Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Spam The Internet Your Rights Online

Russia, China World's Biggest Spammers 435

An anonymous reader writes "According to this ZDNet article, The Spamhaus Project has warned that organised cirminal gangs in Russia are supplying U.S.-based spammers with details of compromised PCs that can be manipulated to send junk mail. According to Spamhaus director Steve Linford, the Russian gangs aren't constrained by any anti-spam or cybercrime laws in their home country and have no respect for legislation implemented in other countries. Also, apparently 70 percent of spam is sent from China by American spam outfits who in turn have hosting arrangements with Chinese ISPs."
This discussion has been archived. No new comments can be posted.

Russia, China World's Biggest Spammers

Comments Filter:
  • by TJ_Phazerhacki ( 520002 ) on Thursday June 10, 2004 @01:13AM (#9384557) Journal
    Maybe not completely relevant to the specific subject, but what is the best way to stop this?

    User end filters are a necessity these days, and even then, I still spend at least 15 min each day dealing with the spam. My personal box - No One else knows the address, it is for my own internal network purposes, is chock full of the stuff.

    What do other slashdot'ers do? What can we hope to see in the near future?

    • by YrWrstNtmr ( 564987 ) on Thursday June 10, 2004 @01:19AM (#9384580)
      Maybe not completely relevant to the specific subject, but what is the best way to stop this?

      Due to the global nature of the internet, the only way is to wait until the governments of China and Russia change due to public, internal pressure. Note that this may take some time.

      In the meantime, SpamBayes [sourceforge.net] might help.
      • by chimpo13 ( 471212 ) <slashdot@nokilli.com> on Thursday June 10, 2004 @01:36AM (#9384655) Homepage Journal
        Going after the money would be more effective. Sure, we can't go into China and Russia, but we can make life HELL for USA spammers. If we make it unprofitable here and send more of them to jail, that'll stop most of the jerks. Even if it's just Scott Richter that goes to jail, that'll put a major dent in the action.
      • by zangdesign ( 462534 ) on Thursday June 10, 2004 @01:47AM (#9384704) Journal
        The other method is to go after the advertisers who hire the spammers in the first place. Spammers are bottom-feeders, for sure, but if you cut off their customers, then you cut off their income.
        • by fdiskne1 ( 219834 ) on Thursday June 10, 2004 @06:55AM (#9385645)

          The other method is to go after the advertisers who hire the spammers in the first place. Spammers are bottom-feeders, for sure, but if you cut off their customers, then you cut off their income.

          I'm doing this with one spammer's customer right now. Since they are a legitimate company in my town, I have collected evidence that the spammers they do business with are using dictionary attacks, web page harvesting, and zombies. I've explained to them that all this is illegal and if any of my 20 email domains receives another spam from their business, all the evidence is going to the FTC for prosecution via CAN-SPAM. The law is far from perfect, but at least legit companies can be punished for breaking it. They are listening and reconsidering unsolicited commercial bulk email as an advertising route.

          I know, many people would say fsck it and just turn them in. I figure I'd be nice first. I've explained the consequences and I've convinced them I will follow through. If others out there live in the same city (not necessary, but it IS easier) as a legit business that is spamming, be professional and courteous, but make them wish they never spammed you.

      • Aren't you missing one important fact here? That most of the spam are promoting american products? This is a big like fighting drugs by throwing the addicts to jail and hitting small time street pushers. The only way to deal with this is to his the ones that profit big time - which are the ones trying to sell their products using these questionable means.

        Fact is if I look at my inbox - something like 95 % of all Spam promote questionable american products, 2-3 % is in russian so I don't even know what it promotes - and I have yet to see ONE spam mail that actually try to sell a Chinese product.
        • Lucky You.

          I get spam all the time, though not in great quantity. Maybe 5 a day, tops. But here's the kicker: They're all Chinese and Japanese.[/p][p]I have no clue what the chinese ones say, but they're encoded in the chinese character set. From what I can make out of the ones in Japanese, along with having a friend who can bumble her way through the language, I've gotten about 40 Emails over the past year from a Japanese Home Loan Company.[/p][p]I don't own a home.[/p]

        • Heh, your analogue about the war on drugs (which, in my opinion, is being fought just as you described, by harassing addicts and small time pushers) just awoke the conspiracy theorist in me.

          <tin foil mode>
          It's a known fact (among a certain crowd) that the CIA, contrary to common belief, is working right along with the Columbian cartels to get extra funding, ditto for Afghanistan (sans the cartels, and heroine instead of cocaine).

          Now I've just come to realize it must be the same with spammers. So inste

    • A simple solution to offshore spam would be to give users the ability to filter the originating mail server by allowed countries. The vast majority of my messages come from Canada and the USA, followed by a small number from Europe and South America. If I could tell my mail server to reject all but mail from my "usual" countries, I could avoid the Chinese mail bombs and bizarro unicode virus messages. The biggest prob I can see with this is offshoring - I recently started to get mail from an offshored IT
      • Seriously, how are you gonna stop a country? They can forge the envelope and From: field, they can use proxies and open relays. You'll never be sure where the message was REALLY from.
      • by 1u3hr ( 530656 ) on Thursday June 10, 2004 @02:43AM (#9384895)
        f I could tell my mail server to reject all but mail from my "usual" countries, I could avoid the Chinese mail bombs

        Thanks. It's people like you that block my mail (I live in Hong Kong) and make me have to use devious inconvenient methods just to send a normal message.

      • by AtomicBomb ( 173897 ) on Thursday June 10, 2004 @02:48AM (#9384912) Homepage
        As many around here have pointed out, the bulk (80%) of the spam are sent by compromised cable/DSL machines. In other words, even if you can find the IP the email is originated from, it offers no solution to you.

        The "70%" figure mentioned earlir on refers to the percentage of url embedded in the spam (e.g. the store for the V1a4Ga) that uses an IP from China... If you manage to instruct your spam filter to read inside the email main body, you may have a solution.

        On the other hand, I don't think it will be a long lasting solution.... If spammers can send spam thru compromised machine, they should be able to web host their site thru a compromised machine...

        • by arivanov ( 12034 ) on Thursday June 10, 2004 @03:03AM (#9384966) Homepage
          They already do. If you try to trace the websites in "cheap oem software offers" you will notice that they are in fact compromised machines on DSL and cable spread around the globe. The last sample I followed was in US, UK, France, China and portugal and a name server doing load balancing in the US. Registered by a russian company. This about says it all...
        • by KalvinB ( 205500 )
          I filter based on those.

          Current List of Domains [icarusindie.com]

          At the time of this posting it's at 2209 domains. In a day or so it should go up several dozen when I do an update.

          It's the only thing in a spam that can't be obfuscated or it simply won't work. At best they can do one to one character codes. Occasionally a spammer will try to be clever and request the user copy and paste the link into their browser. I tend to catch those when I examine what got through but the pay off from those is probably so low tha
        • by cjsnell ( 5825 )
          It's not hard at all to block these cable/DSL/dialup hosts from sending you mail. Here's what I use:

          1) A filter that looks for hostname patterns that look like consumer internet connections (DSL/cable/dialup):

          [note: these are in Exim lookup-table syntax]

          \N^(dsl|cable|adsl|dialup|docsis|pool|ppp|clien t |c lient2).*$\N
          \N^.*\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3} .*$\N
          \N^c\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\..*$ \N
          \N^[sShH]\d{3,}.*\.[a-z][a-z]\.shawcable.net$\ N
          \N^.*\d+\.charter-stl.*$\N

          2) Next, you block known
    • by halowolf ( 692775 ) on Thursday June 10, 2004 @01:45AM (#9384693)
      While end user filters are a necessity, they should be the last line of defense, because by the time the SPAM has reached you, it has stolen the bandwidth, CPU cycles and disk space to get there.

      I currently sit in the "email itself must change" camp to fix the problem of SPAM. Of course its an impractical camp to sit in at the moment, but things are moving along slowly.

      I can't see that addressing the problem of SPAM on an international law basis is going to yield any results in the near and not so near future.

      Just random opinions on my part...

    • by pe1chl ( 90186 ) on Thursday June 10, 2004 @01:57AM (#9384739)
      The best way is to make sure this way of advertisement of your services is illegal in the USA, and actively go after those that still do it.

      90% or more of all SPAM advertises a product or service in the USA. While it may be difficult to track the spammer, it should be simple for law enforcement agencies to track down the actual advertiser.
      I cannot imagine one would not be able to find the guy who offers you a low-interest mortgage, for example. Make him go out of business. Then his competitors will no longer spam.
      Same for the sale of unlicensed health products.
      • by TiggsPanther ( 611974 ) <tiggs&m-void,co,uk> on Thursday June 10, 2004 @04:44AM (#9385269) Journal
        The best way is to make sure this way of advertisement of your services is illegal in the USA, and actively go after those that still do it.

        This idea seems so obvious, and so potentially effective. So why won't the governments (or whoever else has the authority to do so) do this?

        What I'm guessing contributes to it is two simple facts.

        1. Companies pay taxes.
        2. Knowing where to draw the line between what is Spam and what is legitimate advertising.

        The first I'm guessing in itself is only a very small factor. But when a billion-selling company pays its taxes, then you want to be very sure they're not legit before pulling the plug or slapping them with hefty fines.

        The main problem is the second. A great deal of mail is easily flagged as Spam. A great deal of mail (including some advertising) is definitely legit. The difficulty is that there is also mail all across the scale.
        Too relaxed and you don't block enough Spam, people still complain, and there's enough leeway for the Spammers to adjust tactics to stay in the "grey areas".
        Too restrictive and you run the risk of arresting/fining/whatever people who were sending mail that in that case was totally legit. And in the current knee-jerk sue-em mentality, that could be a bad move to make.

        You could make it illegal to advertise certain product types over the internet, but again this could easily meet corporate resistance.

        Now banning advertising would be cool. But that's only in my personal opinion, and highly unlikely to ever happen. Besides, even I understand that sometimes advertising revenue is important - even though I perosnally hate seeing adverts anywhere I go.

        I guess that the Follow the Money idea is one that although would be the msot effective, is also the one with the biggest legal minefield.

        Tiggs
    • Target the people who are using this form of advertising>. A cruise missile through the bedroom window would work!

      Or maybe the Mafia might be persuaded to act in the public interest. A horse's head in the bed can be very persuasive.

      Alternatively, a visit from "men in black" to apply "cruel and inhuman torture" would be justified. There are "freelancers" who are quite skilled at this sort of thing available for relatively small sums of money and the government could fall back on "plausible deniability" a

    • by dilvish_the_damned ( 167205 ) on Thursday June 10, 2004 @02:47AM (#9384908) Journal
      Even if you never publish your address, people you send to may do so inadvertantly by way of forwarding. Also, we have seen an agressive amount of username probing at our mail server, people cultivating valid email addresses dictionary style. If your email name prefix is common enough, then its not too suprising you get spam.

      As a solution at my workplace, we deployed dspam at the mail server about 7 weeks ago. At first I was discouraged at the results so much that I thought I had made a worthless call. Gradually I saw improvment and now it is running at about %99.7 accuracy. I get something over 200 spam a day into my account. I now see about one spam in my in box every three or four days, the rest go into my spam folder. Our other users found the system to be far better than I did, faster learning even. One user reported near pefection in about a week, he gets 10 spam a day. Except for one user (but there is one in every croud), it has nearly fixed the spam problem at our orginization.
      I expect this to be a more realistic and permanent solution far beyond what legislation will ever do to inhibit spam from using my time.
      I mean, other than right now.
      1. ISPs (and any other business that gives a workstation a "real" IP address) need to block egress port 25. Comcast [arstechnica.com]is going to be doing this soon, others should soon follow suit. This plugs the zombies.
      2. IP addresses that continue to send spam will be blacklisted [openrbl.org]. With the zombies effectively out of the loop this will become easier (albeit never quite perfect).
      3. SPF [pobox.com] and other authentication schemes need to be adopted to prevent "spoofing" and so called "Joe jobs [everything2.com]".
      4. E-mail providers (including small companies) need to deploy mature e-mail systems for their users. In 1995 it was fine to accept e-mail from anyone on port 25, with no authentication and no encryption. In 2004, remote clients need to have an SSL connection available (both for sending mail and accessing inboxes), and must require authentication before accepting initial mail submission (SMTP+TLS+AUTH). Not only is this more secure, but it also addresses the issues always raised by blocking egress port 25 and deploying SPF.
      Once these techniques and practices be come commonplace, it won't matter if spam originates from lawless areas of the world. Existing laws against fraud (and other illegal business practices) will cover the extreme efforts that will be necessary to continue spamming.

      Appendix:
      SMTP+TLS+AUTH is not that tough, no whining. All modern mail clients support it, on all platforms. There is a little bit of work to do on the server end, but that's what you pay your ISP (or IT department) for:

    • by 1u3hr ( 530656 ) on Thursday June 10, 2004 @03:32AM (#9385036)
      Most appear not to have read even the summary here, let alone the article. Let me draw your attention to: "organised cirminal gangs in Russia are supplying U.S.- based spammers with details of compromised PCs"> Aside from the atrocious spelling, note that the spam relays are "compromised PCs", probably mostly in the US. So geographical blocks aren't going to stop them. One part of the problem that could and should be fixed is to prevent the "compromises". I suppose these are email "click me and see a movie star's tits" trojans, or maybe more devious direct probes into Windows. In both cases there are simple solutions. Though we'd like to say "DON'T USE WINDOWS YOU MORONS", it will take a while for that to come to pass. But otherwise, a basic firewall and anti-virus, both available free, will prevent almost all these attacks, regardless of patching the OS, and thus reduce the number of zombies.
  • 70% from US? (Score:5, Insightful)

    by westendgirl ( 680185 ) on Thursday June 10, 2004 @01:14AM (#9384561) Homepage
    If 70% 70 percent of spam is sent from China by American spam outfits, wouldn't that make the US the biggest spammer?
    • by Anonymous Coward
      If 70% 70 percent of spam is sent from China by American spam outfits, wouldn't that make the US the biggest spammer?

      That's exactly what it is, only we in the U.S. like to outsource everything we possibly can--tech support, call centers, software development--and that now includes everyone's favorite e-mail marketing substance, SPAM.

      Outsource! It's the trendy thing to do!
    • Re:70% from US? (Score:3, Insightful)

      by NanoGator ( 522640 )
      "If 70% 70 percent of spam is sent from China by American spam outfits, wouldn't that make the US the biggest spammer? "

      Perhaps. But the solution is still in Russia and/or China.
    • May as well just block everything apart frmo 127.0.0.1, no wait I'm infected to ..

      Rus
    • by Anonymous Coward on Thursday June 10, 2004 @07:31AM (#9385801)
      Dmitri: So Vladimir, whatever area do you specialize in these days?
      Vladimir: Smuggling, my friend. Vodka, narcotics, humans... If it can be smuggled, chances are I smuggled it some time...
      Dmitri: Sounds good, how about you, Ivan?
      Ivan: Weapons trade, of course. Got a few good high-up friends in the Red Army that are willing to relinquish some surplus material to me at a good price, which I sell in Africa and the Middle East.
      Dmitri: Good to hear you two are making a nice profit.
      Vladimir: How about yourself?
      Dmitri: I rent out hundreds of cracked computers to US based companies.
      Ivan: ...
      Vladimir: Dmitri, you suck.
  • by Infonaut ( 96956 ) <infonaut@gmail.com> on Thursday June 10, 2004 @01:15AM (#9384562) Homepage Journal
    It's the damned Columbians making all that cocaine! The friggin' Afghans are selling opium again!

    Evil Russian spammers! Chinese spammers want to take down America!

    And yet, in both cases there is plenty of demand from within the States. If it ain't rich kids experimenting, it's poor kids escaping with drugs from South America or Asia. If it's not a "bulk emailer" in California, it's a "clever marketer" in Florida sending millions of unsolicited email via servers in Russia or China.

    • in both cases there is plenty of demand from within the States. If it ain't rich kids experimenting, it's poor kids escaping with drugs from South America or Asia. If it's not a "bulk emailer" in California, it's a "clever marketer" in Florida sending millions of unsolicited email via servers in Russia or China.

      I'll connect the dots:

      Demand for spamming services is akin to demand for illegal drugs, in that demand from the United States fuels supply from other countries.

    • Oh get off it (Score:4, Insightful)

      by Sycraft-fu ( 314770 ) on Thursday June 10, 2004 @05:11AM (#9385339)
      This is simply presenting more of the story. SPAM is an international enterprise. Most of the instigators are here in the US, as are most of the compramised computers. However it sounds like from this and other articles is that much of the hacking work is being done by criminal syndicates (huge shock there) and that most of the websites the spammers are setting up are in China.

      This does NOT mean that the domestic spammers are being ignored. One has already been convicted, Microsoft and Time Warner are suing a bunch more, and the justice department says it is prepping 50 criminal cases under teh new SPAM law. This was all announced on /., if you bothered to read it.

      Quit with the anti-American bullshit. Yep, the problem is here. We know, we finally have a law for it, though not as strong as we'd like, and the wheels are in motion. Doesn't mean that the US is solely responsible. I do not at all think it is unreasonable that Chinese hosts should show the same standards demanded of US hosts in not hosting SPAM sites.
    • >And yet, in both cases there is plenty of demand from within the States.

      In my case [kandent.com], only 1/4 of my spam was in English. I know a few hundred foreign words, but none in Russian or any Asian language. It seems pretty far-fetched that Americans could be creating demand for this type of spam.

      Also interesting is that reporting spam did not decrease the quantity of foreign-language spam.
  • by drfrog ( 145882 ) on Thursday June 10, 2004 @01:15AM (#9384565) Homepage
    to see them embrace captialism so readily

    we should be proud!
  • Well, technically (Score:5, Insightful)

    by dedazo ( 737510 ) on Thursday June 10, 2004 @01:16AM (#9384570) Journal
    The US is the largest spammer in the world. Russia and China would be the largest spam relays.

    That title is wrong.

    • by 1u3hr ( 530656 )
      The US is the largest spammer in the world. Russia and China would be the largest spam relays.

      If Americans thought the same way about guns, they'd ban them. But they say "guns don't kill, people kill". Spam relays don't spam, people (most of them Americans) spam.

  • by ForestGrump ( 644805 ) on Thursday June 10, 2004 @01:16AM (#9384572) Homepage Journal
    Russia for mafia controlled zombies
    China for high quality spam warez
    Africa for business relations about that recently deceased relative.

    GOT IT!
    -Grump
  • Bullshit (Score:5, Insightful)

    by autopr0n ( 534291 ) on Thursday June 10, 2004 @01:17AM (#9384574) Homepage Journal
    Headline should read, US Spammers using services of Chinese ISPs, Russian mob. The Spam originates here, and ends up here. The vast majority of Spam is in English, and targeting an American audience.
  • by rstidman ( 711726 ) on Thursday June 10, 2004 @01:17AM (#9384575)
    President Bush just outlawed China forever. We start bombing in five minutes.
  • by alanw ( 1822 ) * <alan@wylie.me.uk> on Thursday June 10, 2004 @01:18AM (#9384576) Homepage
    in this posting [google.com] to news.admin.net-abuse.email, Steve makes a couple of corrections to the article:
    > Linford also told the conference that some 70 percent of spam is sent
    > from China by American spam outfits who are hosting their servers with
    > Chinese ISPs.

    That should say: "70% of spam advertises URLs hosted in China" (not "is
    sent from").

    ...

    > Unless things change drastically, we predict that 80 percent of
    > email will be spam by December this year, and it's very likely to go
    > to 90 percent by this summer," Linford warned.

    That should of course say "next summer".
  • by ImpTech ( 549794 ) on Thursday June 10, 2004 @01:18AM (#9384579)
    Seems like every day we have a story about such-and-such is the biggest cause of spam. In fact, I bet we've accounted for at least 400% of spam with all these stories combined.

    If these trends continue, I'm afraid that one day soon I'll check slashdot and find out that 97% of all spam is coming from my IP.
    • Yeah, I wonder what percent of the Russians and Chinese who generate 70% of spam are using the Windows zombie machines [slashdot.org] that distribute 80% of spam?

    • If 97% of the 400% of spam comes from your IP, then you are only responsible for 24% of the total spam.

      And, likewise, if there is only 400% spam quantity, and you are responsible for 24% of it, that is only 6% of the total spam.

      Continue extrapolating, and you will quickly see that you are not responsible for any spam whatsoever.
  • That old bone song.. (Score:3, Interesting)

    by TidyKiller ( 786958 ) on Thursday June 10, 2004 @01:20AM (#9384584)
    It's interesting how the Russian Mafia is helping American Marketers take advantage of Chinese Equipment. My question is: How involved are the actual Chinese people? Are they all victims of circumstance, or are they helping in some way?
  • "Also, apparently 70 percent of spam is sent from China by American spam outfits who in turn have hosting arrangements with Chinese ISPs."

    Really? That contradicts this story [slashdot.org] posted just two days ago:

    The Register is reporting a study by Sandvine.com that blames Microsoft Zombies for 80% of all spam.

    So which is it, then?

  • by osobear ( 761394 ) on Thursday June 10, 2004 @01:24AM (#9384604) Homepage
    There was just an article [slashdot.org] on how it was infected windows PCs.... and I remember everyone assuming that it was PCs here, so are we talking about Windows in China, now? How do you plan on education in that case?
  • by SJrX ( 703334 ) on Thursday June 10, 2004 @01:25AM (#9384615)
    You know in the past month I have seen that 80% of Spam is caused by infected PC's in Windows. That 80% of Spam comes from China. That 70% come from Russia and China. That the US accounts for 60% of Spam. That Eastern Europe Accounts for 60% of Spam. So from this I know that there is 80+80+70+60+60= 350% Spam. This also tells me that Russia accounts for Negative 10% of Spam. Don't believe me, take this The Reg Story, http://www.theregister.co.uk/2004/06/04/trojan_spa m_study/, This one, http://www.theregister.co.uk/2004/05/25/spam_delug e/ and thats just El Reg. The only conclusive thing I have been able to determine is that these stories are worse than spam, not only are they useless, but we actually read these stories.
  • another... (Score:3, Interesting)

    by abscondment ( 672321 ) on Thursday June 10, 2004 @01:26AM (#9384617) Homepage

    another possible explanation of this is illegal copies of Windows.

    I was recently talking with a friend from hong kong; he mentioned that virtually no one buys legitimate copies of software because it's more expensive and less readily available.

    he also said that users and companies using pirated software don't update it for fear of legal action--hence the huge number of zombies.

  • New laws (Score:3, Insightful)

    by Claire-plus-plus ( 786407 ) on Thursday June 10, 2004 @01:30AM (#9384635) Journal
    The USA is quite obviously the source of the spam. It is up to the USA to legislate in some way to stop the flood of spam that is hurting people all over the world. The real question is: how do you stop the spam when it is being sent from countries like China where the USA has no power to arrest spammers?

    Well I think I have a possible solution and it can be illustrated by a case study. In Australia we had an international Paedophilia problem, Paedophiles were travelling to countries like Thailand where sex with children was not illegal and thus were not getting arrested. The solution that was eventually found was new laws whereby anyone who broke Australia's anti-paedophile laws could be arrested no matter where the offence was enacted. Offenders were met at the airport by police and arrested for crimes in other countries and the problem of "paedophile sex tourism" was solved.

    My Solution to spam is similar. The USA needs to pass laws allowing them to track down the companies and individuals that are using the Chinese spam services and arrest them. Make the law such that sending spam is illegal no matter which country it is sent from. The spammers might get so scared they will stop Spamming
    • NEXT! (Score:5, Funny)

      by humankind ( 704050 ) on Thursday June 10, 2004 @02:11AM (#9384784) Journal
      The USA is quite obviously the source of the spam. It is up to the USA to legislate in some way to stop the flood of spam that is hurting people all over the world. The real question is: how do you stop the spam when it is being sent from countries like China where the USA has no power to arrest spammers?

      Hey, what a brilliant idea. We currently have only a hundred or more [spamlaws.com] anti-spam laws across the world, most in the US. Let's pass a few more. I am certain that when we pass the 500 anti-spam law mark, spammers will suddenly start to cower in their boots and realize that 500 anti-spam laws that aren't being enforced or have no legal/civil/criminal teeth are a formidible obstacle to overcome!
      • Re:NEXT! (Score:3, Insightful)

        by aXis100 ( 690904 )
        Surely the easier solution is to charge the companies who are advertising their products via spam, not the elusive spammers themselves. Two good reasons are:

        1) The spam obviously has to have a link back to the vendor in order to make sales.
        2) If there is no demand for it, spam will stop.

  • The Russian mafia (Score:5, Insightful)

    by drgonzo59 ( 747139 ) on Thursday June 10, 2004 @01:34AM (#9384645)
    That is the other (electronic) Russian Mafia. Unlike the dumb Italian teamstears who beat people with baseball bats, some of these guys are very skilled and intelligent. The counterparts of many American geeks in Russia couldn't find a well paying job, have plenty of time, and nowadays on the Internet, they have access to all the technical information they need on any subject. They will use the best asset they have, their brain, to make money or build recognition for themselves. And the way the laws are shady there they think they can get away with anything as long as its online. If spam will make a couple of hundred rubles - they'll get into spam, if they can extort money from banks by compromising their webservers, they will do that. How do I know all this? I grew up in those part and still visit friends and family once in a while...
    • Unlike the dumb Italian teamstears who beat people with baseball bats

      Hey, You're leaving the mobsters from the USA out of that.

      Sin-cerely,

      Jimmy Hoffa
    • Re:The Russian mafia (Score:4, Informative)

      by 21mhz ( 443080 ) on Thursday June 10, 2004 @03:39AM (#9385066) Journal
      The counterparts of many American geeks in Russia couldn't find a well paying job
      Yeah, cry me a river. At least in major sities, this is not the case. The definition of "well paying" may vary, but we're talking about Russian standards here. It's more like the employers can't find adequate geeks to man the jobs.
      In small shitholes, it can be tougher (what country has it the other way?). But nothing really prevents people from moving anymore.
      The bottom line is: these people have deliberately chosen to be scumbags.
      • Re:The Russian mafia (Score:4, Informative)

        by drgonzo59 ( 747139 ) on Thursday June 10, 2004 @11:20AM (#9388327)
        I will have to disagree with you. It is not always true that in even in the major cities you can find computer related jobs. Sure you can clean the street or even work as a waiter, but I was talking about computer jobs, anything hardware or software. There are some very good software firms in Russia and ex-Soviet republics but computers are still not as pervasive as they are in US or Western Europe. That is another reason why so many of them leave and I am one of them. And as far as nothing preventing people from moving, you forgot, we are talking about Eastern Europe here, you can't just pack your bags and move to America or Europe, you gotta go through a lot to get a visa and be allowed to come in those other countries.
  • by alanw ( 1822 ) * <alan@wylie.me.uk> on Thursday June 10, 2004 @01:37AM (#9384658) Homepage
    The soon-to-be-released Spamassassin 3.0 will have the URIBL_SBL test. This will test the IP address of domains referenced in the body of the spam against lists of known spammer hosts. This will reliably trap all of the 70% of spam that advertises web sites hosted in China.

    http://www.spamhaus.org/sbl/howtouse.html [spamhaus.org]
    http://www.spamassassin.org/full/3.0.x/dist/rules/ 25_uribl.cf [spamassassin.org]

    • The soon-to-be-released Spamassassin 3.0 will have the URIBL_SBL test.

      It's due out around the end June, assuming no major glitches in the code, etc. I've been testing the URIBL_SBL rules with the current version, and after a little messing around to get it working have found that it works very well indeed. It's definitely worth looking at the upgrade if you are currently running a vanilla version of SpamAssassin. IIRC, version 3.0 will also be adding support for Spamhaus' XBL list, which lists the hos

  • I -never- expect to get ligitimate mail from Russia (though I have a friend in China). I run my own Postfix mailserver and SpamAssassin. Does anyone know how I can completely block out Russian IP addresses from sending mail to me?

    Thanks! (and yes, I know that it won't solve all my spam problems)
    • russia.blackholes.us, of course:
      # DNS based IP address spam list russia.blackholes.us
      R$* $: $&{client_addr}
      R$-.$-.$-.$- $: <?> $(dnsbl $4.$3.$2.$1.russia.blackholes.us. $: OK $)
      R<?>OK $: OKSOFAR
      R<?>$+<TMP> $: TMPOK
      R<?>$+ $#error $@ 5.7.1 $: Mail from $&{client_addr} rejected by russia.blackholes.us
  • Oh no! (Score:5, Funny)

    by YeeHaW_Jelte ( 451855 ) on Thursday June 10, 2004 @02:18AM (#9384805) Homepage
    "According to Spamhaus director Steve Linford, the Russian gangs aren't constrained by any anti-spam or cybercrime laws in their home country and have no respect for legislation implemented in other countries."

    Criminals with no respect for the law! This world is surely going to the dogs!
  • Spam (Score:2, Funny)

    I have gotten quite a bit of spam that is actually written in Chinese. I don't think I have gotten any spam in Russian. I actually got a piece of junk mail that I thought was funny once. The subject was "Hard times ahead!" and I thought it would be about saving money, but it was for viagra or something.
    • Re:Spam (Score:3, Funny)

      by Guy Harris ( 3803 )

      I don't think I have gotten any spam in Russian.

      I have, although it's more obvious when reading it with Mail.app on my Mac at work than with Mutt on my machine at home - it shows up in the Cyrillic alphabet in Mail.app but not in Mutt in my boring old ISO 8859-1 xterm.

      Messages in various Chinese/Japanese/Korean encodings look, when viewed by software assuming ISO 8859-1 encoding, like a different form of noise than messages in Cyrillic script, so you might be able to reconize Russian spam that way as well

  • I thought water wasn't actually very wet, due to a lot of surface tension, or something?

    I hope there's no -1 Pedantic moderation category...

  • by ffsnjb ( 238634 ) on Thursday June 10, 2004 @02:37AM (#9384866) Homepage
    I implemented some new spam fighting techniques last night. The most effective one from logs since implementation was making HELO checks mandatory in Postfix. If the sending client doesn't submit an EHLO response, Postfix rejects the client. Since this happens before message transmission, it seems that not nearly as much bandwidth is being used (haven't verified that yet.) I'm surprised this isn't on by default in Postfix, but it sure is funny to see all these hosts rejected. None of them even resolve, there's no way that it's legitimate mail. If it is, too damn bad.
  • Wrong headline (Score:5, Insightful)

    by 1u3hr ( 530656 ) on Thursday June 10, 2004 @02:40AM (#9384880)
    The headline is "Russia, China World's Biggest Spammers". The text says "organised cirminal gangs in Russia are supplying U.S.- based spammers with details...". The SPAMMERS ARE AMERICAN. The spam is mostly from Americans, to Americans. The solution is in America. Don't fuck up the whole world's Internet because you can't work out how to stop the 100 guys in Boca Raton who send most of the spam.

    PS "cirminal": Jesus, Timothy, you're actually paid to edit this?

    • by bani ( 467531 )
      how would the whole world's internet be fucked up because east european virus authors get arrested?

      they are after all, writing viruses on contract to american spammers. if these criminals get arrested, how exactly is that a negative impact on the rest of the internet?
    • The text says "organised cirminal gangs in Russia are supplying U.S.- based spammers with details..."

      I know I'm repeating myself, but, we have to make sure that headline appears in the "mainstream" media, not just in places that only us geeks look.

      Joe 6 pack needs to be routinely reminded that "spammers=criminals", and "buying from spammers=giving money to the Russian Maffia".

      I think those of us who are familliar with the problem, need to take the initiative to contact our local media and help them und
  • by CHaN_316 ( 696929 ) on Thursday June 10, 2004 @02:48AM (#9384915)
    Did anyone see that awesome interview with Scott Richter [slashdot.org] (spammer overlord) on the Daily Show? It was so hilarious. He calls himself a high volume e-mail deployers that send useful services to people.

    The best is when they posted Scott's e-mail address on national TV, which is: scottrichter442@yahoo.com

    This site here [ahved.com] has the video available of that Daily Show clip. Please try not to slashdot the site, maybe someone setup a mirror or something.
    • I saw that too. What a turkey.

      "Is it ok if we show your email address on screen?"
      "I'd rather you didn't." (as scottrichter442@yahoo.com flashes several times...:)

      A couple of weeks ago, the Aunty Spam [aunty-spam.com] blog did an interview with Scottie. Very evasive answers. I had a little back and forth dialog with him in there. (scroll about 1/2way down)
      Very enlightening as to his mindset.
  • spam stats (Score:5, Informative)

    by humankind ( 704050 ) on Thursday June 10, 2004 @02:49AM (#9384917) Journal
    Some analysis of my rejected mail logs over the last 24 hours revealed this:

    Total rejected spam: 16235 (and 8178 accepted messages)
    Confirmed Chinese spams: 1229
    Confirmed Korean spam: 1414
    Confirmed Canadian spam: 264
    Confirmed Polish spam: 342
    Confirmed US/comcast spam: 1363
    Confirmed French spam: 181
    Confirmed Southwest Bell spam: 382
    Confirmed Italian spam: 114
    Confirmed Spanish spam: 167 (TDE must have finally gotten their act together)
    Confirmed German spam: 967
    Confirmed Netherlands spam: 452
    Confirmed Brazillian spam: 864

    This is by no means a scientific analysis - it's based on hard-coded IP-based blacklists that are caught before standard blacklists are checked.

    Spamcop RBL rejects: 5460
    Spamhaus RBL rejects: 1509
    Njabl RBL rejects: 1807
    Homebrew RBL rejects: 6382

    The big three spam sources have traditionally been Korea, China and Brazil. Comcast has been the big US spammer. France (wanadoo) has also been a major contributor though it doesn't seem to be reflected in this days' logs.
  • by Daedius ( 740129 ) on Thursday June 10, 2004 @03:10AM (#9384980)
    People want an open public form of communication, but are unwilling to accept email from people they don't want to hear. I think its interesting that people expect others (i.e. government) to go after these individuals in the hopes that it will put an end to all unwanted email (especially when the individuals are in other countries). If you sat down in the middle of times square, do you think its fair to expect people to stop yelling, the cars to stop honking, cellphones to stop beeping, or the people to stop shuffling past you? The truth is, you will always get unwanted email if you aren't going to actively manage what email gets to you. Do you ever get SPAM from IM? No. The reason why is because you have actually personally networked who you want to talk to and eliminated all others. I believe the future of email communication will be based around a networked process of individual/group permissions. Till that day, people are going to be lazy, unhappy, and wishing for something impossible -- that SPAM will end if they do nothing.
    • it's not about individuals we dont want to hear. it's about artificial entities we dont want to hear. people merely want what they also have in the offline world: commercial messages should be regulated. ads on tv are regulated. ads in newspapers are regulated. bulk snailmail is regulated.

      be aware that commercial messages by companies do not fall under freedom of speech (or at least not in my country. freedom of speech is only for people.)
  • ok.. (Score:3, Interesting)

    by TheHawke ( 237817 ) <rchapin AT stx DOT rr DOT com> on Thursday June 10, 2004 @07:16AM (#9385725)
    Since it seems that foreign ISP's are in league with organized crime, then i'd say that this is a threat to national security. Therefore, I recommend that all TLD providers remove all references of the suspect ISPs from their databases, including blocklisting their POPs and SMTPs.

    It'll be a double-edged sword, I know, but in this matter, it'l hurt them more than the rest of the world. Boycott and Blacklist all *.ru and *.cn servers until this matter has been settled.
  • by Lord_Pain ( 165272 ) on Thursday June 10, 2004 @08:22AM (#9386101)
    Why are we not punishing the fools who hire these spamming bastages to promote their business?

    After all if the source of the spammers income dwindles then they wither. Perhaps I'm being overly simplistic.

  • by Ummagumma ( 137757 ) on Thursday June 10, 2004 @09:20AM (#9386736) Journal
    I just installed an anti-spam appliance yesterday. So far, over 80% of the Spam that is blocked has come from DSL and Cable lines, presumably from compromised machines.
  • by $criptah ( 467422 ) on Thursday June 10, 2004 @09:47AM (#9387114) Homepage

    As somebody who lived on the territory of the former USSR, I am not surprised that the majority of spam arrives from Russia and that kiddie pr0n sex rings are linked to companies in Belarus. Why does that happen? Well, compared to the United States those countries have virtually zero law enforcement and high levels of corruption.

    Even with Vladimir Putin, Russia still lags behind in terms of law enforcement when it comes to protecting human rights, technology, women, children, etc. When I traveled across the republicts of the former USSR I was surprised by the amount of counter-theft goods that one could get through local flea markets. You can get CDs full of the latest software, like 3D Studio Max, for $2-3USD. If you get a several CDs, you get a discount. When you pop one of those puppies in your drive and read the instructions, they'll say "Please run a program called crack.exe in order to activate the product." Activation my ass. The same applies to DVDs, and brand-name products.

    According to my friend who travelled to China, that country is pretty much in the same spot. Yes, they are good at banning people from accessing forbidden sites. Yet at the same time you can to to a street market and purchase a fake "NorthFace" jacket for $20USD or less; In the states you'd pay up to ten times as much. Then there are corrupt politicians and cops who can close their eyes provided that you pay them a certain amount of money. With that in mind, it is not a surprise that China and Russia lead in spam.

    There is a lack of sync between technology and the laws that govern it in the countries that are not, well, *that developed* yet.

  • by Skapare ( 16644 ) on Thursday June 10, 2004 @10:12AM (#9387442) Homepage

    ISPs are a major part of the problem. They either know, or can know, that they have spammers and other criminals on board. Yet many do nothing about this because they would rather have the money spammers pay them. We need to stop peering with bad ISPs in every way we can.

    Those who whine about their mail not getting through because they are using one of these bad ISPs are also part of the problem. They need to stop encouraging their ISP to continue, and force the ISP to decide between good and evil. If there's another ISP, switch. If there's only one and it's because the government gives them a monopoly, then the government is the problem and they need to fix that. If there's only one and it's not a monopoly, then they need to start their own ISP (and not allow spammers, lest they also be cast into the deep pink cyber oblivion).

  • by jfdawes ( 254678 ) on Thursday June 10, 2004 @12:59PM (#9389845)
    Why is the article titled "China and Russia 'behind current spam deluge' when they are just the ISPs? It's Americans paying for it, so they are behind it.

    Of course, the lack of respect for US spam policy does not help the situation - but this is not surprising, given that the unstated rule of almost all American policy is "If you have enough money you can get away with whatever you like". (Note that this isn't "If you give me enough ..." you just have to have it)

    Selling junk to idiots, America's number one industry.

CChheecckk yyoouurr dduupplleexx sswwiittcchh..

Working...