Spam from Taiwan

TristanGrimaux writes "According to a recent study done by CipherTrust, two thirds of the world's spam is sent by Taiwan servers. The US follows with 24% and in a distant third is China with only 3% of the servers who actually sends the spam." The article cites easy access to broadband and lack of crackdown on offenders as the main contributing factors.

Re:Taiwan China ...

[kclittle]

Have you been under a rock since 1949? :)

They're part of China sort of (but not exactly) the way the South was part of the U.S. between 1861 and 1865, except the war to resolve the issue hasn't happened yet. Pray that it doesn't...

Re:Whats specific about Taiwan?

[Heir Of The Mess]

Having been to Taiwan a fair bit I can think of some possibilities:-

Most people I know there earn about US$15k/yr, and upgrading the RAM in your Pentium3 machine and then the Hard Drive, and then the video card is sort of common practice. Forking out big $$ for Windows XP isn't real easy so a lot of people are running some SP1 version of Windows XP they bought for $1 off the street, and this version gets owned pretty fast, and can't be patched from windows update. So there are lots of bots.

Now 24Mbit internet access is like $5-$10 per month, so you can see there is quite a big engine there for generating spam.

The culture there is such that they love the latest thing, so I could imagine that there would also be a tendency for people to install software off the net that has malware in it as well.

Another thing I noticed is that your average grandmother there seems quite good at using a computer. So I could imagine that there might be more pensioner types sitting there doing some amount of spamming for a little bit of money.

Re:Taiwan China ...

[Zeebs]

Taiwan and China are actually both China. Taiwan is the Republic of China. While what most people(unless you happen to be from Taiwan) call China is of course the Democratic Peoples Republic of China. The DPRC does consider Taiwan a rouge province, while Taiwan doesn't consider that to be the case. As the other reply said, lets hope the war to resolve this doesn't happen any time soon.

Re:China has cheap broadband access

[_merlin]

Australia doesn't have cheap broadband. It's a rip-off here, just like in the US of A.

Re:Survey Says?

[Technician]

More like follow the offshore bank accounts, Grand Cayman Islands, etc.

I lived there. Internet access is expensive as it was a government protected monopoly. Check the rates. Cable and Wireless is the company. To visit, see www.candw.ky.

When they first put in internet, they got 2 satelite T1 links for the whole island. Little Cayman and Cayman Brac still did not have internet. They charged $0.25/minute for access on dial up.

Needless to say I didn't get internet until I returned to the states.

They have since gotten a Fiber Optic cable to Jamaca and they now offer DSL. They are running a promotion for $25/month for the first year. That is CI $ not USD. The price is close to US $30/month. Restrictions such as can't compete with the phone company by using VOIP is the norm.
The plan appears to be capped at 256K unless you upgrade to a faster plan. For example the 1024 plan is CI $74. The 512 plan is $59.

Cayman Islands is a nice place to go for diving and sun, but not for internet based business.

Re:Taiwan China ...

[kclittle]

Well, we have shades of red and red here. :)

Does the People's Republic of China collect taxes in Taiwan? No, the Republic of China does.

Does the PRC actually try to enforce its criminal laws in Taiwan? No, but the ROC enforces its laws.

Does the PRC define the commerce regulations, health regulations, education standards, voting laws, aviation regulations, etc. within the borders of Taiwan? No -- but the ROC does.

Does the PRC have military bases on Taiwan? No ... but the ROC does!

What the U.N., U.S. and Europe say in polite diplo-speak is one thing. The working reality (and the *money* reality) is that Taiwan is a separate country, perhaps not in name, but in operational fact.

CipherTrust? nothx.

[deepb]

CipherTrust operates a service called "Trusted Source" - it allows anybody to input an IP address, searching CipherTrust's DB to see if any spam has come from that IP recently. Aside from being generally useless, here are some of the funnier results:

http://www.trustedsource.org/query.php?q=255.0.0.0 [trustedsource.org] 255.0.0.0 - "Spam"
http://www.trustedsource.org/query.php?q=0.0.0.0 [trustedsource.org] 0.0.0.0 - "Spam"
http://www.trustedsource.org/query.php?q=224.0.0.1 [trustedsource.org] 224.0.0.1 - "Unverified"

Since they have most of my favorite subnet masks listed as a "Spam" source, I'm not sure that I trust any "research" that comes from these guys.. YMMV.

Re:CipherTrust? nothx.

[someone1234]

If a mailer manages to supply those crippled IP's then the mail is definitely fake, and most likely spam (or virus). Don't confuse a legitimate subnet mask with a fake IP.

Time for a history lesson?

[l-ascorbic]

After WW2 and the end of the Japanese occupation, a civil war was fought between the Communists under Mao and the KMT under Chiang Kai-shek. The KMT were effectively defeated by 1949, and Chiang evacuated to Taiwan. For much of the Cold War, "Free China" (ROC) was the only government of China recognised by most states and international organisations. However, as part of the 'detente' in the 1970s, most countries switched their recognition to Communist China (PRC). The ROC is obviously a state in all but name, but the situation is maintained to avoid nuclear war. The PRC has said that if the ROC declares independence then they will invade, while the US has stated that it will defend Taiwan, and has meanwhile provided large amounts of military aid. So, basically, it's a mess.

misinformation

[lxt518052]

There isn't a country in this world called Democratic Peoples Republic of China. The 1.3 billion population live in a country called PRC(People's Republic of China).

ROC used to rule the whole China, mainland and Taiwan combined. They lost the civil war in 1949 and retreated to Taiwan. Neither PRC nor ROC see each other as a ligitimate government of China. At least both constitutions claim largely overlapping territories. It's a stalemale over half a century.

How people are so casual about the facts is beyond me.

Re:Spam solutions

[pe1chl]

Although there are some dictionary-like attacks, for example appending some characters to an existing address or subsitituting one or more characters by others, I think the vast majority of spammers just use existing addresses they get from spidering the web.
When an address appears somewhere on the web, especially in discussion forums, guestbooks, and foremost: IANA listings, it is guaranteed to receive spam.

I think the "dictionary attack" story is mostly folklore. When someone receives spam on a never-used never-published address they often cry "dictionary attack" without further research.

Of course, using spamtraps is a known technique. It may work a little, but there is not much you can block as there are so many addresses in use that blocking one is bringing you almost nothing.

Re:Taiwan China ...

[Anonymous Coward]

What is also amusing is that China does not have a legal basis. Technically by international law, Taiwan is still under a US Military Government from World War 2 [atimes.com]! We just haven't gotten around to officially determining its sovereignty (mostly because of the political situation with China).

Re:SPAM origins

[Haeleth]

It got so bad, I just started block entire class A's from countries I know
I am not going to email to or from.
[...]
81

I think you have a fundamental misunderstanding of the IP allocation system. Class A networks are not associated with single countries, but with registries. 81, for example, is one of the networks administered by the RIPE NCC; an IP address beginning with 81 could be located anywhere within Europe or the Middle East.

In fact, my very own IP address begins with 81. I live in Britain, which - as you may be aware - is not in "Asia,
Latin America, or Eastern Europe". It's a good thing I don't want to email you, isn't it?

Re:China + China

[mlewan]

The article is not about senders of spam but of servers that control them. There is a huge difference.

Re:Uh, Taiwan IS CHINA !!

[iamplasma]

Welcome to 1999 !! Taiwan is SPECIAL, but it's still CHINA !!

No, that's Hong Kong that became part of China. Taiwan is that island off the coast that the Communists never captured in the civil war. For various political reasons it is rarely referred to as being a different country, but for all practical purposes it's a totally seperate country.

Re:Spam solutions

[mcguire]

I have a catch-all address at my personal domain so I can create one-time addresses for each company I do business with. It's easy to see which addresses leak out that way. Three things I've found:

A surprising number of addresses are taken from private "we will never sell your information" lists (never published anywhere on the interweb). The companies I have contacted about this have always refused to believe that their email lists are involved; perhaps stolen by an ex-employee? I'm not sure.

Second, much of my "spam" (50%?) is actually bounces where my domain was used as the From: header in the email. Luckily this is easy to detect and delete automatically. (Procmail's ^FROM_MAILER contruct is quite nice.)

Third, by now most of the other half of my daily spam is to email addresses at my domain that I have NEVER used -- they're made up. I can only assume that some spammer is indeed trying all the common names at a domain in the hopes of getting through. Luckily procmail and SpamAssassin block all that, but I can guarantee to you that it's happening. If it's not a "dictionary attack", what would you call it?