Slamming Spamming

Global junk e-mail operators are shifting their operations to China


By DING WENLEI

It used to take Yue Qianming, Vice President and China General Manager of ViVoDa Communication, Inc., less than one minute every morning to delete his junk e-mails. Now it takes him at least half an hour, checking mails piece by piece and blacklisting those addresses he doesn’t want repeats from.

ANTI-SPAM PIONEER: Li Yuxiao, Director of the Anti-Spam Coordination Team at the Internet Society of China, leads China’s campaign against spamming

“I have no alternative. I want to keep the goldfish when I spill the water out of the bowl, ” explained Yue with annoyance.

That annoyance has been felt by people throughout our small global village, who have given up pen and paper for the convenience and efficiency e-mail presents and been slammed by the phenomenon of spam, a term used to describe unwanted junk e-mails sent to thousands of e-mail users.

As China celebrates the 10th anniversary of its first full connection to the Internet, spammers worldwide are exploiting China’s slack attitude toward junk mails and shortage of spam legislation, pushing China to second place behind the United States, on London-based Spamhaus organization’s ranking of the worst “spam countries.”

A recent survey by Commtouch Software Ltd., which provides an anti-spam product, found that 71 percent of the websites referenced in spam e-mails were hosted in China.

In terms of the annoyance spam represents for Chinese Internet users, Li Yuxiao, Director of the Anti-spam Coordination Team at the Internet Society of China (ISC), estimated that 47 billion pieces of spam were received by Chinese users in 2003 and a collective 1.5 billion hours were wasted reading and deleting spam. The economic loss attributed to spam was put at 4.8 billion yuan ($581 million).

Since early this year, China has begun to address the spamming situation with due seriousness, seeking international understanding and cooperation.

With the help of the ISC, Spamhaus opened its China operations (www.Spamhaus.cn) in Beijing on May 25, swearing to “help Chinese e-mail and technology providers rid themselves of companies who use the servers to send bulk unsolicited e-mails around the globe.”

Economics of Spam

Li described marketing via spam, or “spamvertising,” as “a lucrative business that generates big profits from small capital,” which has made Alan Ralsky, a prolific and notorious spammer in the United States, a millionaire.

The spam king is now living the high life off the e-mail troubles of others in his 8,000-square-foot luxury spam-financed house that cost $740,000.

It was estimated by Li that Ralsky has earned over $30 million from junk mail sales over more than a decade, by charging his clients $1,000 for sending each batch of 1 million junk mails at the cost of $30. The price in China is dirt cheap comparison—100 yuan ($12.1) per 1 million sent.

According to Richard Cox, CTO (Chief Technology Officer) of Spamhaus.org, who was invited by the ISC to Beijing and Xi’an in April 2004, known spam operations are responsible for 90 percent of spam mails sent from China.

The industrial chain of spamvertising has fed spammers with various business focuses, from sales of spam transmission software to sales of CDs full of e-mail addresses they’ve procured from web pages and lists of open proxy servers.

By using spam transmission software that is easily downloaded from the Internet, anyone with a broadband Internet connection can send nearly 10,000 spam messages at the press of a button.

Why Spam Annoys

Due to a legislative gap in e-mail administration, many foreign spammers have forwarded enormous amounts of junk mails via Chinese mail servers. Consequently, many overseas anti-spam organizations began blocking China’s IP addresses, which has severely damaged the reputation of China’s mail servers and resulted in tremendous economic losses.

DAMNING SPAM: Chen Shifeng, Corpease.net CEO, and determined spam fighter, makes sure inbound spammers have nowhere to hide in China

Besides, batch mails usurp network bandwidth, multiplying the operation cost of e-mail service providers.

Spam, according to Li, distinguishes itself from normal e-mail marketing by several outward features of its behavior—unsolicited e-mails that cannot be rejected, usually concealing senders’ identities, addresses and subjects and containing false information.

Spam annoys individuals because “they waste netizens’ time and cause severe damage to hardware and software when they introduce viruses,” said Li.

Executive Yue Qianming, for example, always worries about two things when he shuttles on business trips between Beijing and his U.S. headquarters: Important business is delayed because he cannot check mails in time and mails carrying important messages are denied access to his e-mail box due to saturation bombardment of junk mails.

Liang Wenqing, researcher with the Chinese Academy of Sciences, who is now with a research team in the Netherlands, sympathizes with Yue, “As a researcher relying on e-mail for exchanges with fellow researchers at home and abroad, spam really harassed me when some important mails failed to reach me because of spam saturation.”

Yue observes that most spam sent to his free mailboxes is either advertising, e-zines, propaganda or pornography. The most annoying junk mails, Yue said, are those “introducing viruses that could cause the computer to break down because of aggravation of hardware and software damage.”

According to a survey adopted by Kingsoft recently, 47 percent of junk mails Chinese receive now carry viruses.

Pan Shiyi, a property developer in Beijing, admitted that “my business has been bombarded by spam carrying viruses several times” though he was personally less affected by spam because he never checks the content of mail and wastes little time in deleting junk mails thanks to a broadband Internet access.

Technology Cures?

However, Wu Yunkun, Director of Product Marketing of the Rocket Software (Beijing) Inc., suggests from his personal experience, “Spam is not that terrible provided that you are well informed about the nature of spam and equipped with efficient tools to block spam.”

SPAM BUSTER: Richard Cox, CTO of London-based Spamhaus, sets up a partnership with the Internet Society of China and Chinese anti-spam companies to step up the fight against spam

Filtering services installed by e-mail service providers, for example, is one of the tools Wu refers to and these have been at the forefront of China’s fight against spam.

As “deletion will never save your further troubles with spam,” Li says mere deletion of junk mail will never resolve the problem and urged netizens to report addresses of junk mails to webmasters, helping e-mail providers improve filtering services.

The ISC began getting tough on August 8, 2003, when it published its first spam blacklist of 225 Internet protocol (IP) addresses of servers responsible for sending spam, along with a one-month ultimatum: “Cut the spammers off or we’ll start blocking traffic from your network.”

The move saw spam drop 26 percent during the two months after the first list was published, although it has since rebounded despite the ISC issuing three subsequent lists, with the most recent in April.

“It was all because China hasn’t staged any anti-spam legislation until now,” explained Li.

“It is ironic that we cannot say spamming is ‘illegal’ due to the absence of certain laws, though we are quite aware of its infringement on our rights as e-mail address owners.”

Seeing China as a “spamming safe-haven,” a growing number of spammers have moved part or all of their operations to China, including the spam king, Ralsky. They are now targets of spam fighters like Chen Shifeng, COO (Chief Operation Officer) of Guangzhou-based Corpease.net—a provider of enterprise
e-mail systems.

As a partner of Spamhaus.org and member of the ISC anti-spam coordination team, Chen has been tracking activities of Ralsky and his Chinese agents for months and came up with two IP addresses in Dandong, Liaoning Province in late May.

However, the local police haven’t arrested or punished these spammers because there is no law under which they can be charged.

“No effective relevant law and difficulties in obtaining evidence are the great obstacles we met in this case and also a common issue facing China’s anti-spam organization and individuals, ” said Chen.

Legislation Lacking

Despite all the moves made by mail servers and anti-spam servers, the lack of related laws and regulations leaves much of the anti-spam action floundering.

“Sophisticated spammers like Ralsky are very familiar with many countries’ related laws, knowing how to circumvent risks by taking advantages of loopholes in the law,” said Li.

To tackle the problem, technically speaking, mail servers have to block spammers’ IP addresses, e-mail accounts or even domains. These measures are simply not feasible without explicit legal prescriptions, Yi said.

In February this year, the ISC publicly appealed to the authorities to speed up anti-spam legislation and establish an anti-spam system in which the government, industries, enterprises and the public can all participate. The ISC has submitted its proposal to higher authorities for review and, hopefully, approval, said Li.

“Technically, we in the industry have done our best and if backed by certain law or regulation, our efforts will achieve a better result, ” added Li.

Li advocates prudence for legislation, citing the example of the United States—the spamming situation in the world’s top spammer deteriorated several months after it passed the CAN-SPAM Act in January that legalized spamming (it must be labeled). As a result, they see spam sent from the country decreasing while that inbound soars as many spammers are moving operations overseas.

“Regulations regarding spamming in China are expected soon, though an anti-spam law will be in deliberation for quite a long time,” Li said.

As the Internet has no boundaries, spam fighters at home and abroad agree that international cooperation and legislation are needed in order to crack down on spamming and other forms of Internet fraud.

Tips for Individual
E-mail Users

• Be prudent when leaving your e-mail address on web pages as this increases the chances of being identified by certain software, which may sell the info to spammers. You can change “@” to “#” to deter this, though software can later update;

• Use e-mailboxes with spam filtering services that are provided by some free e-mail services like Yahoo. Many other such services exist for which you must pay a fee;

• Report junk mail addresses to webmasters, which helps e-mail providers improve their filtering services. Merely deleting junk mail will not resolve the source of the problem;

• Be suspicious of e-mails with unclear addresses or domains. In fact, it is recommended to delete them directly and do not reply. Unsolicited “replies” or titles you do not recognize are likely spam; and

• Be cautious of any e-mails with attached files. Never open or run these files directly before they are scanned with the latest anti-virus software. Free e-mail providers like Yahoo and Hotmail have auto virus scanning, while others may not.

Spam carrying a virus often has short, eye-catching titles (in English or Chinese) and brief content in order to cajole you into opening the attached file, which usually identifies filename extensions such as “.scr,” “.pif,” “.com” and “.exe.” The first three are typical of virus programs.

By Cai Jun

Tips for E-mail Service Providers

• Make sure there is Reverse Domain Name Service (RDNS) for each mail server. This enables anti-spam organizations to locate a domain name using the host Internet Protocol (IP) address, which avoids users from being mistakenly identified as having a dynamic IP address that sends spam;

• Put a hidden e-mail address (where the font color is the same as the background) on your website, by which you can catch and filter out spam;

• Reject e-mails from open-relay servers, which are vulnerable to spam, and use authoritative blocklists like the Exploits Block List (XBL) provided by Spamhaus, a real-time DNS-based database designed to stop spam from illegal third party exploits, including open proxies, worms/viruses with built-in spam engines and other types of trojan-horse tactics used by spammers;

• Limit the concurrent connection with an IP address or user;

• Limit the error rate in a unit period (e.g. one minute) to protect your server from a password attack or user list detection;

• Monitor bandwidth usage distribution daily;

• Check whether your IP is on any international anti-spam blacklist;

• Install content filters to protect from the most common e-mail viruses;

• Prepare a server outside China to work as a backup mail server in case all Chinese IP addresses are blocked by an anti-spam organization; and

• Provide an e-mail address for public complaints and be cautious of e-mail complaints from Europe or North America.

By Chen Shifeng