Spam from Taiwan 229
TristanGrimaux writes "According to a recent study done by CipherTrust, two thirds of the world's spam is sent by Taiwan servers. The US follows with 24% and in a distant third is China with only 3% of the servers who actually sends the spam." The article cites easy access to broadband and lack of crackdown on offenders as the main contributing factors.
Comment removed (Score:5, Interesting)
Whats specific about Taiwan? (Score:2, Interesting)
Availability of relatively cheaper computing power with good bandwidth?
Some legal stuff?
Availability of some skill set?
I've done tests with HoneyBOT (Score:3, Interesting)
With this software emulating an open SOCKS proxy, I've been able to detect several scans of port 1080, and then attempts to send e-mail to different servers around the world (i.e. Israel).
I don't remember if I got requests from Taiwan, but I did get them from South Korean IPs.
Re:Survey Says? (Score:3, Interesting)
I don't know that it does anything about the spam, but hopefully whoever paid for the message gets paid back.
Re:China has cheap broadband access (Score:3, Interesting)
Re:China has cheap broadband access (Score:5, Interesting)
*Total Population: 60,876,136
*Internet Users: 26,214,174
China
*Total Population: 1,313,973,713
*Internet Users: 111,000,000
I think, that number speaks for itself.
*ref. from CIA World Fact Book [cia.gov]
China sending spam (Score:3, Interesting)
And they don't need to. With their billion+ population, one fifth of the world can be reached without passing the invisible borders!
Re:I've done tests with HoneyBOT (Score:5, Interesting)
That's a cool project for a Windows honeypot. Thanks for the link. Outside of honeypots, I've been blanket filtering addresses from APNIC on my mail server for about a year now using some ideas I learned from this [tsg.ne.jp] project (I filter at the mail request level rather than iptables). It's sad to filter an entire geographic region like that, but my users never talk to people from the Pacific Rim that I know of. My server (running XMail [xmailserver.org]) is small, but my logs for the filtered emails constantly show the spam blocked exceeds the number of legit mails by a factor of four.
Since I started filtering, I've turned a couple of other admins onto the idea. I wonder if TW/KR will find themselves in some odd form of network segregation in the future as more people adopt the practice of filtering their IPs. That might push the authorities into a little more action.Hinet Lax Policies (Score:4, Interesting)
You can easily fight with spammers. (Score:5, Interesting)
Re:Survey Says? (Score:4, Interesting)
The SEC. Ha. A worthless three letter agency, if you ask me.
The SEC's lawyers wanted my help on stock tout junk faxes. I told them I had the information they wanted and I could get the rest and testify- but only if they were going to put the junk faxers out of business. They had no intention of doing anything. They are just going through the motions, drawing government salaries. I declined to help them.
Like the FCC, another worthless three letter agency.
They fined Fax.com $5.4 million for sending out junk faxes. The FCC's lawyers wanted my help too, if I had bothered with them the fine would have been $240 million. I have files full of those junk faxes.
The FCC did nothing whatsoever to collect. NOTHING
If you or I owed the government money I can assure you they would be collecting from us.
SPAM origins (Score:5, Interesting)
Lately, I have been getting spam about stock investments, and I notice that
it was pretty consistent so I started investigating what was going on with
my server. I started marking down ip addresses of the offending servers
and blocking them if I felt they were not legitimate mail servers or if it
was from a country that I know I will not get email from on my personal email
account.
I have been blocking a new server every day for 2 months.
Here is the scarey part. I still get the same email spam every day, but
only once.
My hunch is telling me that the purveyor of this message is using some
sophisticated means of harnassing zombie machines to send messages, and is
only sending a few messages at a time so that automated blackhole lists
never catch on fast enough. (such as spamhaus)
I have noticed that these machines are almost always located in Asia,
Latin America, or Eastern Europe...
It got so bad, I just started block entire class A's from countries I know
I am not going to email to or from.
59
61
80
81
83
84
85
87
88
201
211
218
221
222
Re:Taiwan China ... (Score:1, Interesting)
Taiwan is Taiwan. Taiwan is is a completely separate policital entity, way different from China. . . . I think they're trying to impeach their president right now. .
regarding spammer from Taiwan. . . . base on what I saw the geeks to nerds ratio is too low to product a sizable indigenous hacker population. . .
John
Spam solutions (Score:3, Interesting)
(Fine, mod me down if you think this is off topic.)
Another way to create awareness among chinese (Score:2, Interesting)
Re:Spam solutions (Score:2, Interesting)
Greylisting is currently the most effective means I'm using right now for spam control; but I'm sure that'll change over the next few years too.
You forgot the legal reality (Score:3, Interesting)
Legally, the civil war in the 40s has not finished yet. Neither side of the war has been eliminated. No treaty or cease-fire agreement was signed. Both sides just prefer not to fight for now.
This situation is very complicated. Indeed, it's getting more complicated as more political powers want to get involved in it. I think the best way to resolve it is to leave it to the Chinese people of both sides to sit down and talk. Any open foreign involvement and provocation from the Taiwan Independence side will risk a full-blown war in the region.
Re:Whats specific about Taiwan? (Score:3, Interesting)
Maybe so. If you speak to a taiwanese official, you angry China, fearing that you might recognize Taiwan as a political entity different from mainland China. The political correctness wants that you complain at Beijing that the chinese province of Taiwan is sending a lot of spam. Of course they can't do anyhting about it but don't want you to meet the people in charge there.
I guess they have a lot of P2P there too...
Genius born every minute (Score:1, Interesting)
I'm going to photocopy your tip and mail it anonymously to my business competitors, so when they try it, not only will google blacklist the ad account of the website, but they'll also permanently blacklist the subnet of the offending clicker, and any related ad accounts related to the ip of where the offending clicker logs in from. What an idea!
Also, after more than a half dozen years of my filtering spam and never having followed a spam link to a website, it appears you have the higher mental skill set to actually follow the spam links, letting the spammer know your email account is functional and worth spamming. Thanks for taking the flack for the rest of us.
One thing I've noticed is that the spammers themselves must be incredibly afraid of the power the SEC has to put them out of business. If the SEC puts the power they have to go after insider trader violators (and believe me, the laws they have to prosecute them are incredibly effective at "turning" violators and getting them to implicate others), and put that power to work going after spammers, they could lock them up for tens of years each and very quickly. Take a look at every OTC and pink sheet stock scam spam you get. At the bottom, they include the SEC safe harbor language that exempts them from prosecution for promoting stocks without a broker license, among other safe harbor exemption language. So to understand this, you realize that the spammers have no fear of getting caught sending porn spam without the "SEXUALLY EXPLICIT" notice in the subject line of the spam, they have no fear of going to jail for pushing fake or real Viagra or international internet narcotics sales (not legal in any way shape or form in the US no matter what, not even intra-pharmacy), they have no fear of the departments of state or state attorneys general for selling fake diplomas, they have no fear of state banking departments, departments of state, or state attorneys general for soliciting for mortgages without being licensed mortgage brokers in every state they advertise in, they have no fear of local, state, or federal prosecution for fraud for deceptively low interest rates quoted in their spam, fear of other fraud prosecution for their other fraud scams, yet they are so afraid of the SEC laws that they are sure to include safe harbor language in every spam they send.
I think the easiest thing the feds can do to prosecute the spammers is to remove the safe harbor shield for spam promoting public traded companies if the spam hides the originating server, hides the return email address, forges headers, doesn't provide a street address, full legal name, full phone number and any related license number in every spam body, or if they misspell any part of the safe harbor language, or improperly use caps. This would enable the SEC (and other federal enforcement agencies) to use federal laws related to stocks for prosecution of the spammers, which bring long term jail sentences, and would also enable mail server administrators to block spam which does use the safe harbor language effectively without worrying about the spammers dodging their way around the filters by misusing caps, by words intentionally, etc.