March 04, 2002
Spamming the globe

From The USS Clueless comes this article about how China is upset that American and European Internet Service Providers (ISPs) are blocking email from China, Korea, and Taiwan to combat spam. Spammers routinely relay mail through servers in these countries because their own IP addresses have been blacklisted.

"The majority of the junk mail (is) not created in China, so why (should) they block mail from China?" said Zeng Xiaozhen, a professor at Jilin University in the northeastern province of Jilin. He said spam was a global issue and China should make a law to punish creators of junk e-mail.

If this quote is representative of official Chinese opinion, there's a real problem. See, the junk email is not originating in China (for the most part - more on this later), so there's not much China can do to punish the spammers. No, the problem is that the email is being relayed through China. This is exploiting an old way of sending email, from back in the days before everyone had access to DNS servers. If my domain had to send mail to yours but didn't know how to get there, I'd send the mail to an intermediate domain who did know where you were. This intermediate domain would relay the mail for me. Sometimes mail would go through multiple relays before it reached its destination.

Nowadays this is unnecessary, but a lot of poorly-configured mail servers still allow open relaying. This allows spammers to hijack these servers, using them to send their mail and/or to make it look like the mail originated there. There's absolutely no reason for this - it's well documented how to prevent this kind of open relaying. If these countries want to respected members of the Internet community, they need to start pushing their user base to clean up their act.

I deal with a lot of spam as part of my job. I do indeed see a ton of mail relayed through the .cn, .tw, and .kr domains. I also see a bunch of spam originating from domains registered in those three countries, some of which are simple .com and .net sites. If we didn't have affiliates all over the globe, I'd be happy to push for blocking most mail from them, but I cannot. I have no sympathy for any of their complaints.

Posted by Charles Kuffner on March 04, 2002 to Technology, science, and math