NordVPN Promotion

Home / Blogs

Actions Required by Developing Economies Against Spam

BLACK FRIDAY DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]

My OECD paper on spam problems in developing economies is now linked from the OECD Anti-Spam Toolkit page, as part of section 8 of the Anti-Spam Toolkit (Outreach). This ZDNet article provides a reasonably good summary of my paper as well. I welcome comments and suggestions from CircleID readers.

Spam is a much more serious issue in developing countries as it is a heavy drain on resources that are scarcer and costlier in developing countries than elsewhere. This OECD paper outlines what developing economies can do to combat spam on their own, as well as various possible ways in which developed economies can contribute their expertise and resources to help developing economies fight spam. Here is an overview of these recommendations for developing economies against spam:

Putting in place technical solutions - The best possible solution that can be hoped for is that large amounts of spam that are sent to the ISP’s users are rejected at the ISP’s mail gateways and prevented from entering the ISP’s network. ISPs that do even basic filtering of spam on their MXs (Mail Exchangers, servers that handle inbound e-mail traffic for a domain) will see a tremendous drop in spam that reaches their customers’ mailboxes ? about 50% of the incoming spam can be filtered out using a very basic and easy to deploy set of filters.

Open Source software solutions - In developing economies there are several local and international initiatives that encourage the use of Free/Libre and Open Source Software (FLOSS) alternatives to expensive legal versions of non-free software.

Formation of CSIRTs and CERTs - Computer Security and Incident Response Teams (CSIRTs) or Computer Emergency Response Teams (CERTs), at the organisational, national and regional levels help organise an effective and efficient response to individual computer security incidents, widespread security vulnerabilities (such as the spread of a worm or virus) and incident co-ordination throughout the region.

Training of ISP personnel in security and spam handling - ISP personnel in developing countries are, quite often, comparatively less skilled, not because of an actual lack of knowledge, but because they may not be as well trained in issues specific to practical systems and network administration, and tend not to remain abreast of current trends in their field of work, such as by participation in mailing lists, newsgroups and online discussion forums on these subjects.

Anti-spam policy setting and enforcement for ISPs - ISPs must strive to discourage spammers from abusing their services to send out spam. Unfortunately, there is a strong perception among at least some ISPs that anti-spam policy enforcement teams are cost centres rather than profit centres, and that customers, even spammers, are valuable sources of revenue.

International co-operation, and the role of regional organizations - In the fight against spam as for other Internet issues, it is essential that we combine the relevant skills of various bodies to best effect, to maximize success.

International co-operation on an ISP to ISP level - ISPs in developing economies must integrate themselves further with their peers in other economies.

International co-operation at an industry and end-user level - Businesses must reach out to ISPs and ISP associations, associations of computer users, such as local PC user groups, as well as international organisations such as ISOC that have a worldwide presence and a focus on several ICT issues that are substantially congruent with other stakeholders in this issue.

Legislative and regulatory framework to deal with spam - Several countries have already called for the development of an international framework to fight spam. Some have even suggested the signature of a ‘Global MoU’ on spam, and possibly, in the future, something structured on the lines of the Berne Convention or the Geneva Convention. However, such instruments will take a very long time to put in place, and moreover would be rendered meaningless if not backed by a strong legislative and regulatory set of anti-spam measures at the national level, which would then allow international co-operation to be effective. Therefore, countries that have not done so yet must expedite the implementation of a comprehensive legislative and regulatory framework to deal with spam, as well as associated computer crime issues, such as hacking, forgery of e-mail headers or other information, etc.

User education - Massive and widespread public education and awareness campaigns, using simple and easy to understand material such as cartoon strips, posters and ads will be needed, preferably in the local language, as not many Internet users in developing economies are likely to be comfortable with English.

By Suresh Ramasubramanian, Antispam Operations

Filed Under

Comments

Suresh Ramasubramanian  –  May 30, 2005 3:49 AM

Here’s a direct link to the paper, in pdf format -  http://www.oecd.org/dataoecd/5/47/34935342.pdf

Mathew Varghese  –  Nov 12, 2005 2:05 AM

Stopping spam / virus / brute force hack attempts originating from specific IP blocks is very simple, if IP allocation agencies like ARIN, APNIC take the responsibility!

All that is needed is, when IP allocation agencies like ARIN / APNIC allocate IP blocks to ISP’s they should collect a security deposit. Then provide a simple web form interface to report IP misuse - the form should contain a field for IP and to another to paste the header of spam e-mail originating from the IP or log of brute force attacks originating from the IP etc.

Abuse reports can be processed automatically with simple parse algorithms and the ISP is sent an automated e-mail to check the IP address being misused. This will enable the ISP to contact the offending IP user and ask them to secure the system and stop the spam / virus issue. If the ISP does not respond and the number of spam reports cross a set threshold then the ISP is fined $10 this is a fairly low amount and the ISP can possibly collect this amount from the offending IP user.

A small fine of even $10 will have a cascading effect, nobody like paying fines! Users will start demanding more secure software from vendors and will hire experienced system admins to secure computers connecting to the internet.

Within 18 months of implementation spam and virus spreading through the internet will become very rare occurrence, anyone listening?

Suresh Ramasubramanian  –  Nov 13, 2005 3:28 AM

Damn. I wish it were that simple.

Start with finding an abuse reporting format that is machine parseable (http://www.mipassoc.org/arf/ is a start but its still useful only for provider to provider aggregation of reports and not for general use)

Then try to introduce RIR policy in this kind of situation.  The most that RIRs can (and generally will) do is to educate people and bring them together

But they dont have nearly as big a stick as you think they do.

Mathew Varghese  –  Nov 13, 2005 6:26 AM

http://www.mipassoc.org/about.htm

Registries
Registry services, like APNIC, ARIN and RIPE, assign entries into tables. They typically specify good practice for organizations assisting in the assignment process. However their scope is limited to the operation of the registries.

———8<———————————————————————

The above paragraph defines the problem…..

Origin of all IP address abuse (spam / virus / dos attacks) is because the IP allocation registries do not take the responsibility to ensure that IP address are not abused by the ISP’s (and their customers) to whom the IP blocks are allocated.

The only possible solution to fix IP address abuse is for the IP registries to take the responsibility.

It is *simple* for the IP registries like APNIC, ARIN and RIPE to implement a abuse reporting system and enforce compliance from ISP’s. All that is required is few servers to run the abuse reporting system and few staff < 10 per registry, to co-ordinate the effort with ISP’s. The cost of implementing the system can be easily added to the cost of allocating IP address blocks. The total cost will work out to be < $1 per IP address per year.

Suresh Ramasubramanian  –  Nov 13, 2005 7:07 AM

It is not as simple as you think it is.  However it is an interesting idea that you might want to take before arin / apnic at one of their meetings .. the best place to start with if you’re in India, would be the apnic open policy meeting which will be held at the next apnic (perth, feb 2006).

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

Threat Intelligence

Sponsored byWhoisXML API

New TLDs

Sponsored byRadix

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

NordVPN Promotion