 |
|
| technology > computing |
![[CNN Money]](http://i.cnn.net/cnn/images/main/fn.logo.newsnet.gif){kind=logo}
![[SI.com]](http://i.cnn.net/cnn/images/main/si.logo.gif){kind=logo}
( | |
 |
|
| |
| |
EDITIONS: | |
MULTIMEDIA: | |
E-MAIL: |
Subscribe to one of our news e-mail lists. Enter your address: |
DISCUSSION: |
CNN WEB SITES: |
 |
TIME INC. SITES: |
CNN NETWORKS: |
|
SITE INFO: |
WEB SERVICES: |
China seen as a growing source of spam
|
(IDG) -- Just as the U.S. is getting a grip on its own spam problem, China has emerged as a new source for a tide of unsolicited e-mail that is clogging up in-boxes around the world.
Two types of spam from China are increasing, according to people who track the problem. One type originates from Chinese marketers, is written in Chinese, and advertises mostly pirated software, Chinese Web sites and electronics goods. Chinese-language spam emerged as a real issue about six months ago and has been snowballing ever since, observers say.
"This has started to get out of hand," said Steve Linford, managing director of Ultradesign, a small London-based Internet service provider. "We had a few Chinese spams in December, then in January it suddenly shot up, and since then it's started going haywire."
 | MESSAGE BOARD | |
|
| ||
"It's a waste of time and a waste of space," said Dave Jacobs, a California software engineer. Jacobs said he's been receiving four to six Chinese spams a day in his personal in-box for the past several weeks, along with one or two English-language spams and a handful of personal e-mails.
China is also a growing source for a second type of uninvited e-mail that actually originates in the U.S., but is distributed via a host of insecure, poorly administered mail servers in China and elsewhere. Unlike in the U.S., where political pressure has forced ISPs to take action against spammers, network providers in China appear unprepared ö or unwilling ö to take similar steps.
| MORE COMPUTING INTELLIGENCE |
IDG.net home page
|
| The Standard.com |
| TechInformer: The Thinking Internaut's Guide to the Tech Industry |
| Reviews & in-depth info at IDG.net |
| E-BusinessWorld |
| Industry Standard email newsletters |
| Questions about computers? Let IDG.net's editors help you |
| Industry Standard daily Media Grok |
|
Search IDG.net in 12 languages |
| News Radio |
Fusion audio primers
|
|
Computerworld Minute
|
"It seems in China that the level of education and awareness about spam isn't there yet," said Nick Nicholas, head of the Mail Abuse Prevention System, or MAPS, a California nonprofit group that helps ISPs fight spam.
In some cases, Chinese network providers use older software that makes it easier for spammers to use their mail servers to relay spam that originates from dial-up accounts in the U.S., Nicholas said. In other cases, "there are people there who are happy to take money (for distributing spam) and to do it with impunity," according to Nicholas.
It's hard to know exactly how much junk mail comes from China, since identifying and measuring all the e-mail that crosses the Internet would be an impossible task. Experts are quick to note that the vast majority of spam on the Internet ö as much as 90 percent ö originates in the U.S., where most of the insecure servers used to relay spam reside.
But as ISPs here clamp down on spam and administrators button down networks against viruses, hackers and other threats, experts fear that spammers will increasingly turn their attention to China and other emerging Internet nations to distribute their payload. In addition, they see the emergence of Chinese-language spam originating from such a potentially vast market as an ominous sign.
"I'm very sure that as more countries get on the Net they will generate more spam," said Sunil Paul, CEO of Brightmail, which offers a service that helps customers block spam. Paul testified to noticing an uptick in spam from China and Taiwan in the past year, but said he has also come across more spam recently from South Korea, Spain, Germany and the U.K.
The fact that most recipients outside China don't understand the content of Chinese e-mail is a reflection of the economics of spam, MAPS' Nicholas said. "If it's no cost to you, why not just send it to everyone whether they understand it or not," he asked.
MAPS studies pieces of spam to figure out where they have come from and distributes a list of frequent offenders so ISPs will be able to block mail from those sources. Known as the Realtime Blackhole List, or RBL, it includes thousands of IP addresses. Some apply to individual Web servers, while others delineate whole blocks of servers used by ISPs considered friendly to spammers.
MAPS estimates that the RBL protects between one-third and one-half of all the e-mail boxes in the world. Most of the major service providers in the U.S. declined to be interviewed for this story, including MSN, Prodigy Communications, America Online and Earthlink. Nicholas said that the people who use Microsoft's Hotmail service, AOL and New Jersey-based ISP Erols Internet are protected by the RBL, either directly or through network providers to which those companies subscribe.
Of 2,800 listings currently on the RBL, about 5 percent are Chinese, up from about 1 percent at this time last year, Nicholas said. Most of the 5 percent are listings for insecure servers being used to route mail to and from the U.S., but a growing number are for Chinese servers dishing up junk mail that originates in China, Nicholas said.
MAPS doesn't "blackhole" an IP address unless it has tried to contact the provider and received no response. One problem frequently cited with Chinese ISPs is a failure to respond to complaints, whether that comes about because of language issues or because ISPs in the region don't provide postmaster addresses to which complaints can be addressed, according to Nicholas and others.
"China is a big black hole ö if you write a complaint it will be ignored," said Steve Atkins, founder of SamSpade.org, a Web site that provides tools for tracking the origin of spam.
The problem of spam from China has grown severe enough that a few smaller service providers, including Britain's UXN, have started blacklisting all of the IP addresses assigned to China Telecom, the state-owned carrier that provides backbone services for all of China's approximately 200 ISPs. MAPS isn't ready to go that far yet.
"There have been calls to list all of China Telecom (addresses) on the RBL," Nicholas said. "That's not the way we work, but there has been enough spam coming out of China that people are raising this as a real issue."
ISPs that have been blocked completely by MAPS include Chinese ISPs 163.net, 263.net and Netease, Nicholas said. Those companies also crop up frequently on spam discussion boards, which have been buzzing in recent weeks with talk of the Chinese spam problem. Netease operates one of China's most successful Chinese-language portals, and is expected to go public in the near future. Contacted in China, a spokeswoman for Netease couldn't say immediately if the company is aware it is a source of spam.
MAPS hopes that as more companies block Chinese e-mail, China Telecom will clamp down on spam within its networks.
"When the amount of IP space in China (listed on the RBL) reaches a certain point we'd expect China Telecom to deal with it," Nicholas said. "If they don't, that's the time we would blackhole China Telecom."
China isn't alone in the problem it presents, he said. The vast majority of IP addresses listed on the RBL are insecure servers in the U.S., many of which belong to educational institutions. Telstra, Australia's largest carrier, also features prominently on the RBL, while servers in Korea, Singapore, the U.K. and Spain have also been fingered as common sources of spam, according to Nicholas.
Spam isn't just a waste of time and bandwidth; it's also a financial liability for consumers and businesses. A recent study by market research company Gartner Group estimates that spam costs ISPs $7.7 million for each 1 million consumers, mainly through customers joining a different ISP because they are fed up with spam. The nonprofit Coalition Against Unsolicited Commercial E-mail, or CAUCE, points to other costs for ISPs ö including paying for extra bandwidth and processing power. Many of those costs are passed along to consumers.
The amount of spam overall is increasing, but at a slower rate than it was a year ago, largely thanks to enforcement efforts by ISPs in the U.S. and Europe, said John Mozena, VP and cofounder of CAUCE.
"The enforcement activities by ISPs have been the most successful part of combating spam. You have to look long and hard to find one that doesn't take swift action against spam in their network," Mozena said.
Some spam-watchers see a shift in the type of spammers at work. On the way out are what MAPS refers to as "chicken-bone" spammers ö a colorful term designed to suggest small-time spammers who have limited incomes and survive on a diet of fried chicken.
Remaining, according to Nicholas and others, are the more serious "hired guns" who open several ISP accounts at one time using fake credit card numbers and spam from them solidly until they get shut down and move on. Like chicken boners, these spammers use devious techniques to go undetected, such as relaying mail through overseas servers and forging e-mail header addresses.
On the horizon, meanwhile, are legitimate U.S. businesses that view unsolicited e-mail as a natural extension of telemarketing and direct marketing by mail. These businesses, according to Nicholas and other opponents of spam, want to see the practices used by more unscrupulous marketers outlawed in order to legitimize spam for use by mainstream businesses. Opponents often refer to this type of spam as "mainsleaze."
"What we're seeing is the end of the chicken-boners and the rise of mainsleaze," Nicholas said.
RELATED STORIES:
Gov't-approved MP3 site to launch in China
March 6, 2000
Beijing tightens Internet security rules
January 28, 2000
China tightens its control over the Internet
January 26, 2000
Survey: China Internet use soaring
January 25, 2000
RELATED IDG.net STORIES:
Spam: There oughtta be a law
(IDG.net)
Anti-spam organizations petition against DMA plan
(InfoWorld)
Read an e-mail, lose your privacy
(SunWorld)
Spam ... can't leave home without it
(Network World Fusion)
Privacy groups ask FTC to close e-mail loophole
(IDG.net)
Brace for campaign video spam
(The Industry Standard)
Fight spam with CommuniGate Pro
(LinuxWorld)
Survey: Consumers support antispam legislation
(Computerworld)
RELATED SITES:
Prodigy
America Online
Microsoft
AOL
Gartner Group
Note: Pages will open in a new browser windowExternal sites are not endorsed by CNN Interactive.