Jump to content
Sign in to follow this  
gwelsh

Is there any point to reporting Chinese web hosts?

Recommended Posts

I'd really like to hear if anyone knows of any evidence that the Chinese admins take action against spammers' web sites.

Thanks...

Share this post


Link to post
Share on other sites

Well . . . Spamhaus just recently succeeded in setting up an operations center in China -- Details Here.

And the reports do feed the SCBL.

Share this post


Link to post
Share on other sites

I guess Dick Cox is doing a good job/shaft to spammers, I am anxious to see some results!

Share this post


Link to post
Share on other sites
I'd really like to hear if anyone knows of any evidence that the Chinese admins take action against spammers' web sites.

Thanks...

That's actually too wide of a blanket statement. It wasn't that many months back that there was an individual posting in the newsgroups relating his experiences in trying to convince, instruct, and train other CHinese ISPs to "do the right thing" .. He was having some success.

There are some Chinese whitehat ISPs, some blackhat .. just as in the U.S. .... just as in Australia, just as in Canada, etc., etc. It's just the normal side effect that the spew comes from the ISPs that don't manage things well (ever heard of ComCast?)

Share this post


Link to post
Share on other sites

I can't get to it easily right now, but I got an answer from a chinese isp thanking me for the report and saying he took appropriate action and was anti-spam.

I saved it to see if I got additional spam from that IP address. So far I haven't (in a couple of months). That doesn't mean that I wasn't listwashed, but at least it was an answer that 'sounded' as if they were trying to become spamfree.

IMHO, it is only a matter of time.

Miss Betsy

Share this post


Link to post
Share on other sites

Thank you all for your replies, but... I think we're talking apples & oranges.

I'm not blaming the Chinese for having lots of exploited systems used to distribute spam, a la Comcast.

However, the vast majority of the spam I get advertises web pages hosted in China, and the reports go and go and go but the spam continues and the LARTs seem to have no effect.

I know that there have been other black hat ISPs, but I have never seen so many spamvertised sites remain seemingly unaffected for so long before, not when the spammers hosted in Costa Rica, not when they hosted in Romania, and not when they started hosting in Russia.

I get very frustrated when I see news items about the Chinese governemnt cracking down on spam by blocking mail from this spam source or that spam source but apparently ignoring the fact that many if not most of the web sites advertised are hosted in their own country and that, by permitting this, they are making life very cozy for the spammers.

Share this post


Link to post
Share on other sites
I get very frustrated when I see news items about the Chinese governemnt cracking down on spam by blocking mail from this spam source or that spam source but apparently ignoring the fact that many if not most of the web sites advertised are hosted in their own country and that, by permitting this, they are making life very cozy for the spammers.

From the top, there's a whole different mind-set going on. For instance, if you read most of those news items, if you read a bit closer (or perhaps needing to go elsewhere to get the real/complete text) you'll see that in general, the spam blocking mentioned is the blocking of incoming (and internal) spam.

You can go back to the Chinese government controls access to the 'net' by its citizens by forcing all traffic to go through the government controlled servers/firewalls. This allows the government to monitor, even stop all traffic to areas of the net seen as detrimental to their citizens. However, read this again if you didn't catch the big point, their firewals prevent their citizens from "reaching out" .... not a damn thing done to "supervise" all the incoming traffic to get the "good" stuff on sites hosted within those famous firewalls.

Complaints have been streaming in over the years, but you must note that there's also the language problem involved, one suspecting that some ISP's may not have staff that handles foreign language well (which also may be part of the issue in securing those servers with the docs in languages other than any Chinese dialect)

On the other hand, the BLs have gotten their attention, based on complaining at the UN about so many other countries blocking traffic to/from Chinese servers. And this part of the situation is what has the Spamhaus 'conference' going on. There just may be the beginnings of a solution starting <g>

Share this post


Link to post
Share on other sites

Taiwan is claiming some effort in blocking inappropriate spam:

Sony Network Taiwan Limited

To whom it may concern:

Thanks for your information. We have found out the Spammer or Port Scan/Probe and taken the appropriate and necessary actions to stop him/her from doing it again.

For those repeated spammers or Port Scan/Probe , we willl stop his/her accesss rights instantly.

We are here to apologize for their inappropriate behaviors.

Sincerely

Sony Network Taiwan Limited

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

This e-mail and any attachments are confidential and may be legally privileged.

If you are not the intended recipient,

(i) please do not read or disclose to others, and

(ii) please notify immediately the sender by reply mail, and

(iii) please delete all copies of the email from your system.

Failure to follow this process may be unlawful.

We greatly appreciate your cooperation.

Share this post


Link to post
Share on other sites

Yeah, except I get the same exact replies from the Taiwan ISPs when I submit my JackPot fake SMTP / teergrube / honeypot URL for the logs to them, and I keep getting spam from the same IP addresses they say they've shut down.

They SHOULD take my LARTs seriously, considering that I'm giving them the IP addresses of the spammers themselves, and not some email headers that might or might not be forged, and due to the fact that I'm reporting hundreds of thousands of spam attempts, not just one spam, but it doesn't seem to matter.

I'm now dumping on the order of 600,000 spams per day coming from mainland China, Taiwan, and Hong Kong.

I think all of the Taiwan IP addresses should be blocked for a time, that'd make the ISPs there wake up and get a clue.

Share this post


Link to post
Share on other sites
I get very frustrated when I see news items about the Chinese governemnt cracking down on spam by blocking mail from this spam source or that spam source but apparently ignoring the fact that many if not most of the web sites advertised are hosted in their own country and that, by permitting this, they are making life very cozy for the spammers.

Has anyone else noticed that AOL Time Warner is pursuing business partnerships with the very same spam-havens hosting the spammers they are suing?

That's like the cops going into a crack house and arresting the drug addicts, while they give the operators of the crack house a big loan to expand their business.

I refer in particular to America OnLine's dealings with China Telecom and Netcom.

And the last time I checked, Yahoo! was already partnered with Verio, another major spam-mill-- yet Yahoo! is also suing verio-hosted spammers.

AOL confirmed looking into this Faustian bargain as far back at least as March 2003

http://www.manilatimes.net/national/2003/m...30328bus17.html

http://www.etexpo.com/shownews.asp?ID=276

“We’re talking about business (with China Telecom and Netcom), but we didn’t talk about a partnership yet,” she said. The AOL spokesman confirmed that the venture was looking at possibly bringing in an additional partner.

As of March 2004, AOL appears to be courting the same strange bedfellows

http://www.chinesesource.com/get_detail.cfm?id=1040

http://www.newsgd.com/business/enterprise/200403010031.htm

"Likely candidates could include China's mobile phone giants of China Mobile (Hong Kong) Ltd and China Unicom Ltd; and its top two fixed line carriers, China Telecom and China Netcom, which have both spent millions of dollars over the last two years to build out their high-speed Internet networks. "

And then there's the fact that one of AOL's board members is on something like The U.S. China Board of Trade. I forget her name, but the information is somewhere on my other computer. She was also something like "trade ambassador" to China.

And I bet if we dug around a little, we would find that AOL already has relationships with some of the other foreign spam mills, particularly in Italy and Korea.

Does anyone want to resarch and publish on this with me?

Specifically, which of the spammers AOL is suing are hosted on the spam havens that AOL has (or is pursuing) partnerships with.

These lawsuits against spammers by AOL are just window-dressing. They're blowing smoke to hide the fact that they are not only doing squat to stop spam, they are also actively pursuing alliances with the source.

If AOL really wanted to stop spam, they would not only stop pursuing business with spam mills, but block all traffic from them. AOL knows China Telecom and Netcom are the ones sending most of the spam to AOL accounts. They know what to do about it, but they won't.

I say, let's call them to task for it.

Share this post


Link to post
Share on other sites

IanDavid, didn't you already post this same diatribe somewhere elase, say a week or so ago? I'll go do a search later, but .... it sure reads the same to me as something read a while ago ....

Share this post


Link to post
Share on other sites
IanDavid, didn't you already post this same diatribe somewhere elase, say a week or so ago?  I'll go do a search later, but ....  it sure reads the same to me as something read a while ago ....

Yes, I did post it a while back, but it was in an old thread that nobody seemed to be reading any more (and it didn't get any feedback) so I was hoping it would be OK to re-post in a more active thread.

I hope that wasn't a terrible breach of netiquite?

Share this post


Link to post
Share on other sites

IMHO, that's ok to do. However, it might have been better to start a new topic, however, with an explanation that you were interested in feedback so you were re-posting because it might have attracted more eyes. If you don't get feedback, then I think it would be safe to assume people aren't interested.

None of the major backbones, IMHO, are particularly interested in reducing spam and have no problems with consorting with anyone who intends to spend money. From the consumer standpoint, it would be better to push on their customers to lobby for changes. There are not even enough ISP's who are willing to take the 'high road' of principle, but prefer to whitelist the big guys.

Do you know about the 'tipping point' theory? If someone could get enough end users to create a 'tipping point' ISP's would no longer whitelist. Then it would be a matter of creating a tipping point for ISP's who would, then, pressure the backbones to *do* something.

Miss Betsy

Share this post


Link to post
Share on other sites

Do you know about the 'tipping point' theory?  If someone could get enough end users to create a 'tipping point' ISP's would no longer whitelist.  Then it would be a matter of creating a tipping point for ISP's who would, then, pressure the backbones to *do* something.

Miss Betsy

Apparently, AOL and their ilk have their tipping point set at a very high level.

They think they are (or soon will be) a monopoly, and that we're stuck with them.

My recent dealings with them as a case in point, "No, we promise to fix the problem, but we refuse to have anyone get back to you about it."

AOL has abandoned any pretense of caring about their customers (what else is new?)

It helps to know there is a website that tells you how to swear at someone in Hindi.

http://www.insults.net/html/swear/hindi.html

I also vaguely remember a phrase one of my counselors at summer camp taught us once (I'm reaching back about 20 years into my memory, so please take that into account).

It was something like:

Bagwhan d'or or bagall rhat dori...

Supposed to be, "God's worst nightmare run amok"

It's not necessarily an insult, but colorful.

Again, I hadn't thought about that phrase in 20 years, so it probably isn't anywhere near accurate. I just hope I didn't accidentally say something really vulgar.

Since AOL doesn't care to listen to their customers, I would hesitate to guess any other means of bringing them to their tipping point.

I believe we already have a ban on technology exports to China of computer technology that could be used in weapons systems. How about an embargo of equipment that can be used to send spam?

I noticed that Cisco seems to be very proud of sending their routers to China Netcom. I wish they would stop. It would be nice to stop selling routers, servers, computers, modems, etc. to China.

Share this post


Link to post
Share on other sites
It would be nice to stop selling routers, servers, computers, modems, etc. to China.

Just a small detail ... but there is a lot of that stuff actually manufactured there .. You could refuse to sell the stuff, but what would stop the same items from disappearing from a loading dock somewhere along the line?

Share this post


Link to post
Share on other sites
It would be nice to stop selling routers, servers, computers, modems, etc. to China.

Just a small detail ... but there is a lot of that stuff actually manufactured there .. You could refuse to sell the stuff, but what would stop the same items from disappearing from a loading dock somewhere along the line?

I know it would only be a symbolic gesture, at best.

It's too bad the U.N. can't send in "spam Inspectors."

Share this post


Link to post
Share on other sites
It would be nice to stop selling routers, servers, computers, modems, etc. to China.

Since 90% of the spam I receive (in Hong Kong) is advertising US companies, perhaps it would be more useful if the rest of the world stopped doing business with the USA.

Share this post


Link to post
Share on other sites
It would be nice to stop selling routers, servers, computers, modems, etc. to China.

Since 90% of the spam I receive (in Hong Kong) is advertising US companies, perhaps it would be more useful if the rest of the world stopped doing business with the USA.

Good point.

But I think one key difference is that our government has made a legislative effort (albeit a lame one) to address the problem.

If China wanted to solve their spam problem, they are one of the few countries in a position to do so overnight. It's a lot easier to shut-down a spamhaven than a student democracy protest.

They're already shutting-down anyone that allows access to computer games that are unfavorable to their politics, or anyone who sends emails saying that Tibet should be free.

If they're going to be a repressive facist regime, then for once it should work to the world's favor.

The only answer is, the Chinese government likes it that way. Our government does not-- we're just too inept to do anything effective about it.

Also, I make distinctions between China, Hong Kong and Taiwan. Taiwan is not China, and Hong Kong is still playing by a shrinking set of different rules. I have gotten very little spam from Hong Kong.

And it's not so much a matter of where the spam email is coming from that frustrates me, as the fact that the spamvertised sites are almost always in China. You won't find very many hosts in the US that don't delete spammer's websites.

We just have a whole lot of exploitable open-relays due to negligence and sloppiness and short-sidededness.

But there are companies in China that lovingly coddle spammers and couldn't care less about spam complaints.

That is the key issue: Who is hosting their sites, who is providing aid and comfort. They can send all the email they want, from wherever they want, but without a willing co-conspirator to host them, they would fade away.

Share this post


Link to post
Share on other sites
It would be nice to stop selling routers, servers, computers, modems, etc. to China.

Since 90% of the spam I receive (in Hong Kong) is advertising US companies, perhaps it would be more useful if the rest of the world stopped doing business with the USA.

Good point.

But I think one key difference is that our government has made a legislative effort (albeit a lame one) to address the problem.

If China wanted to solve their spam problem, they are one of the few countries in a position to do so overnight. It's a lot easier to shut-down a spamhaven than a student democracy protest.

They're already shutting-down anyone that allows access to computer games that are unfavorable to their politics, or anyone who sends emails saying that Tibet should be free.

If they're going to be a repressive facist regime, then for once it should work to the world's favor.

The only answer is, the Chinese government likes it that way. Our government does not-- we're just too inept to do anything effective about it.

Also, I make distinctions between China, Hong Kong and Taiwan. Taiwan is not China, and Hong Kong is still playing by a shrinking set of different rules. I have gotten very little spam from Hong Kong.

And it's not so much a matter of where the spam email is coming from that frustrates me, as the fact that the spamvertised sites are almost always in China. You won't find very many hosts in the US that don't delete spammer's websites.

We just have a whole lot of exploitable open-relays due to negligence and sloppiness and short-sidededness.

But there are companies in China that lovingly coddle spammers and couldn't care less about spam complaints.

That is the key issue: Who is hosting their sites, who is providing aid and comfort. They can send all the email they want, from wherever they want, but without a willing co-conspirator to host them, they would fade away.

Oh, I forgot to mention that all those American spammers sending spam to Hong Kong are probably getting the addresses from a CD-ROM of Chinese email addresses I saw advertised on the China Netcom address.

Can we buy one of those disks to send "Free Tibet" messages sent through Netcom's servers?

Share this post


Link to post
Share on other sites

How about replying directly to the spam declining their order for ammunition but wishing them well in their revolution?

Share this post


Link to post
Share on other sites

I asked them whether they were Down syndrom mongoloids. They started sending me viruses.

Share this post


Link to post
Share on other sites

After reading through previous posts, I think this discussion is coming to a very interesting point.

Reporting an Chinese ISP/host might/will work. The number of complaints will decide survival of the host. China is more responsible and concerned to issued content in the country than others. I like that. Nowhere in the world have I seen more capitalism than in Shanghai/China. My guess is that, like what any Western company is doing, is investing in China, then of course, so do spammers. They pay people in China to "manufacture" their spam. (Filthy) business as usual. By that way, "the payer" spairs his own IP address(-es) from being blacklisted, blaming it all on China. It's only been recently China is recocnizing this "International" problem. Remember though: It's not only the Chinese authorities doing filtration, but Western companies also do. I feel it every day here from Shanghai.

It does not matter if manufacturers sell their ready-made technology to China or not, because all major companies are already manufacturing their equipment in China (Nokia, BMW, Mercedes, VolksWagen, GM, FORD, Cadillac, Intel, AMD). Until 2004 all joint ventures have been in 51% Chinese owned, and that is smart. Your box and CPU are most probably allready stamped with "Made in China" or "Made in Malysia" or "Made in Singapore".

The Chinese government can not do all things by over night (many parts of the country do not even have running water nor electricity). But it is impressive to see a very efficient government working, much more effective than that of any Western Country (I've lived in DK, USA, IS).

My main point is, that spammers in China, without doubt, are driven by money provided by the West. All big brand names know how to market their products, and I am sure that a product like Viagra would not have gotten so "imprinted", if it was not for the overwhelming "spam-campaign" on the Net, the sponsor "must have bought". If you look at a typical spam content from China, then the spam only contains "European/U.S.A." products. That is, 99.99% of spammers are selling Western products. Chinese do not understand english, so the spam is not aimed at Asians and they are not making the products! You ask yourself about the source of spam

There is 1.300.000 of Chinese, and they spam in their own language, which remarkably, I have not yet received a single spam in chinese (the only spam I get is on the mobile). Worth thinking of.

Please report the ISP/Web host. The Red Democracy is here only for a short time, but while it's working, go ahead and enjoy it (it's working far better than any democracy in Europe/America).

Best to you all,

'Ottar

Share this post


Link to post
Share on other sites

I just checked some of the Chinese IPs that keep sending viruses, they come from 'Medical' Schools, and are open relays. I think it is more likely that such IPs are used by spammers without their knowledge. What is puzzling is that their abuse desk replies to complaints with more viruses and snutty comments. Is it possible that people in charge with these supposedly educational servers are in kahootz with the spammers?

Share this post


Link to post
Share on other sites

I do not believe that the abuse desk sends spam or viruses (unless they are infected themselves).

As I said, if the school does not know how to close open relays, then my expectation is that if someone who is corresponding with a collegue from that school explained to his collegue what the problems were, that a dialogue might be created where the collegue would contact his IT department and help them to get in touch with someone who can explain the technicalities.

If no one at your institution is corresponding with that school, then there is no reason why your IT department cannot block that IP address.

Miss Betsy

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×