Forgot your password?
typodupeerror
Spam Your Rights Online

Australia's Largest ISP Redefines Spam 304

Posted by timothy
from the don't-tell-all-your-friends dept.
cpudney writes "According to this article in NEWS.com.au, Telstra BigPond, Australia's largest ISP will monitor its customers' e-mails and suspend the accounts of users suspected of sending spam, viruses or denial-of-service attacks. Under changes to its Acceptable Use Policy, BigPond will investigate cable and ADSL Internet customers sending more than 20 e-mails in a 10-minute period, and BigPond management "may suspend the (user's) account while the customer is contacted" if they are suspected of sending spam. Previously, BigPond's definition of spam was held to be 400 messages sent over a 15-minute period and now it's changed to 20 e-mails over 10 minutes. Internet Society of Australia president Tony Hill said BigPond's new definition of spam was very restrictive and he was concerned the limit had been set too low for legitimate e-mail users."
This discussion has been archived. No new comments can be posted.

Australia's Largest ISP Redefines Spam

Comments Filter:
  • by Anonymous Coward on Wednesday December 03, 2003 @01:22AM (#7615856)
    That's going to make life fun for my parents who use Bigpond, and type all their emails offline.

    Log on, send 30 or so emails in 2 minutes, and log off.

    Then wonder why they can't email again next week.
  • by Cyno01 (573917) <Cyno01@hotmail.com> on Wednesday December 03, 2003 @01:23AM (#7615866) Homepage
    I hope they at least contact the user before shutting off service. I can think of many legitimate reasons to send 20 e-mails in 10 minutes. My adress book has many times that, and sending a CC to a fraction of my adress book would trip this.
  • by Josuah (26407) on Wednesday December 03, 2003 @01:25AM (#7615877) Homepage
    Why is BigPond trying to identify a spammer from just 10 minutes of traffic. Or even just 15 minutes? I would think it would be much better to have a metric like 1000 emails in a single day. Or 10,000 emails over a week?

    I can very easily go through 20 emails in 10 minutes just because I might be having one of those back-and-forth email conversations. I don't know if I could do 400 in a 15-minute period, unless I was running a mailing list (well, which I do, but that's why I use "personal" business ISPs).

    This sort of metric just seems extremely silly. Is someone putting pressure on BigPond, or is one of their executives being an idiot?
  • by charvolant (224858) on Wednesday December 03, 2003 @01:37AM (#7615962) Homepage
    This is going to be a bit of a problem for people running things like majordomo and so on from
    their home linux boxes.

    If things have been set up to use the ISP's mail servers as relays, which you might do to save on bandwidth, it's going to get sticky. (Or does one message with a trillion addresses count as one message?)
  • by Liselle (684663) * <{ten.ellesil} {ta} {todhsals}> on Wednesday December 03, 2003 @01:40AM (#7615985) Journal
    Might be over-reacting. I RTFA, and it's peppered with "mights" and "maybes". I'd wager that hitting the limit of emails in a certain time period is only going to make them put a magnifying glass on you for a while. They have access to enough information to ascertain whether you are sending legitimate emails or spam, that's for sure.

    As a side benefit, this will help them help their customers that get hit with email worms... some people may not even know they are spamming, no?
  • by JeffMagnus (133746) on Wednesday December 03, 2003 @01:41AM (#7615994) Homepage
    It's been reported that SpamCop is paying upwards to $30K / year for bandwidth as a direct cause of the continous DDOS attacks on it.

    The spammers are doing everything they can to squeeze the anti-spammers out. They use frivolous lawsuits (aka Mark Felstein and his porn spamming backers) or DDOS attacks that either knock the anti-spam resources off completely or increase the costs so that no hobbyist can run them.

    And while all this is going on, the law enforcement agencies are doing nothing to counter the clearly illegal acts of the spammers.

    And ISPs are doing NOTHING to reduce the number of zombies on their networks. So the DDOS attacks continue.

    Nice going.

    It's only a matter of time when someone (Al Queda?) will use the zombie network for something that will truly be noticed.

    Proletariat of the world, unite to kill spammers
  • by KD5YPT (714783) on Wednesday December 03, 2003 @01:45AM (#7616021) Journal
    I think they mean outbound mail. Not inbound. Inbound means you got spammed.
  • by Anonymous Coward on Wednesday December 03, 2003 @01:46AM (#7616023)
    I agree, if they kept the same ratio, and pushed it out to say 12 hours: ie: 1440 per half day.

    That would avoid people with occasional burst, while making it uneconomical to run a spam business.
  • by Eric_Cartman_South_P (594330) on Wednesday December 03, 2003 @01:53AM (#7616057)
    Who? People who type e-mails offline. People who have a bunch of messages in their Outlook or Mozilla "outbox" and then go online. Messages get sent and they get fucked under this new system.

  • Re:Stupid (Score:3, Insightful)

    by cyril3 (522783) on Wednesday December 03, 2003 @01:56AM (#7616077)
    A credit card with a $20,000 limit.

    Even if I was stupid enough to apply for one I don't think theres a issurer who's stupid enough to give me one.

  • by child_of_mercy (168861) <johnboyNO@SPAMthe-riotact.com> on Wednesday December 03, 2003 @02:01AM (#7616111) Homepage
    This isn't about stopping spam, serious spammers don't use their own accounts, they relay off others.

    What it will sneak through under the cover of Spam hysteria is the following.

    1) It will force budget business users onto more expensive corporate accounts.

    2) It will stop people batching their email correspondence to miminise online time which in turn will reduce peak load on telstra and also bring in more money.

    3) Less nasty but equally beneficient to Telstra it will allow them to stop worm riddled machines bogging down their email servers (Telstra are facing massive damages over the near collapse of their email infrastructure and associated business losses).
  • by MrLint (519792) on Wednesday December 03, 2003 @02:04AM (#7616127) Journal
    Come on guys, everyone knows what spam is. Its plain and simple. What this seems to be is a description of common behavior patterns of ppl who send spam. Thing is that this is going to have false hits. Filtering on content is really the only way to be sure (other thing nuking from orbit)
  • by halowolf (692775) on Wednesday December 03, 2003 @02:05AM (#7616131)
    Dear me! Since when has email actually been private...? I mean when I encrypt mine there is some security but the majority of mine still goes out plain text for the world to see...

    There are so many steps along the way to sending and delivering email that if you were concerned about privacy, then don't use email, or start encrypting it...

  • by the man with the pla (710711) on Wednesday December 03, 2003 @02:07AM (#7616135)
    I can tell you that contacting users before shutting them off is a very bad idea. It's very frequent that a user will have wrong contact info on file when you go to contact them...any time you try to wait to contact them you're almost always just delaying for the sake of somebody who knows nothing about their computer except that how to use word...for the sake of what! Notification == waste of time, 16 years experience agrees with me.
  • by Chanc_Gorkon (94133) <gorkon @ g m ail.com> on Wednesday December 03, 2003 @02:12AM (#7616158)
    This IS spam in my opinion. My favorite one is some friends that e-mail me the same thing over and over. Basically it goes like this...they see it, they send it, they forget about it then they send it again and repeat. Honestly...how many times do I have ot see sea life form the seal of the United States?

  • by Jeremi (14640) on Wednesday December 03, 2003 @02:28AM (#7616219) Homepage
    It's only a matter of time when someone (Al Queda?) will use the zombie network for something that will truly be noticed.


    Agreed. But fighting the spammers won't prevent that. The only way to prevent that is to secure the majority of on-line PCs so they can't be zombified.

  • by Bob9113 (14996) on Wednesday December 03, 2003 @02:32AM (#7616229) Homepage
    Is Telstra really excessively dumb? I would guess not, so let's suppose for a moment that they aren't.

    If they're not really really stupid, they might have thought: Gee, I wonder if there's any way to tell what's 3 standard deviations above the mean as far as peak mail sending rate is? Do we have, anywhere, a listing of all the emails that have been sent by our users? Preferably arranged in chronoligical order, with timestamps? If we had that, why all we'd have to do is a little grep and wc action, toss in some particularly ugly perl to aggregate the results, and we'd be able to figure out what normal is. From there, we'd be able to figure out what weird is. Once we know what weird is, we'll know which accounts we should take a closer look at.

    I've gotta think they figured that out. After all, they have to have figured out how to count the mails per minute per user to be able to implement this (and their former rule), right?

    Of course, it's possible they really are too dumb to look at their own server logs. Maybe they pulled this number out of some business weenie's ass during one of those catered lunch meetings in the big glass windowed room with the collossal oak table. If this is the case, then they'll get false positives by the cartload and they'll quickly be swamped in the acrid stench of their own foolishness.

    I find the latter a little implausible. Telstra may be a big evil monopoly, but I don't think they're a big evil imbecilic monopoly.
  • by Gavin Rogers (301715) <grogers@vk6hgr.echidna.id.au> on Wednesday December 03, 2003 @03:11AM (#7616345) Homepage
    This is probably common with all huge Telco ISPs the world over but I think that Bigpond themselves could do more to prevent tides of Spam originating from their customers... I think these mega ISPs have a "CPE" attitude that's left over from their Telco division - i.e. If it's beyond the equipment we provide - it's "Customer Premises Equipment" and we therefore, don't care.

    Bigpond could install heavy default firewalling (especially ports 80 and 25) to protect against people who install default operating systems with Christmas tree options or are infected with spamware so they readily become spam relays and force customers to use ISP provided gateway servers. Better yet, ask customers to knowingly switch off their ISP firewalling if they're providing a legitimate Internet service. (and therefore prove that they know what they're doing)

    The end days of open-slather unfirewalled broadband accounts for "Mum and Dad" Internet users is long overdue.

    The conspiracy theorists claim that because Bigpond charges customers per Mb for both incoming and outgoing traffic, they really don't care if their customers are open-proxy spam relays because they'll be hit with a bill for the traffic "they've" used at the end of it. That's probably extreme, it's more than likely that they just don't care or have the technical/human resources to do anything about it...
  • by ShadowDrake (588020) on Wednesday December 03, 2003 @03:39AM (#7616429)
    >Sending more than 20 email in 10 minutes The >first time you log on to a new account

    From: Joe.Blow@bigpond.com.au
    To: Entire Address Book
    Subject: New address
  • by Anonymous Coward on Wednesday December 03, 2003 @04:11AM (#7616495)
    pleasure of witnessing the worlds most anal retentive pedant in action.

    No, the pedants are the idiots who tried to puff up their egos and appear "educated" through using the moronic pseudo-Latin pseudo-word "virii" and who just got those overinflated egos punctured.

    Hint: if you're going to spread on airs by using the "correct" word, at least take the trouble to get it right.

    "Virii" indeed.
  • by WoTG (610710) on Wednesday December 03, 2003 @04:54AM (#7616643) Homepage Journal
    True. To me, this appears to be a way for BigPond to have some recourse in case a spammer decides to program his software to send 399 messages per 15minutes. There's no reason to expect it to be enforced very strictly, but like the rest of the AUP (at least the one from my ISP) it gives them some options in case there is "abuse".
  • by CComMack (570314) on Wednesday December 03, 2003 @06:06AM (#7616808)
    The more valid example is of people that compose off-line then send messages in a big burst. Except that local phone calls are a fixed price in Australia, so who still does this?

    People with dialup who want to keep their only phone line free for incoming calls.

    Yes, it's easy for those of us who have broadband (or, I suppose, those of us who don't get [m]any incoming calls,) to forget about the common hazards of dialup internet access. This isn't stone knives and bearskins; it's a legitimate choice being made by many people around the world who just want to get online and sample what the internet has to offer. A policy that has the potential to discriminate against legitimate customers like this needs to be used carefully, or maybe reworked.
  • by Anonymous Coward on Wednesday December 03, 2003 @07:02AM (#7616923)
    The question arises as to whether or not this is intruding in on not only invasion of privacy, but also a restriction of a medium that (for all intents and purposes) is to be "unlimited and unbridled." Granted I hate spam as much as the next guy, but the thing that bothers me is, will this cause a cascading effect in which will cause further restrictions elsewhere? For instance, many ISPs block certain ports that have been deemed "in use by P2P applications." This I find insane. I don't care if this is a noble cause, it violates 2 things (at least what is acceptable here in America)... "Unlimited" Internet, and invasion of privacay via e-mail monitoring.

    - Mr. S.R.
  • by rokzy (687636) on Wednesday December 03, 2003 @07:32AM (#7616984)
    no this doesn't help at all. the spammer can use the work around like you say, so it can only hurt innocent people.

    it shouldn't be about stupid arbitrary restrictions or conditions for all users, just about identification and elimination of offenders with no collateral damage.

Swap read error. You lose your mind.

Working...