Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Australian Rules to Crackdown on Spam 113

siffty writes "Internet service providers could face huge fines if they do not provide spam filtering or impose email sending limits under new rules set down by a communications watchdog. The Australian Communications and Media Authority ( ACMA Media Release ) today registered the world's first legislative code of practice for internet and email service providers. Dealing with unsolicited email or spam costs business and home internet users millions of dollars each year in wasted time and upgrading security systems. But under the new code, ISPs will have to offer spam filtering options to subscribers and provide a system of handling complaints. They will also have to impose reasonable limits on the rate at which subscribers can send email."
This discussion has been archived. No new comments can be posted.

Australian Rules to Crackdown on Spam

Comments Filter:
  • Running the Stats (Score:3, Insightful)

    by Mattygfunk1 ( 596840 ) * on Wednesday March 29, 2006 @10:34PM (#15023344)
    The rate of spam originating in Australia had fallen in the past 12 months from 2 per cent to 1 per cent. But there was no accurate assessment of the amount of spam coming from overseas sources.

    How do they know the percentage of Australian spam if they don't know the total amount of spam?

    • Re:Running the Stats (Score:2, Informative)

      by phukraut ( 668761 )
      They probably mean the average rate, which can be determined from a sample. This can be used to estimate the rate of the population of spam.
      • And, who are they to come up with a 'reasonable' number of emails one can send in a day?

        When I signed up for cable internet connectivity at home....I opted for the 'business' acct. they offered..which allows me to run all the servers I want, and no caps on bandwidth usages. I run an email server, as locked down as I can get keep it.....and host email for others, both friends and small businesses.....now, who is to say what volume of email is too much? I monitor it for spam and abuse....but, there are days

        • now, who is to say what volume of email is too much?

          Now I don't know exactly how they will do this either but I would guess they would have some limit, say 10,000 per day and if a subscriber goes above that amount they would be contacted that unless they can explain why they are sending out that much e-mail (a large company) that their service will be shut off. I think a system such as that could work since most spammers send out millions (or billions?) of e-mails everyday so they would have multiple accou
      • I live in Australia, and 100% (I am not exaggerating) of the spam I get originates from the US. So much for the usefulness of stats.
    • And for Australia everything else *is* an overseas source, so the answer is 99%. Pretty simple math.

      (also...1% is a percent...not a rate...a rate would be like 1000 / spam an hour...silly news people)
    • I read some time ago that this legislation was having some effect. Theres a newsletter here [360is.com] that talks about the first Australian prosecutions of spammers in 2005.

      Nick

  • Is it just me or is Australia's internet regulation the most inadvertently fucked up system in place? Sure, you have China doing their regulation, but that's pretty overt and to be expected. But it seems that by hook or crook, Australia's government is trying to regulate the market into conformance.

    They will eventually get the ISPs under the government's thumb. Whether it be through direct laws requiring certain filtering features or through oversight-free regulation via governmental agencies, they will
    • by Anonymous Coward
      It could be worse. They could emulate the USA's "CAN-SPAM" act, where there are no civil penalties, the criminal penalties take the FBI to actually care, and it's literally OK to spam until the victim whines, then you get to keep spamming for three more days, and after that you can't send that particular spam message again.

      It's as if you can grab a passerby, open their legs, and when they say no, you still get to thrust without penalty for three more days. After the three days, if you catch them on another
    • by dbIII ( 701233 ) on Wednesday March 29, 2006 @11:35PM (#15023688)
      Is it just me or is Australia's internet regulation the most inadvertently fucked up system in place?
      Yes, and to make it even more ironic we control the Christmas Island domain ".cx" as well and the PM's son was a spammer. Making noise about internet regulation has been a way to get the merchant in the temple sort of imitation religeous freaks on side, since the federal government is not run by a single party but a mainly right wing coalition and needed various weirdos in the senate.

      The other complicating factor is the efforts over the last decade to sell off the government communications infrastucture, which has been complicated by appointing management that refuses to work for the shareholders and directors and keeps on importing more and more of his friends to divide up the corpse of the government communications infrastructure. As a result even the infrastructure in Estonia - which is actually building stuff as distinct from Australia - is edging furthur ahead and regulation is getting weird and counterproductive. For $200 per month and less than 15km from the CBD of a state capital you would expect better than 1500/256kbs to be available to a business site in a major industrial park - but more would require the mostly government corporation (Telstra) to upgrade their exchange and perhaps even add in more lines.

      • Err... First - the article is a dupe

        Second - what in particular do you have against .cx domains? While they have been used for pranks like the goatse.cx their SPAM usage is way lower than .biz.

        Third - as far as Telstra is concerned what do you expect? They are possibly the only ISP/Telco in the entire world which puts Winh0ze knowledge related to their internal servers ahead of internet protocol knowledge and internet server/services knowledge when hiring _Internet_ server specialists. I am not joking. This
        • First - the article is a dupe
          The comment I am replying to was not in the earlier discussion.
          what in particular do you have against .cx domains?
          Just the hypocracy of the Australian Government making a big noise about filtering stuff "for the children" while having the ability to kick goatse.cx off their domain. Australian communication policy has been an inconsistant mess for a long time.
    • Which countries are not crazy like Amercia, Australia, China, etc.?
    • by Marlor ( 643698 ) on Thursday March 30, 2006 @01:23AM (#15024169)
      They will eventually get the ISPs under the government's thumb. Whether it be through direct laws requiring certain filtering features or through oversight-free regulation via governmental agencies, they will succumb.

      This regulation was primarily developed by Australia's Internet Industry Association (which is made up of ISPs), working together with the Australian Government. The IIA have made it clear that this was primarily their work, as part of their spam-fighting measures. So, the Government is not "getting the ISPs under their thumb", this was just a way to codify best-practices, and ensure that all ISPs adhere to them.

      The code of practice seems pretty fair to me. The only that could affect customers would be the mailing limits, and this would only be an issue if you were running a high-volume mailing list. But if this is the case, it would probably be courteous to inform the ISP anyway, and I'm sure that they could remove the limits on mail sending if you had a legitimate reason why you needed to send large volumes of mail.
  • The AU government will get spammed with products on how to crack down on spam.
  • Stupid. (Score:5, Insightful)

    by Pig Hogger ( 10379 ) <pig.hogger@gm a i l.com> on Wednesday March 29, 2006 @10:50PM (#15023423) Journal
    This is stupid. It won't do anything against spam sent by spamming criminals who use arrays of trojaned zombies, which are the most prominent source of spam.
    • Why not? If the ISPs, all ISPs, set a maximum of, say, 1 outgoing email per second for all of their general users, wouldn't that make a zombied PC too slow to be viable? If not, how about 1 per 5 seconds? Or 10?

      It wouldn't affect personal users in any serious way, and genuine bulk mailers can make specific arrangements and be held accountable.

      • Now, 1,000 messages a day should far exceed the needs of 99% of the legitimate home users out there.

        The problem with rate limits is that there are a few people who will have a legitimate need to send more than 1,000 messages a day, every day.

        And the ISP costs go up once any of their tech support people have to answer a phone because your joke of the day list is being blocked after 1,000 sendings.

        There's no easy way around this. Somewhere, someone is going to have to pay money to start solving this problem.
      • Re:Stupid. (Score:3, Interesting)

        by FireFury03 ( 653718 )
        If the ISPs, all ISPs, set a maximum of, say, 1 outgoing email per second for all of their general users, wouldn't that make a zombied PC too slow to be viable? If not, how about 1 per 5 seconds? Or 10?

        It would do absolutely no good because the limits would almost certainly be placed on the number of mails being relayed through the ISP's servers and spammers don't do this - they either send directly from a compromised machine or via an open relay.

        Stopping people sending directly would be a Bad Thing (I for
        • Re:Stupid. (Score:3, Insightful)

          Stopping people sending directly would be a Bad Thing (I for one only use my ISP for an internet connection, I don't use their mail servers, etc).

          If the Government here in .au heard of this and comprehended it the port blocks would go up on port 25 in no time at all.

          I use a static smtp route through my ISP because some networks maintain lists of dynamic IP addresses and reject mail from them. Its just easier that way.

          • If the Government here in .au heard of this and comprehended it the port blocks would go up on port 25 in no time at all.

            There are legitimate reasons for not using your ISP's SMTP relay:

            1. Many ISPs only let you send from the address/domain they allocated for you. I.e. if you registered your domain through a third party you may not be able to send mails from that domain through your ISP's relays (to the ISP it would look like spoofing since they have no knowledge of that domain)

            2. You're adding another pot
    • Actually, I'm worried (well, not too much, since I'm not in Australia) that there will be too many false positives, and ISPs will fall back on "well, the law says we have to". When my ISP switched to a Yahoo-based e-mail server, and instituted spam guards automatically, all without telling me, it completely screwed up my existing spam settings, which had been set to avoid false positives.

      Although now I primarily use gmail, I still have my yahoo-based account, because it's tough to switch completely.

      - RG>
  • by lovedew ( 964626 ) on Wednesday March 29, 2006 @10:53PM (#15023435) Homepage
    I thought Australian's iconic sports [wikipedia.org] is forcing players to cut down on fatty food.
  • It's a pity one can't tag something a dupe twice. 'Cause that would be teh funny.
  • by 70Bang ( 805280 )


    But here in the US, we need to have something which actually works. The DMA (Direct Marketing Association) wrote the law - in order to guarantee opt-in wasn't a premise because they didn't believe it to be "financially viable option" translated: if we can't ensure our ability to make money, it's its a bad thing. Those who have been interviewed about the issue and have been willing to discuss it have admitted it left a long skid mark.
    I can pull up the cite if someone wants it.


    If spam legislation is
    • Conflicting agendas. (Score:4, Interesting)

      by khasim ( 1285 ) <brandioch.conner@gmail.com> on Wednesday March 29, 2006 @11:34PM (#15023685)
      I don't know about you, but here's what I want:
      #1. No one sending me ads if I haven't, personally, given you my email address.

      #2. When I opt out, you drop me from all further ads and "informational" mailings. You only send me my invoice and my shipping notification.

      #3. You send me, once a month/quarter/year, a notification that I am on your list so that I may change my address or opt out at that point. This is very helpful if I am an email admin and I'm trying to be nice and opt-out people who are no longer at the company.

      Now, what the advertisers want is:
      A. A list of people that they can send ads to, cheaper than snail mail.

      B. See A.

      So, looking at it in that fashion, you can see why there is a problem.

      If the legitimate retailers would just start behaving like legitimate retailers, a big chunk of the spam problem would vanish. But they won't.
      • Technically, without fully signed messages, theres no way a business can determine if YOU signed up for a mailing list or if somebody else did it for you.
        There is no way round this with current practices.

        I do like your options for 2 and 3 however.
        • Technically, without fully signed messages, theres no way a business can determine if YOU signed up for a mailing list or if somebody else did it for you.
          There is no way round this with current practices.


          Confirmed opt-in is the industry standard. Send one message with a cryptographically strong token that must be clicked on or returned to confirm that the addressee wants to be on the list. If you don't get confirmation, you never email that address again. It's been available forever and works fine. "Mar
    • If spam legislation is supposed to work, why do we get more?

      I believe that most new anti-spam laws are simply politicians trying to make it look like they're doing something good without having to actually _do_ anything. When people look at new anti-spam legislation they seem to believe it's excellent and will help with the spam problem (this is what the politicians want people to think), but most people seem to ignore the fact that the spammers are already breaking the law and noone's stopping them so how
  • I wonder if we can rally the government to ban /. from exporting duplicate posts here...
  • Shhhh... Wait..hear that? Yup, its the sound of tiered internet marching forward.
  • Telstra (Score:1, Insightful)

    I'm wondering if this would have gone ahead if Telstra was still owned by the Government. They're our biggest ISP.
    • Re:Telstra (Score:4, Informative)

      by Paska ( 801395 ) * on Wednesday March 29, 2006 @11:15PM (#15023558) Homepage
      > I'm wondering if this would have gone ahead if Telstra was still owned by the Government. They're our biggest ISP.

      51.8% of Telstra is owned by the Australia Government, that gives them the majority share.
    • the government still owns 51% of telescum, what's your point ?
      • the government still owns 51% of telescum, what's your point ?

        Thanks to the Liberal Party gaining control of the Senate in the last election, they've passed the legislation needed to sell their remaining share. So that 51% won't last the end of this year.
        • So that 51% won't last the end of this year.

          The activities of the recent management are driving the share price down a huge amount and the future sale money has already been earmarked for so many things that a fire sale at a low price is unlikely - as well as it pissing of the first lot of investors (a large number of the Australian voting public) who paid a high price before. Enough members of the coalition required to keep the government in power are also worried about poor service after the sale in thei

  • Logging IP Address (Score:3, Insightful)

    by clockwise_music ( 594832 ) on Wednesday March 29, 2006 @11:16PM (#15023565) Homepage Journal
    (I previously posted this on zdnet.com.au)

    What I don't understand is section 8.1: "ISPs directly responsible for the allocation of IP addresses to their subscribers (eg, all of them) will use all reasonable efforts to retain information pertaining to those allocations for a minimum period of seven days."

    Can someone tell me what this has got to do with spam? Isn't this just a case of our privacy being thrown out the window but disguising it within a "spam act"?

    7 days is a bit of a joke.. what this means in reality is that ISP's will now have to store your account name, IP address and logon-logoff times in a db. Sounds to me like law enforcement want more evidence available for either prosecution or spying.
    • As an American, this doesn't surprise me. Coat-tail provisions to new proposed laws commonly have little to do with the original law. It's probably the same in Australia.

      I guess this might be construed as off-topic, so we'll rectify that now. Spam sucks, and spam prevention laws don't work. There.
    • I'm pretty sure they already store that information - even if it's just something like a RADIUS log. And it has to do with spam because if your machine gets zombified and used as a relay, your IP address will show up in the headers of messages it sends, so it allows the ISP to identify your account and contact you to fix it (or, potentially, block your 'net access until you do). However, I agree that it opens up a whole can of worms in terms of what else that information could be used (and subpoenaed) for.
    • by grrrl ( 110084 )
      7 days is a bit of a joke.. what this means in reality is that ISP's will now have to store your account name, IP address and logon-logoff times in a db. Sounds to me like law enforcement want more evidence available for either prosecution or spying.

      well, I can log into my ISP's web-based account manager and get my login/logout times and IP details for the last month.

      how can you assume they aren't keeping track already?? the implementation seems trivial.
    • 7 days is reasonable for retention of that information. It allows abuse desks to track down complaints and see who the real spammer was..
    • Can someone tell me what this has got to do with spam?

      If your ISP are able to map IPs to users, they can take a spam complaint and find out where the spam came from. Most spam doesn't go through an ISPs mail gateway; the spammer (or zombie PC) simply connects directly to the target mailserver. That mailserver will log the IP source of all messages.

      7 days is a bit of a joke.. what this means in reality is that ISP's will now have to store your account name, IP address and logon-logoff times in a db.

      If

    • Most ISP's use some sort of Radius server to authenticate and to assign an IP address/services to a customer as they connect. We probably have Radius logs a year or more back just because they don't take up a lot of space and are very useful for tracking down the responsible users for spam complaints or a myriad of other purposes.
  • can manage to mangle even the best of intentions. I fail to see how this can stop someone from sending scads of spam through an ISP based outside .au. I do, however, see how this places a burden on ISPs and on legitimate mailing list managers. My feeling is that until some agency, like the WTO, can arbitrate spam investigation and fine enforcement on an international level, there will be no significant progress. If, however, my ISP can track a batch of spam back to an ISP in, say, Singapore and can file a
  • I'm really beginning to dislike Australia. I keep hearing about more and more laws that restrict the behavior of individuals and businesses--even more so than I hear about here in the US.

    Not trolling. Honest! I even left out a potentially inflaming sentence.
    • Re:Oi (Score:1, Interesting)

      by Anonymous Coward
      It really does seem that there's no situation that Australian politicians don't reflexively pass laws to address. It's a sign of an unstable society, quite frankly.

      I once asked an Australian why a country that's stereotyped as being full of rugged individualist types was so hell-bent on becoming an Orwellian nanny state. He replied, "Aw, nobody pays attention to all those laws anyway."

      I guess that works OK, until they come for you with the heavy artillery.
    • I'm really beginning to dislike Australia. I keep hearing about more and more laws that restrict the behavior of individuals

      I concur. Last year I was planning to move over there this summer, but it's off now. Internet censorship, race riots and the PM is Bush's bitch apparently. Perhaps New Zealand, but the accent on some chicks really puts me off. ;-)

    • No. Your're just used to your country being frucked up more. In particular, your communications sector.

      The internet industry here has been showing the finger to the politicians a lot as of late.

      Separation of church(|dumbasses*) from state? Oops, never happenens in the US, lousy religious arses run your country. Oh noes, now their trying to run ours! Nooo...

      * I don't want to offend anyone religious, but too many politicians are too religious.
    • Re:Oi (Score:3, Interesting)

      by aXis100 ( 690904 )
      It's just a slow news week is all. The Australian government regularly does stupid things, it's just this week it got noticed by the press.

      Most of it never eventuates because Howard does a backflip once he's reminded that 80% of the Australian people think he's a twit.
  • by 0x00 ( 224127 ) on Thursday March 30, 2006 @12:05AM (#15023834)
    The Prime Minister, John Howard, used spam provided by his son's company in the last election campaign. Unsoliticated email was sent containing Liberal Party election material to voters.

    http://www.abc.net.au/news/newsitems/200408/s11863 89.htm [abc.net.au]

    --

    0x00
    • The Prime Minister, John Howard, used spam provided by his son's company in the last election campaign. And he won the election - I can see why Australians need anti-spam laws - they are too stupid to recognise that spammers are bad!

      If I thought an ISP could block spam properly I might switch to them. Unfortunately I have my doubts. Has anyone had an ISP which could do it right?

  • Not Spam (Score:1, Troll)

    by Ranger ( 1783 )
    I thought it was called Vegemite in Australia.
    • Better not make fun of Vegemite lest you be marked troll too. I must have hit a nerve comparing Vegemite to Spam. It's not that Vegemite is made from asphalt scrapings or that it tastes vile. I guess if you drink enough Fosters you can't taste it anymore.
  • All this does is shift the cost onto the ISPs who are at the receiving end. This is exactly what the spammers do, and why spam is theft.
  • "But under the new code, ISPs will have to offer spam filtering options to subscribers and provide a system of handling complaints. They will also have to impose reasonable limits on the rate at which subscribers can send email."

    Can't the market work out the first part? If people want SPAM blocking, then ISPs will provide it, possibly for a fee if it's expensive to provide or only some customers want it. The only need for government-imposed features is when ISPs aren't working to prevent outgoing SPAM (and
  • Oh yes... (Score:1, Offtopic)

    by mccalli ( 323026 )
    If we can get the Aussie Rules [wikipedia.org] lot to crack down on spam...it'd stop pretty quickly.

    Cheers,
    Ian

  • Spam thats a funny name mate, I would have called it a chazwazza!
  • owning my own domain allows me an infinite number of email addresses, i use a unique one for every company i contact

    I'm emigrating from UK to Oz in october

    I recently contacted the http://www.immigration.com.au/ [immigration.com.au] with the online form for details about meet and greet, the contact email addy I used was immigration@mydomain

    less than two weeks later i'm being hammered with spam to that email address
    worryingly though, at least one of the spams has addressed me by name, I can only assume that they could have all my
  • than this article posted on March 28th [slashdot.org]?

    Come on guys. It was only 24 hours ago that the story was on the front page!

  • A Real Spam Solution (Score:3, Interesting)

    by trazom28 ( 134909 ) on Thursday March 30, 2006 @09:24AM (#15025768)
    How about a law that requires up to date anti-virus software on everyone's computer. Granted, enforcement would be a bitch, but hear me out on this one..

    Judging from the customers that come through the door and the complaints, a good.. 75-80% of spam seems to originate not from one person sending out massive emails.. but rather trojan zombie computers. 300 compromised computers on a high speed connection of any kind, sending a small volume of spam mail make a significantly bigger impact than one uncompromised machine at a spammer's house sending out email.

    Ok.. now you may shred this idea up :)
  • I once saw a standard reply form for idiotic anti-spam solutions but can't find it anywhere, would somebody be so kind as to post one?
  • The purpose of this legislation (like most regulations) is to create monopoly protections for existing ISP's. Large existing providers will have no trouble complying, but startups will suddenly have to face new costs. I have a feeling that small competitors will end up being "reported" by "customers" and put out of business by the legal and compliance costs. Even the threat of a $10m fine and legal costs to ensure compliance will discourage potential competitors. Consumers will not only end up paying hig
  • I'll probably get trolled for this one but.. Couldn't the government crack down on MS for security? Most of this SPAM is coming from MS zombied machines. I'm sure there is nothing they can do (nothing the US gov has done has made any difference..) Instead of forcing ISPs to try to block this, go back to the source.
    • Windows is an operating system, not a SMTP server, or a product designed to send spam.

      Extrapolating from your idea: we can blame it on the manufacturers who provide the hardware that makes networks possible - that will definitely eliminate spam and all the evil things Internet 'offers' us.

      But the most important thing is that even is [by a miracle] Microsoft and Windows vanish from the face of the planet - spam will stay. In other words, your solution will not solve the problem.
  • Spam is a way to advertise a product. This means that there is some information which allows me to establish a connection to the physical entity that actually sells the thing being advertised.

    Why not thoroughly read the spam-email and use the information they provide against them? For instance - if they leave their phone number, address or provide a URL, one can [actions] call that number or visit that place and fine them, press charges, 'politely ask them not to do that', and so on. In the case of the web-
  • I hope it's a lot better than Australian Rules Football
  • Sounds like a profitable opportunity to sell Australian ISPs drop-in servers which allow customers to choose which of a list of standard antispam options (and programs) they want run on their mailboxes. That way, the ISPs can say they've implemented antispam measures, the burden of configuration will be put on users, the spam will still not be completely stopped and the goverment can continue to ignore the problem. Everyone wins. Except the ISPs who have to buy these things. And the users whose fees will in
  • I wonder what they actually mean by "providing spam filtering"? Does that mean that they MUST provide me a workable SPAM filter? or even a non-workable one (ie: Windows software - since I don't use Windows)...

Hard work never killed anybody, but why take a chance? -- Charlie McCarthy

Working...