Order Now

Allowed Software
Proxy mailing software like the following are allowed to be used:

• Super Mailer
• Dark Mailer
• Massive Mailer
• Bulker.us

Re:The usual suspects are still up.

[Pig+Hogger]

The notorious Black Box Hosting ("Our offshore bullet proof web hosting plans allow bulk email hosting, spam friendly web hosting and bulletproof host.") is still up. They claim to be in "some province in the highlands of China", and their netblock (219.148.32.234) comes up as "CHINANET HEBEI PROVINCE NETWORK".

Cool! let's each open an account on their servers in China, and put some Falung Gong material on them!!!

Re:The usual suspects are still up.

[NightHwk1]

I thought maybe those were down when I tried the links, but then opened a shell account from somewhere else and it worked.

It appears that Earthlink/Time Warner might be blocking certain domains...
Can anyone confirm?

Re:Easy Solution!

Damn me and my double negatives. I'll never never do that again.

Re:Easy Solution!

[Spy+der+Mann]

I'm assuming your friend's school has no Chinese students that would never need to keep in touch with family and friends back home?

That's what whitelists are for.

You'll know China is serious about spammers...

[PapayaSF]

...when they shoot some in the back of the head and bill the family for the bullet.

And I won't shed any tears. If they're going to be a murderous dictatorship, they could at least kill some people who deserve it. (No, I'm not defending dictatorships, I just hate spammers.)

Re:You'll know China is serious about spammers...

When one out of every four people on the planet is Chinese, I guess they figure they won't miss a few who die at the hands of the state!

Yeah, well how about the one for cybersex?

(This URL points to a "Stile Project" .wmv video. It's harmless, with respect to the ugly banner. The content is a cybersex prank.)

This is why I stopped having cybersex.

(Click the bottom URL on that page, under the god-awful huge disgusting banner. Verry funny video.)

How about this instead?

London Action Plan Designating Allowable Non-Commercial Email?

You asked for it...

Your post advocates a

( ) technical (x) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(x) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
(x) Jurisdictional problems
(x) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
(x) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
(x) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
(x) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
(x) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(x) Countermeasures must work if phased in gradually
(x) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

( ) Sorry dude, but I don't think it would work.
(x) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

Made in China

[m85476585]

Even Spam is made in China! Is there anything that they don't make? Will they put those little gold stickers on spam?

Hahaha...

This is even funnier than "China has software patents".

Re:Easy Solution!

[coolcold]

this will only block 20% of all spam

a more effective way is to BLOCK ALL EMAILS

Need to change the pig icon for this one

Gotta add wings to the spam piggie for this article.

Cuba also signs anti-spam pact

Castro also agreed to the anti-spam pact. They now will no longer send spam (except those about Havana Club liquor and last-minute travels jokes!!!)

Re:Easy Solution!

[AaronW]

I actually do this. I don't know anyone in China, Korea, Nigeria, Russia or several other countries so I just block all email from them via blackholes.us. I see a ton of attempted spam connections getting dropped from this and it definitely made a big difference in the amount of spam processed. Of course I also use various other RBLs to block a lot of the spam from elsewhere.

However, something to remember

[Sycraft-fu]

China has one ISP effectively, the government runs it all. So in that light it can be seen as the single biggest spam ISP. Now previously they just blew off e-mails reporting spam hosts. Now, hopefully they'll start doign something about it.

So it could make a major impact, at least so long as they maintain state control over the Internet in their country.

What spam?

[Julian+Morrison]

Seriously, I haven't had a single spam get through my SpamBayes filter in months, and I rarely get any of my valid mail dumped in "unsure". I see no reason why anyone with a modicum of technical nous should even be caring about spam, unless they are paying for metered bandwidth.

Re:What spam?

Dude, your whole family has been trying to get in touch with you via e-mail for months. Why haven't you responded?

F China - too little, too late

[mabu]

I'll tell you why they're doing this. It's not just because almost all Chinese IP space is now RBL'd, it's because many ISPs like mine have gone beyond this and simply filtered all Chinese IP traffic of all types from ever hitting our servers. It's not just about spam. Chinese IP space is also responsible for the lion's share of system probes and DoS activity. I got tired of seeing 5000 connection attempts so we've just wholesale blocked their entire IP space at the router level -- it's not like there's any legitimate TCP activity coming from that space that any of my clients care about.

Until these countries can regulate the illegal activity of their systems, they don't deserve to have unfettered access to the Internet IMO... not when the abuse-to-legitimate traffic ratio is 1000000 to 1.

Re:F China - too little, too late

[glesga_kiss]

Chinese IP space is also responsible for the lion's share of system probes and DoS activity.

Care to back that broad, sweeping statement up with facts? Didn't think so, as you are talking nonsence. Most probes and DoS attacks come from zombie hosts, and out of the superpowers, China has the LEAST number of potential zombies, due to it having the least number of connected hosts. If the "lions share" of attacks come from there, then it would buck the trends that all the legitimate online security trackers are noticing.

Re:F China - too little, too late

[mabu]

Care to back that broad, sweeping statement up with facts? Didn't think so, as you are talking nonsence.

I can back it up with facts. I run three banks of servers in three different continents, and have been doing so since 1995. I menticulously monitor logs and most of the hardcore probes are coming from Chinese and Korean IP space... NOT from zombie PCs.

I've wholesale blocked Chinese IP space from my networks at the router level and my server performance has dramatically increased. I'm not keeping tabs any more on the number of attacks on most of the servers because they can't touch me any more from their space. The zombie PC system probes are still around, but they're NOWHERE near as aggressive and rampant as the Chinese ones were... and the Chinese attacks are still forthcoming because I keep a few boxes un-firewalled just to compare.

Go back to playing Unreal Tournament and don't talk about things you don't know about.

Who are you? Some Asian broadband user who has no experience in this area and thinks this is some kind of cultural issue? It's not. All I care about is stopping attacks on my systems.

Re:F China - too little, too late

[glesga_kiss]

I menticulously monitor logs and most of the hardcore probes are coming from Chinese and Korean IP space... NOT from zombie PCs.

So, the Chinese attacks aren't zombies? They are actually hackers actively probing? Interesting, I don't see either country cracking down on cyber attacks on their traditional enemies. But, if that's the case, then what I said is correct; most zombies are in the EU and USA.

Who are you? Some Asian broadband user who has no experience in this area and thinks this is some kind of cultural issue?

Nah, a Scot who's been working with the net since the Mosaic days. I also have a hatred for ignorance and rasism, of which there is a lot of here. Sorry if I caused any offence, I'm just pissed at the other brainless broadband users who bitch about China with no experience in the matter. Given the size and population of China, the level of spam/attacks are surprisingly small IMHO.

Re:F China - too little, too late

[mabu]

So, the Chinese attacks aren't zombies? They are actually hackers actively probing? Interesting, I don't see either country cracking down on cyber attacks on their traditional enemies. But, if that's the case, then what I said is correct; most zombies are in the EU and USA.

I don't know if they are zombies or a handful of servers that simply rotate their online address from a huge IP space pool. I always suspected it was the latter, but I don't know.

China is also serious about piracy now

but it seems people like the piracy news from china, and this anti-piracy news about china never becomes headlines. link here

Re:Easy Solution!

[Bobke]

"a major local university"

Only in America!

Enforcement Issues & Sleazy ISPs

[mabu]

According to Spamhaus, whom I completely agree with based on my own experience, 80% of all known spam originates from no more than 200 "spam gangs", most of whom are in the United States. If China cooperates by providing U.S. Authorities with the missing logs to track the illegal activities of these groups so that law enforcement can prosecute them, that will be a good thing. But it still comes down to law enforcement going after the spammers, which is something that's not being done. If just a few of these 200 spam gangs were criminally prosecuted, we'd probably see spam levels drop dramatically. So everyone should contact their District Attorney and demand that they pursue and prosecute these cases.

And then you have big corporations that are deliberately sabotaging anti-spam efforts. AT&T for example is hacking their nameservers to be authoritative for anti-spam RBLs so their users are unable to filter mail based on these services. That's unconscionable, and reason # 87,343 why you shouldn't do business with a provider like AT&T who is not only being ambivalent about spam, but actively interfering with their customers' own attempts to find superior solutions.

Re:Easy Solution!

You can do even better and protect yourself from all other attack vectors from China, like cracking, dictionary attacks, not just spam. All you need to do is to help China with their "Great Firewall of China" project, by firewalling them on your side. This will do the trick on *nix machines with iptables:

# wget -N http://blackholes.us/zones/country/china.txt
# iptables -N CHINAWALL
# for CHINARANGE in `cat china.txt | awk '{print $2}'`; do iptables -A CHINAWALL -s $CHINARANGE -p TCP --syn -j DROP; iptables -A CHINAWALL -s $CHINARANGE -p UDP ! --sport 53 -j DROP; done
# iptables -A CHINAWALL -j RETURN
# iptables -I INPUT -j CHINAWALL
# /etc/rc.d/init.d/iptables save

You still can initiate connections if you want to deal with China-hosted spam (like WHOISing, sending complaints), but no connections from that side will be allowed, at all. Will reduce your mailserver and security logs a great deal, too.

Re:Easy Solution!

[craqboy]

might as well block all html messages as well since spammers are embedding hidden messages within tables and other misc html stuff to get through spam filters.

Re:Yeah, yeah, until...

[decipher_saint]

Are you tired of your current form of Government? Sick of being embarrassed by a flaccid system of ruling classes? Then try new Commu-vitae, the ancient Communist Chinese answer to all your problems...

Re:Easy Solution!

Block ALL mail from China.
This is very good advice, but I got a better one, block all mail. That way you won't get any spam at all.

And if you think my idea is stupid, look into the mirror first.

Two Words: Wireless Access

[wernst]

I get around 250 emails a day. I've had the same email address for years at my own domain, and the address gets published in print multiple times a month, so that's why the number is so large.

200 of them are spam. 30 are mailing lists, either digests or individual messages. 10 are press-releases (I'm a journalist.)

That leaves 10 "normal" mails a day.

Yes, I have SpamBayes for Outlook, which works great. Opera's M2 has a spam filter that works great too. Other desktop clients has various spam filters that work with varying degrees of success (glares at Thunderbird).

That's all fine and dandy until I'm on the road and want to get my email, and then BAM, I've got 250 messages to download to my wireless-enabled palm pilot over a CDMA connection for every 24 hour period. Needless to say, that's totally useless.

Ultimately, I ran (run?) my own mailserver. Blacklists filter out 80% of the spam, for better or worse (but almost always for the better). Bayesien routines get the other 20%. Keyword-based filters send list-messages and press releases to a different mailbox. What remains is just 15 messages a day, which is just fine for slow wireless Palm Pilot access.

I don't expect people to have to run their own mail servers in order to have useful wireless email access, but as wireless access becomes more common, killing spam at the ROOT of the problem becomes more important.

Who knows how effective this will be, but I suspect that politicians are starting to get hip to this subject because THEIR wireless devices are becomming useless due to spam...

I'm sending them all I've gotten

[raider_red]

I'm sending the Chinese government all the Chinese language spam I've been getting. I don't read Chinese, and I'll leave it to them to find the people who sent it to me.

I'm also sending a note to Vladimir about all of the Russian spam I've been getting. I do read Russian, and it's pissing me off.

Re:Yeah, like China really cares about the rule of

[jameszhou2000]

just for your information, people in china can easiely recognize whether a product is made by prisioners since such products are usually branded as "XinSheng" which means "re-born". those kinds of products are very rare in the market now. years ago, about more than ten years ago, my mom boght a soap which is made by prisoners. before i left china five years ago, you can rarely find such products in the market and it is mainly because those products are very low-quality and nobody likes it. that is true the prisoners need to work to support themselves, but they just work on low-quality soap or gloves. nothing you buy from wal-mart is possibbly made by chinese prisoners. as a matter of fact, prisoners now usually work on local city construction projects, such as dig a hole, fix the road, etc., not your wal-mart products. aborting babies is another famous rumor about china. it happens (not very common) maybe ten years ago. but now, for most families, baby girls are equally popular as baby boys. recently, there are some by-laws established in some cities which say aborting is not allowed if the woman is pregananet for more than four months, no matter for what reasons.

I'd rather see less japanese spam

[Jugalator]

I don't know why, but Gmail seem to be completely useless at filtering japanese spam. I don't know how many times I've told it "YES, this is spam!" and it keeps sending me. I'm sure a major part of the Gmail user base is doing the same. I rarely get English spam in my inbox nowadays, and it's very accurate there, but with japanese spam being such a common problem I can't see why Google isn't doing something about it. It's almost as if their spam filter don't even support unicode so it just let all those mails pass unchecked. :-p

So then I tried to just block *.jp, but Gmail doesn't support blocking by the hidden "Received" header the mail server set, where I could clearly see it came from Japan, despite the "From" field OF COURSE being faked.

Gmail is a great service, but it sure isn't perfect, and blocking on custom mail headers doesn't seem like a too hard work for their developers either, as all the headers are stored like regular text in the mails anyway.

Re:I'd rather see less japanese spam

You shouldn't sign up for so many hentai sites then.

Re:I'd rather see less japanese spam

[paedobear]

"so much" Japanese spam? I don't get any to my GMail account and, as I live in Japan, I regularly use it to communicate in Japanese, and for Japanese e-commerce sites.

Re:I'd rather see less japanese spam

[Jugalator]

That's the annoying part -- no porn site signups, and not even a single japanese site signup... Yet it keeps increasing :-/

Re:I'd rather see less japanese spam

[Jugalator]

I guess you're lucky then. :-(

Mod the Anonymous Coward parent up...

[rbarreira]

He beat me to it :)

Re:Yeah, like China really cares about the rule of

Gotta disagree with you there, my friend. A former employer (why I'm posting anonymously) is still importing guitar bags (guitar soft cases)that are made in a fine prison factory down Guangzhou way. They're not the hardest things in the world to make, but if they can do those, they can do luggage, etc.

I'm willing to bet that there's at least one product in Wal-Mart right now that was made by prisoners. At leat one and probably more. Frnakly, it doesn't bother me too much...the poor bastards gotta do something, right?

its a start

[watsondk]

but unless they force their ISPs to actually do something about complaints, other than redirect them to /dev/null, nothing is going to happen

the issue is not the source of the spams (usually zombies), but the spammers sites hosted in china that need to be nuked. Kill the sites, and the spammers are fscked

not done a hoster check on my domain block list in a while, but last time, about 70% where hosted in mainland china, with the rest spread over eastern europe and asia

don't know about anyone else, but the whole of china stays blocked until the spam stops

Spam enforcement?

[Dormann]

It was the first international forum to focus exclusively on spam enforcement.

Why would anyone enforce spam?

European spam kings?

[Savage-Rabbit]

You want to know who leads the world in spam output; its the wealthy EU countries ....

Both the USA and the EU have approximately the same number of internet users (US 200 million vs. EU 215 million as of March 2005) and their share of the total spam generation rate (US 22.8% vs. EU 24.7%) roughly roughly corresponds to those numbers. This is not surprising since alot of the spam generators are zombie Windows boxen owned and operated by people with a very limited computer knowledge. It seems to me that all we can conclude from these statistics is that the level of 'computer-cluelessness' among the general public is about the same on both sides of the pond. Even so, I care fairly little about where the actual Spam Servers/Zombie PCs churning out the crap mail are located. What would be more interesting is a statistical analysis of where the people owning or controlling all these spam servers and zombies are located? Which countries are failing to deal with the spam companies causing the problem? Take a look at the top ten list at the bottom of this page the USA claims no less than six of the top ten ROKSO spammers I don't see a single spam king from an EU country on that list.

Re: MOD PARENT DOWN

Right, so by that logic, China's "brutal" human rights record is actually justified. DIE SPAMMERS DIE. :-P

Like Newt said,

[Dorsai42]

"It won't make any difference."

Undersigned

[Doc+Ruby]

The US is also a signatory to the international anti-torture laws, and the Geneva Conventions. The US has enacted its own national laws to put that treaty into effect. Yet the US tortures prisoners and violates the Geneva Conventions. Countries sign treaties to get diplomats off their backs. Then they abide by those treaties when it suits them.

Re:Easy Solution!

[Pig+Hogger]

I have an easy solution, provided by a friend of mine at a major local university -- Block ALL mail from China.

Here is my China-Korea spam-blocking script: #!/bin/sh #firewall for china and korea, port 25. #http://www.okean.com/iptables/rc.firewall.sinokor ea #send comments, corrections, and additions to: submit@okean.com #last updated 2005.06.05 1054 PDT (UTC -7) iptables -A INPUT -i eth0 -p tcp -s 58.14.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.16.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.20.0.0/16 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.22.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.24.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.30.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.32.0.0/13 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.40.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.42.0.0/16 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.44.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.48.0.0/13 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.65.64.0/18 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.66.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.72.0.0/13 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.82.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.87.64.0/18 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.102.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.116.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.120.0.0/13 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.128.0.0/13 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.140.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.144.0.0/16 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.145.0.0/17 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.148.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.192.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.200.0.0/13 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 58.240.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.0.0.0/11 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.32.0.0/12 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.48.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.52.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.56.0.0/13 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.64.0.0/13 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.72.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.77.0.0/16 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.78.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.80.0.0/14 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.107.0.0/17 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.108.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.150.0.0/16 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.151.0.0/17 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.186.0.0/15 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.191.0.0/17 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 59.192.0.0/10 --destination-port 25 -j DROP iptables -A INPUT -i eth0 -p tcp -s 60.0.0.0/13 --destination-port 25 -j DROP iptables -

Sending Email vs. Hosting Response Websites

[billstewart]

Most spam that I receive either wants a response sent to a disposable free email address (Yahoo/netscape/teenmail.co.za/whatever), or else wants you to connect to a website. The websites are usually in China. Occasionally they're in Korea or Brazil or elsewhere, but China's by far the dominant player.

The Great Firewall of China has a lot of hype about preventing Chinese people from receiving politically incorrect information, but as far as I can tell, it puts entirely no effort into policing English-language spammer sites, machines infected with viruses, consumer-broadband zombies, or anything like that. It's possible that they police English-language pr0n in China, and probable that they police English-Language Falun Gong sites, but they certainly don't have a problem with mortgage spammers, medicine spammers, or other scams that are directed toward outside barbarians.

Sending complaint email to abuse@ at the major Chinese ISPs has no discernable effect. If this new agreement includes a spam-complaint email address, cool, I'll be happy to Cc: them.

Complaint Processes, Scalability Are Different

[billstewart]

The current firewall, AFAICT, doesn't seem to stop viruses or detect zombie sites, and the China Telecom and China Netcom ISPs don't seem to do anything about spammer websites, at least not about ones in English marketing to the foreign-barbarian market that are profitable for the quasi-monopoly internet services. Perhaps they do scan for Falun-Gong propaganda, and maybe even pr0n, but not spam.

But the scalability problems are much different when you're a government bureaucracy looking for politically incorrect material to censor, when the people who want to make it available are trying to hide it from you, than when hundreds of millions of people are forwarding complaints to you about messages they've received. You're outsourcing the detection problem to people willing to do it for free. Even if you just do a crude filtering process to require N complaints from N different IP addresses before you respond to a complaint, to keep your signal-to-noise ratio down, it's easy to find the big offenders.

Per-User Country Blocklists

[billstewart]

A University is one of the last places that you'd want to block all email from China, because you're almost guaranteed to have lots of actual legitimate mail to your students and faculty. But per-user country blocklists can be quite practical. I use pobox.com, a mail forwarding service, and they let users check off which country blocklists to use - so I blacklist China, Korea, Nigeria, Brazil, and Argentina, and have Japan set for allow-with-extra-filtering. I don't know how they implement the back end (UI is a web page with checkboxes), but it seems to scale adequately for them.

You can also use this to help reduce spam sent from China to your Chinese students - if somebody who doesn't want mail from China receives mail from a given Chinese IP address, greylist that address for everybody and/or direct mail from it to your Spamassassin server instead of your regular mail server.

Besides, with China, the big problem isn't email that they send - it's web sites that get used for responses. It's much harder to filter through email message bodies looking for websites, resolving any obfuscation and DNS queries, and then deciding if they're in China before you deliver it to the user. It's much more scalable if the user's PC does that themselves, though you can still provide the country lists.

Akwesasne's not in Ottawa...

[billstewart]

Yes, the Mounties don't massacre large bunches of students in big city squares, not that they're especially friendly to large anti-government protests. But the relationships with the First Nations have not always been good - you may remember the standoff in 1990 in Oka between the Akwesasne Mohawks and the various Canadian army, etc. forces.

started by the U.S. and UK

Well. After that little spat a couple of hundred years ago, it looks like they've kissed and made up. I can hear the head board banging against the wall now. I wonder who's on top. Turns out it was a match made in heaven. Independance indeed.

Contact me at the Nigerian Telecom Ministry

I'm the Nigerian Ministry of Telecommunications liason to the London Anti-Spam agreement. You can send me email about any specific problems and I'll be glad to have the authorities intercept any corrupt email users and confiscate their equipment. There's a small fee for registering yourself as an agent for serving processes in Nigeria, and while we accept standard credit cards, we need supplemental processing information including your Social Insurance Number and a bank account number.

Not origin

China is well known for being one of the biggest origins of spam

I don't know about anybody else, but 99% of the spam I get (and I average one every four minutes) is in English, with prices in US dollars.

China may be relaying the spam, but almost all of it ORIGINATES in America, and is funded by Americans buying from the spammers.

Re:Easy Solution!

[patio11]

We had a university try that on us once (I work for a technology incubator in Japan). We were going to pay one of their professors a sum in the low five figures (USD) to come out here and give a conference. He never got the invitation due to spam filtering. I wasn't in the room when that prof chewed out his IT department, obviously, but I was in the room when our boss chewed out him on the telephone for trying to justify the policy (direct quote: "Japan is not #$#$$&$%# China, dickwad" -- my boss studied at Harvard and apparently majored in Intercultural Cursing, because I've seen him do it in four languages now).

Re:Yeah, like China really cares about the rule of

[anotherview]

why a news of spamer can let you talk so much politics . slasdot is a technical site ,not a political brainwashing site. chinese goverment may be sometimes evil,but even in china there are rules,laws,moral,human rights,all goodes not differ from US, EU and Japan.china is not hell.

Re:Easy Solution! (NEW CHALLENGE!)

[rel4x]

...lameness filter THAT!

Suggestion

[Julian+Morrison]

This is a generalization of how I recieve my own mails. I have a script set up that polls POP3, filters through SpamBayes and then into Courier maildrop with a .mailfiler file to sort them into maildirs. These are them made locally available to any mail client via Courier IMAP. They're remotely available too. For all it sounds complicated it's really just 2 programs (Courier and SpamBayes) and 5 minutes of perl mucking about with POP3.

An arrangement like that could be set up on a rented box (you don't need to pay extra to run your own SMTP server) rather than locally as I have it, and it would let a wireless user browse mails efficiently.

Re:Ulterior Motives? SPAM... Spam Progagation

[HungWeiWeiHai]

Activation Machine...

Imagine if China clones spam. It could send it as popups to all the people inside China. Maybe they might want to edit the incoming spam (keep the party censors at work) and change the spam to say what China wants. It could make it look like the spam comes from Amelika.

Be good
Be honest
Love your government
Be wary of certain words...

do not find reason for your discrimination

[anotherview]

do you notice the first post?most spam do not come from china, and even most illegal activity of systems do not happen only in china , why you dont filter all IP space all theses illegal happened? some numbers you should know :china has 52.99 million PCs,is third of the world.There are over 100 millon internet users in china.what you have done make these people isolated from your world.maybe you think them not important,but what you have done is unfair to them

Re:do not find reason for your discrimination

[mabu]

do you notice the first post?most spam do not come from china, and even most illegal activity of systems do not happen only in china , why you dont filter all IP space all theses illegal happened? some numbers you should know :china has 52.99 million PCs,is third of the world.There are over 100 millon internet users in china.what you have done make these people isolated from your world.maybe you think them not important,but what you have done is unfair to them

1. A significant amount of spam is still coming from China. As I was writing this, I just checked logs of one server and the following IPs were spamming me in the last hour: 222.237.165.152, 220.190.82.119, 221.6.123.102, 222.100.112.180, 219.157.92.51, 218.151.35.197, 203.90.211.99, 61.53.155.246, 222.165.91.230, 61.52.26.236, 222.64.195.122, etc... I could go on and on.. the facts show that Chinese IP space is still a huge source of spam.

2. You're right. It is "unfair", but the fact is my clients prefer to alienate the Chinese world in favor of less kiddie porn and stock scam spam.

3. ISPs only act when they have to. There is no incentive for ISPs to police the illegal activity that's happening on their network if there are no repurcussions; if their customers don't complain that they can't access the Internet. It's a necessary evil to effect change. The ISPs make money off bandwidth so they have a vested interest in not curtailing the zombie activity. This is the only way to get their attention unfortunately.

The reality of the situation is that RBLs and people who wholesale ban IP space of irresponsible networks are the PRIMARY way to force these entities to control the noise they introduce into the Internet. No other way has proven to be any more effective and you cannot argue that. The only reason the Chinese government is acting is because ISPs like me have had enough of their crap and are cutting them off.

China?

[St.+Arbirix]

China is fighting spam? Do they even get spam?

I obviously don't get out much, does anyone else in the world except the United States get spam? Does spam even come in non-English flavors?

Everyone talks about where spam comes from, does that mean we all kinda agree on where it's going? Maybe a little splashes up on some European shores, but China?

Who sends spam to China? What are they advertising? Do they really get spam?

Re:Yeah, like China really cares about the rule of

[glesga_kiss]

Buy something at Wal-Mart lately? Well it could have been made with slave^H^H^H^H^Hprison labor.

Does your car not have license plates? Prisons in my country often do laundry service for-profit. How is this any different?

their bellicosity toward Taiwan

Any superpower would regard a self-proclaimed "independent" sub-state in the same way. Did you miss they day in school they talked about why July 4th is popular in America?

aborting babies because they're girls and more

We have "designer babies", where the parents are choosing the genes, not just the sex!! And if any of the eggs turn out to be the wrong sex, they will not be selected for insamination. No different.

The aborting girls thing is mostly an racist urban myth. Apparently they eat babies over there.

they pretty much let their hackers take pot shots at the US' infrastructure with maybe a slap on the wrist

Gimmie ONE case of a US citizen being punished for hacking into an enemy superpower's infrastructure. Fuck, they'd get offered a job in NSA instantly!

The US, EU and Japan aren't perfect, but they are a lot better than China.

Agreed. However, China isn't as bad as it's made out to be by all the propaganda, and many of the people we call allies, e.g. Saudi Arabia are FAR worse than they are. How "good" country is in another countries eyes has nothing to do with idealism and everything to do with interoperability. If you are a dictator that's open to business, then great! If you are democratically elected and opposed to business, a coup will be along any time now...

To paraphrase Robin Williams....

[josejose50]

This is about as good as a Nerf vibrator...

Re:Yeah, like China really cares about the rule of

[koreth]

Let's be realistic, China doesn't even really pretend to care about any law other than what it creates, and even that is flimsy as there are numerous loopholes for the state to get out of trouble with.

In other words, it's a country with a big enough military to defend itself and a vibrant enough economy to risk pissing some of its partners off. Every country that has the power to do so follows that path at some point. China and the US are the current obvious examples but you don't have to look too far in history to find plenty of others.

Re:Here's my reality...

[DarkDragonVKQ]

Isn't the Government against piracy? They just don't do very much about it.

Re:Here's my reality...

[oringo]

When the policy is going against the natural market force, there's not much the government can do. You can raid the markets and factories that sell and manufacture the illegal material, but the market demand will eventually cause them to revive somewhere else. America's anti-alchohol legislation is a great example of such bad policies. During the 1930's, the law enforcement tried their best to stop selling liquor, but the bootleg movement surpassed the law enforcement and eventually led to the abolishment of the legislation.

Umm, thanks but no thanks...

[dem4lyf]

Here in the U.S. we should be all too familiar with leaders that sign treaties or agreements and then go against their word when it is in their best interest (the wonderful world of baby Bush)... Likewise, China is not going to decrease the amount of spam that comes out of its borders because it is not in their self-interest. Once again, money is the motivator... anyone surprised? As long as someone can make a buck filling your email inbox with penis enlargement ads, they will continue to do so. It's not rocket science kids, it is economics. There is a great article (http://www.freep.com/money/tech/mwend22_20021122. htm)about a 57 year old man that has made a living off spamming. As long as the capability is there it will be manipulated. So, thank you China for coughing up your John Hancock, but please forgive me if I'm a tad unenthusiastic.

Re:Easy Solution!

[drewzhrodague]

This is funny why I was moderated -1!

HOnestly, and truthfully, I do block all of china. Doing this, I just don't get the 700k+ SPAM emails per day -- they're blocked.

I also publish my blocklist at one of my websites. I really do just take his /etc/mail/access file, and add to it.

You moderators are fucked-up sometimes!

Re:Easy Solution!

[drewzhrodague]

Uh, huh? Local to me, it's one of two major universities. SO, since I'm in Pittsburgh, that would be either the University of Pittsburgh, or Carnegie Mellon University. Which one do you think it could be?