China Cleans Up Spam Problem 69
angry tapir writes "It's been a few years coming, but it looks like China may finally be getting a handle on its spam problem. Once the largest source of the world's spam, China has been gradually fading off the list of the world's top spam-producers. Right now Cisco Systems' IronPort group ranks it at number 18 in terms of spam-producing countries. That's a big drop from two years ago, when it consistently ranked in the top five."
I hope so, because it shouldn't have been hard. (Score:5, Funny)
It's not like they didn't have the existing hardware and infrastructure for a huge firewall or something.
Re: (Score:1, Insightful)
It also helps if you have the sort of government where you can just summarily execute anyone suspected of spamming.
Everybody can get on board with that, right?
Re: (Score:2)
Of course there is the possibility that you don't know what "summary execution" actually means.
Isn't that when you post a scathing, flaming reply based on only the slashdot summary, without RTFA?
Re: (Score:1)
Re: (Score:1)
didn't it come from the states? (Score:1)
Re: (Score:2)
From the article:
Note that "one-fifth". Lots of bots here but more in the rest of the world. They are managed mostly from Russia, of course.
Re: (Score:3)
Re:didn't it come from the states? (Score:4, Insightful)
And that article was a dupe from the 2001 when everyone started blocking mail from Korea because it was mostly spam. The US was the origin of the first spam, and has constantly been the biggest producer of spam since then, no matter what people's perceptions are. Currently Turkey seems to be on the up, but you can bet that it is still well behind the US.
The US is also the origin of the first non-spam email, and has constantly been the biggest producer of non-spam emails. Simple fact of the matter is, the US has the most computers, and the most infected computers.
Re:didn't it come from the states? (Score:4, Insightful)
According to the (slightly out-of-date) article, the whole of Europe sends less spam than the US. I'm quite sure there are more computers in Europe than in the US, as the population is more than 60% larger (only counting EU. The spam level in the article is likely about the whole continent, which has about 130% the population of the US), and the developement level is similar.
Re: (Score:2)
I have been firewalling China (the whole world, actually, except North American/ARIN registrants) for years on my company's servers. That alone cuts our spam load by 75-80 percent. RBLs and other measures take care of most of the rest, and server logs indicate less than 3 percent of spam gets through. That seems to be the equilibrium point between blocking spam and false positives.
Yes it does (Score:2)
It's really annoying. ISPs like Comcast forbid you from running any types of servers in the TOS, but don't even bother to block outbound port 25 connections. It's the worst of both worlds; legitimate server operators are banned, but they won't raise a finger to stop botnet spamming originating on their networks.
All they would have to to do is block port 25 by default, and say "call us" if you need to run a server. Spam would drop drop dramatically, and home servers would be possible.
Re: (Score:2)
Are you sure they don't block outbound port 25? Searching for "comcast port 25 blocking" seems to suggest that they are, in fact doing so, and have been since 2004.
Cox, one of Comcast's major competitors, also blocks port 25 on residential lines. Naturally, connections to port 587 go through without any problems. They also block inbound port 25 and port 80, which prevent people from running a home mail or web server, even if they use Cox's "smarthost" outbound mail server.
I would also like an "opt-in" optio
Re: (Score:2)
When I was with Comcast in 2009, I had no problems sending outbound data on port 25. I had a lot of mail dropped/bounced either because my IP block in a blacklist, which is common for a residential IP, or because I couldn't ask Comcast to create a correct reverse DNS PTR record for me. However, there was nothing on Comcast's side that was blocking traffic.
Re: (Score:1)
They've been blocking port 25 in problem areas since 2004; AFAIK, they only block when they've got a reported problem (by their definition).
Maybe (Score:4, Funny)
Re: (Score:1)
>> China (and HK) own 1 trillion of US debt.. they don't listen to you...
>>
> We still have the nukes that will make glass of their commie asses.
if you can afford it
Re:Maybe (Score:4, Insightful)
China is still happy to host spammers websites - yes .cn got cleaned up after being big chinese cash cow, but .ru is damm popular with chinese 'hosting' firms.
Spam is a two sided operation - the mail, and the site.
Re: (Score:3)
E-mail is free and can pass more than a single sentence, unlike SMS.
Facebook is like TV: no one I give a damn about uses either of them.
Re: (Score:2)
And I'd hazzard a guess that the majority of them are under 25 years old.
Email is still a great tool.
Re: (Score:2)
Email is great because its decentralised, facebook is a monopoly controlled by a single entity...
Re: (Score:2)
Facebook uses a version of XMPP, and you can at least download open clients.
Re: (Score:1)
what about those 150,000 gmail users that got their account reset? are they unhappy?
Re: (Score:1)
No, I think he needs to get *off* whatever meds he's on :p
Re: (Score:2)
Re: (Score:2)
That's right! Believe that! Tell all your "non-techie" friends!
Maybe September isn't eternal after all...
Dubious (Score:5, Informative)
I don't know where they are getting their sources but their listed references say nothing about chinas ranking. See
http://www.spamhaus.org/statistics/countries.lasso
China is still number 2.
Ha! (Score:2)
Putting that in perspective... (Score:3)
Re: (Score:2)
To be fair, we just passed an emergency vote to allow him to upgrade his Tandy 1000.
He should receive a 256KB RAM upgrade in four to six weeks. Hopefully the "99.999943% recommended" rating of seller CheapHKRAM432 on eBay is trustworthy.
Re: (Score:2)
I think that the number of hosts vulnerable to being turned into bots is what matters, not the number of users. A large fraction (maybe a majority) of China's users work from internet cafe so there are likely to be many users per host.
Coincidence... (Score:5, Funny)
Re:Coincidence... (Score:4, Insightful)
Re: (Score:1)
Now, if Google were to lose a bunch of accounts and Nigeria were to simultaneously clean up its spam problem, I'd be less likely to call coincidence :p
Google alone among the major free email providers does not include x-orginating-ip info (unless you send through gmail over smtp, in which case they do, for some reason), which makes filtering more expensive for people who see no reason to accept any email from 41/8 or other netblocks allocated to Africa. Gmail: a 419ers best friend.
Thanks a lot, Google.
Re: (Score:1)
Cisco Ironport spam numbers (Score:1)
Just a matter of distribution... and then money (Score:2)
In the end, its all for naught, however. As long as the spammers can make money sending out spam, they will find a way to do it. We can play international whac-a-mole with security and filtering settings but the spammers will continue to
Re: (Score:1)
Re: (Score:2)
2nd world countries? Uhhh...newsflash, the Soviet Union and its satellites collapsed 20 years ago
We can call them "former 2nd world countries", or "former Soviet Bloc countries" if you prefer. Although doesn't the concept of a "third world" become a little muddy if there is no second world?
maybe you didn't get the memo?
I got the memo, alright. Although some might argue that Belarus never did...
Our statistics (Score:5, Interesting)
Our stats show China at #8. The top 10 for us are:
The last three are all 1.3% because of rounding, but the order really is China - Vietnam - Poland.
Rankings are rank. (Score:1)
OK, not to cast this accomplishment in a bad light; but I wish rankings weren't used so often for this kind of thing.
The trouble with ranks is that everybody could be really close to the same number, and the rankings are just statistical noise.
Somebody else posted the percentage list upon which the rankings are based. That's better, but you still have to consider the number of hosts. A country with a small number of hosts could rank really low, and still have a large percentage of spambots.
China is a huge
Complete opposite (Score:2)
I've never had spam from China before, but in the last few months it keeps getting through all the filters of the Web hosting company I use.
Never have I had so much spam, and it always begins with "We are a China-based..." It should be easy enough to filter that, no?
Re: (Score:2)
Re: (Score:2)
> What's the setting for that ?
Spamassassin.
According to ProjectHoneyPot.org (Score:2)
China isn't even on the list for the last 30 days:
#1 India (18.3%)
#2 Brazil (9.5%)
#3 Russia (7.0%)
#4 Ukraine (5.1%)
#5 Vietnam (3.9%)
#6 Italy (3.3%)
#7 Germany (3.1%)
#8 Thailand (2.8%)
#9 Kazakhstan (2.5%)
#10 Romania (2.5%)
#11 Colombia (2.5%)
#12 Argentina (2.3%)
#13 Indonesia (2.3%)
#14 South Korea (2.2%)
#15 Taiwan (2.0%)
#16 United States (1.9%)
#17 Great Britain (1.9%)
#18 Poland (1.8%)
#19 Morocco (1.7%)
#20 Pakistan (1.6%)
#21 Peru (1.5%)
#22 Spain (1.4%)
#23 Israel (1.4%)
#24 Saudi Arabia (1.4%)
#25 Chile (1.3%)
Sour [projecthoneypot.org]
We're Number One! (Score:2)
Re: (Score:1)
Down to #18, SHOW THEM!!! We need to retain our leadership in something, eh? Perhaps, we can offer bulk mail rates for spammers, like the USPS. BTW, I noticed that the Chinese are a little on the lite side, weight-wise, when compared to our corn-fed-beef-fed Americans. There may be more of them, but as a whole we probably outweigh them. And did I mention that we have a better Super Bowl? Now, don't even get me started about NASCAR . . .
Sad, isn't it. If it's any consolation we're #1 in infant mortality amongst industrialized nations. USA!
SMS spam down...way down (Score:2)
Instead of spam, now it's SSH brute-forcing (Score:2)
China still seems to be the number one source of bots searching for valid logins on my ssh servers though. Followed, for some odd reason, by Brazil.
Re: (Score:1)
That's because the ones from China aren't usually bots.
I set up a script that runs an uncloaked nmap whenever the attempted ssh logons from a single IP hits a threshold; the attempts from India and Brazil just keep on pounding away until they're done, but the ones from China stop within 10 seconds of the start of my nmap probe.
one man's spam is another man's... (Score:1)
China has done the right thing: clean up botnets (Score:1)
China government put two orders, "Notification Guidelines for Internet Security Incidents" and "Detection and Response Mechanism against Trojans and Botnets", into effect in June 2009. This builds the framework for all stakeholders to work together to track and dismantle botnets. The spam