Spam from Taiwan

TristanGrimaux writes "According to a recent study done by CipherTrust, two thirds of the world's spam is sent by Taiwan servers. The US follows with 24% and in a distant third is China with only 3% of the servers who actually sends the spam." The article cites easy access to broadband and lack of crackdown on offenders as the main contributing factors.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Whats specific about Taiwan?

[WinEveryGame]

So, what is so specific about Taiwan that causes this?

Availability of relatively cheaper computing power with good bandwidth?

Some legal stuff?

Availability of some skill set?

I've done tests with HoneyBOT

[Spy der Mann]

http://www.atomicsoftwaresolutions.com/honeybot.ph p [atomicsoft...utions.com]

With this software emulating an open SOCKS proxy, I've been able to detect several scans of port 1080, and then attempts to send e-mail to different servers around the world (i.e. Israel).

I don't remember if I got requests from Taiwan, but I did get them from South Korean IPs.

Re:Survey Says?

[Short Circuit]

As for following the money...I let the SEC do that. About once a week, I get a spam message pushing one stock or another. I forward them to enforcement (at) sec.gov. The message gets looked over by a lawyer.

I don't know that it does anything about the spam, but hopefully whoever paid for the message gets paid back.

Re:China has cheap broadband access

[Telvin_3d]

Heh, these days, everywhere except North America has cheap broadband. All the other governments see it as an important investment.

Re:China has cheap broadband access

[layer3switch]

France
*Total Population: 60,876,136
*Internet Users: 26,214,174

China
*Total Population: 1,313,973,713
*Internet Users: 111,000,000

I think, that number speaks for itself.

*ref. from CIA World Fact Book [cia.gov]

China sending spam

[VincenzoRomano]

China with only 3% of the servers who actually sends the spam.

I was pretty sure that there was no way for China spammers to send email outside their borders!
And they don't need to. With their billion+ population, one fifth of the world can be reached without passing the invisible borders!

Re:I've done tests with HoneyBOT

[BrynM]

That's a cool project for a Windows honeypot. Thanks for the link. Outside of honeypots, I've been blanket filtering addresses from APNIC on my mail server for about a year now using some ideas I learned from this [tsg.ne.jp] project (I filter at the mail request level rather than iptables). It's sad to filter an entire geographic region like that, but my users never talk to people from the Pacific Rim that I know of. My server (running XMail [xmailserver.org]) is small, but my logs for the filtered emails constantly show the spam blocked exceeds the number of legit mails by a factor of four.

Since I started filtering, I've turned a couple of other admins onto the idea. I wonder if TW/KR will find themselves in some odd form of network segregation in the future as more people adopt the practice of filtering their IPs. That might push the authorities into a little more action.

Hinet Lax Policies

[Spikeman56]

I believe the main issue is that broadband here is pretty much monopolized by Hinet. If you have a phone (landline), chances are you have a Hinet e-mail address. For some reason Hinet never, ever, authenticates their e-mail servers allowing them to be used from anywhere for any purpose. As a result a lot of companies (like AOL possibly) have just banned the whole entire Hinet domain, which often results in e-mails going outside of Taiwan never getting to their intended recipient. Hinet is a mess, I don't why they're so bloody awful at maintaining their servers responsibly, but its providing to be a huge problem both worldwide and for Taiwanese people themselves.

You can easily fight with spammers.

[Snipergrunge]

By the way... Most spammers who sent you letters to visit their web pages want's you to click their Google adSense ads. So, help them! Keep clicking Google banner untill your arm get tired and guess what happened. Google will close their account in one second because Google systems will decide that advertiser trying to cheat. It is impossible to open account again! SPAMMER DEAD!

Re:Survey Says?

[ciscoguy01]

Let the SEC do it.

The SEC. Ha. A worthless three letter agency, if you ask me.
The SEC's lawyers wanted my help on stock tout junk faxes. I told them I had the information they wanted and I could get the rest and testify- but only if they were going to put the junk faxers out of business. They had no intention of doing anything. They are just going through the motions, drawing government salaries. I declined to help them.

Like the FCC, another worthless three letter agency.
They fined Fax.com $5.4 million for sending out junk faxes. The FCC's lawyers wanted my help too, if I had bothered with them the fine would have been $240 million. I have files full of those junk faxes.
The FCC did nothing whatsoever to collect. NOTHING
If you or I owed the government money I can assure you they would be collecting from us.

SPAM origins

[__aanonl8035]

I run my own mail server for my private email that I only use with friends.
Lately, I have been getting spam about stock investments, and I notice that
it was pretty consistent so I started investigating what was going on with
my server. I started marking down ip addresses of the offending servers
and blocking them if I felt they were not legitimate mail servers or if it
was from a country that I know I will not get email from on my personal email
account.

I have been blocking a new server every day for 2 months.

Here is the scarey part. I still get the same email spam every day, but
only once.

My hunch is telling me that the purveyor of this message is using some
sophisticated means of harnassing zombie machines to send messages, and is
only sending a few messages at a time so that automated blackhole lists
never catch on fast enough. (such as spamhaus)

I have noticed that these machines are almost always located in Asia,
Latin America, or Eastern Europe...

It got so bad, I just started block entire class A's from countries I know
I am not going to email to or from.

59
61
80
81
83
84
85
87
88
201
211
218
221
222

Re:Taiwan China ...

[LostInTaiwan]

Saying Taiwan and China are both China is like saying both England and Australia are Great Britan. Taiwan was a part of China till China forked it over to Japan 100 years ago. Go back a few more hundred years, Taiwan belonged to the Dutch, whom I think is the first county to officially plant their flag and call it their own. . . . Most Taiwanese are ethnic Han Chinese, but so are most Chinese Americans. . . and most Australians can trace their roots back to GB but that does not mean they are British.

Taiwan is Taiwan. Taiwan is is a completely separate policital entity, way different from China. . . . I think they're trying to impeach their president right now. . .lol. . . I like to see that in China. . . .

regarding spammer from Taiwan. . . . base on what I saw the geeks to nerds ratio is too low to product a sizable indigenous hacker population. . .

John

Spam solutions

[Antony-Kyre]

I'm not really sure how to deal with that, but let us focus as one method of spam. The method would be sending to a variety of e-mail addresses. Those kind of dictionary attacks or whatever they are killed. If e-mail providers were to make some dummy addresses which if hit, could block the e-mail server and/or IP address(es) for a given period of time, wouldn't that work?

(Fine, mod me down if you think this is off topic.)

Another way to create awareness among chinese

[himanshuarora]

Send spam to Chinese people. These people should not be deprived of any knowledge about their government. For the first time spam could be used for good purpose.

Re:Spam solutions

[grogglefroth]

I've done this in the past. In 1997, I posted a single message containing only ":q" in the body to 19 (not 20!) newsgroups. Within a few hours, the first spam started rolling in. My smtp filter would automaticallly blacklist any sender+ip combo that sent mail to this bait address. This was very very effective for many years. A few years ago, I finally stopped using this method, as the use of using zombies made this practice no longer effective.

Greylisting is currently the most effective means I'm using right now for spam control; but I'm sure that'll change over the next few years too.

You forgot the legal reality

[lxt518052]

The two political bodies still don't see each other legally representing China. Territories in both constitutions overlap, if not identical. The citizens cannot travel to the opposite area by passport like most countries do. They need special arrangement. PRC issues Taiwanese Citizen Certificates to citizens from ROC. ROC issues Entry to Taiwan Certificates. These are the only legal travel documents if either people want to enter the other side. Note, the travel document issued by ROC is not called Entry to ROC Certificate, because mainland is legally also part of ROC. Taiwan, by ROC's own definition, is just the name of a region, not a country.

Legally, the civil war in the 40s has not finished yet. Neither side of the war has been eliminated. No treaty or cease-fire agreement was signed. Both sides just prefer not to fight for now.

This situation is very complicated. Indeed, it's getting more complicated as more political powers want to get involved in it. I think the best way to resolve it is to leave it to the Chinese people of both sides to sit down and talk. Any open foreign involvement and provocation from the Taiwan Independence side will risk a full-blown war in the region.

Re:Whats specific about Taiwan?

[Yvanhoe]

Some legal stuff?

Maybe so. If you speak to a taiwanese official, you angry China, fearing that you might recognize Taiwan as a political entity different from mainland China. The political correctness wants that you complain at Beijing that the chinese province of Taiwan is sending a lot of spam. Of course they can't do anyhting about it but don't want you to meet the people in charge there.

I guess they have a lot of P2P there too...

Genius born every minute

[Anonymous Coward]

Gee, you're smart.

I'm going to photocopy your tip and mail it anonymously to my business competitors, so when they try it, not only will google blacklist the ad account of the website, but they'll also permanently blacklist the subnet of the offending clicker, and any related ad accounts related to the ip of where the offending clicker logs in from. What an idea!

Also, after more than a half dozen years of my filtering spam and never having followed a spam link to a website, it appears you have the higher mental skill set to actually follow the spam links, letting the spammer know your email account is functional and worth spamming. Thanks for taking the flack for the rest of us.

One thing I've noticed is that the spammers themselves must be incredibly afraid of the power the SEC has to put them out of business. If the SEC puts the power they have to go after insider trader violators (and believe me, the laws they have to prosecute them are incredibly effective at "turning" violators and getting them to implicate others), and put that power to work going after spammers, they could lock them up for tens of years each and very quickly. Take a look at every OTC and pink sheet stock scam spam you get. At the bottom, they include the SEC safe harbor language that exempts them from prosecution for promoting stocks without a broker license, among other safe harbor exemption language. So to understand this, you realize that the spammers have no fear of getting caught sending porn spam without the "SEXUALLY EXPLICIT" notice in the subject line of the spam, they have no fear of going to jail for pushing fake or real Viagra or international internet narcotics sales (not legal in any way shape or form in the US no matter what, not even intra-pharmacy), they have no fear of the departments of state or state attorneys general for selling fake diplomas, they have no fear of state banking departments, departments of state, or state attorneys general for soliciting for mortgages without being licensed mortgage brokers in every state they advertise in, they have no fear of local, state, or federal prosecution for fraud for deceptively low interest rates quoted in their spam, fear of other fraud prosecution for their other fraud scams, yet they are so afraid of the SEC laws that they are sure to include safe harbor language in every spam they send.

I think the easiest thing the feds can do to prosecute the spammers is to remove the safe harbor shield for spam promoting public traded companies if the spam hides the originating server, hides the return email address, forges headers, doesn't provide a street address, full legal name, full phone number and any related license number in every spam body, or if they misspell any part of the safe harbor language, or improperly use caps. This would enable the SEC (and other federal enforcement agencies) to use federal laws related to stocks for prosecution of the spammers, which bring long term jail sentences, and would also enable mail server administrators to block spam which does use the safe harbor language effectively without worrying about the spammers dodging their way around the filters by misusing caps, by words intentionally, etc.