taking common action against spam internet society of china beijing – 2004 dave crocker...
TRANSCRIPT
Taking Common Action Taking Common Action Against SpamAgainst Spam
Taking Common Action Taking Common Action Against SpamAgainst Spam
Internet Society of ChinaInternet Society of ChinaBeijing – 2004Beijing – 2004
Dave CrockerDave CrockerBrandenburg InternetWorkingBrandenburg InternetWorking
<http://brandenburg.com/current.html><http://brandenburg.com/current.html>
Internet Society of ChinaInternet Society of ChinaBeijing – 2004Beijing – 2004
Dave CrockerDave CrockerBrandenburg InternetWorkingBrandenburg InternetWorking
<http://brandenburg.com/current.html><http://brandenburg.com/current.html>
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,200422
Setting the ContextSetting the ContextSetting the ContextSetting the Context
© 1975(!)Datamation
© 1975(!)Datamation
This? Oh, this is the display This? Oh, this is the display for my electronic junk mail.for my electronic junk mail.
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,200433
A Personal PerspectiveA Personal PerspectiveA Personal PerspectiveA Personal Perspective
Spam is a complex socialsocial problem Technical solutions must followfollow the social decisions
The situation is getting much worse, very quickly
It is like moving from a safe, small town to a big (U.S.) city Spam is created in one country, and sent out from another And no technique has yet reduced global spam!
Spam is a global problem On the Internet, every place is a close neighbor We can only control it by taking commoncommon action
Spam is a complex socialsocial problem Technical solutions must followfollow the social decisions
The situation is getting much worse, very quickly
It is like moving from a safe, small town to a big (U.S.) city Spam is created in one country, and sent out from another And no technique has yet reduced global spam!
Spam is a global problem On the Internet, every place is a close neighbor We can only control it by taking commoncommon action
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,200444
Wheel of Spam (Mis)FortuneWheel of Spam (Mis)FortuneWheel of Spam (Mis)FortuneWheel of Spam (Mis)Fortune
Control of spam Techniques are not precise We must balance the facets Need many partial solutions
Heuristics to consider Long lists Complicated Complicated Be careful!
Control of spam Techniques are not precise We must balance the facets Need many partial solutions
Heuristics to consider Long lists Complicated Complicated Be careful!
PoliticalPolitical
LegalLegal
SocialSocial
HumanHuman
AdministrationAdministration
TechnicalTechnical
ManagementManagement DeploymentDeployment
Many Facets of Many Facets of EmailEmail
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,200455
Formulating ProposalsFormulating ProposalsFormulating ProposalsFormulating Proposals
SpammersSpammers “Accountable”
Legitimate businesses with aggressive marketing
Need rules to constrain Need rules to constrain
“Rogue” Avoid accountability Same as criminal virus Same as criminal virus
and worm attackersand worm attackers
SpammersSpammers “Accountable”
Legitimate businesses with aggressive marketing
Need rules to constrain Need rules to constrain
“Rogue” Avoid accountability Same as criminal virus Same as criminal virus
and worm attackersand worm attackers
Pragmatic Pragmatic ApproachApproach
Specify: Type of targeted spam How it is occurring How the mechanism
will fix the problem Explore how
mechanism can fail
Pragmatic Pragmatic ApproachApproach
Specify: Type of targeted spam How it is occurring How the mechanism
will fix the problem Explore how
mechanism can fail
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,200466
A List of Common A List of Common SuggestionsSuggestionsA List of Common A List of Common SuggestionsSuggestions
Initial suggestions from the anti-spam community
Most are useful for providers and countries everywhere We need a venue for forming on-going agreements
CategoriesLegal:Legal: Formal boundaries and consequences
Accountability:Accountability: For whitelisting(!)
Administrative:Administrative: Organization commitment and efficiency
Collaboration:Collaboration: Adapt and respond to changes
Operations:Operations: Tools for responding
Initial suggestions from the anti-spam community
Most are useful for providers and countries everywhere We need a venue for forming on-going agreements
CategoriesLegal:Legal: Formal boundaries and consequences
Accountability:Accountability: For whitelisting(!)
Administrative:Administrative: Organization commitment and efficiency
Collaboration:Collaboration: Adapt and respond to changes
Operations:Operations: Tools for responding
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,200477
Legal and PoliticalLegal and PoliticalLegal and PoliticalLegal and Political
Provide government assistance and oversight
Treat spam as a common international and national emergency
This requires a commitment by both government and operators
Formulate Acceptable Use Policies (AUP) Create legal procedures to disconnect spammers Specify serious consequences for violating AUP
Provide government assistance and oversight
Treat spam as a common international and national emergency
This requires a commitment by both government and operators
Formulate Acceptable Use Policies (AUP) Create legal procedures to disconnect spammers Specify serious consequences for violating AUP
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,200488
AccountabilityAccountabilityAccountabilityAccountability
rDNS (in-addr.arpa) Maintain IP address-to-name mappings for all
visible addresses Map to “useful” domain names
WHOIS information Maintain accurate entries
Indirect spam referencing via ‘landing hosts’
Lines of accountability to owner of the host
rDNS (in-addr.arpa) Maintain IP address-to-name mappings for all
visible addresses Map to “useful” domain names
WHOIS information Maintain accurate entries
Indirect spam referencing via ‘landing hosts’
Lines of accountability to owner of the host
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,200499
Organizational and Organizational and AdministrativeAdministrativeOrganizational and Organizational and AdministrativeAdministrative
Organization Structure Use a unique ASN for each provincial "branch" Create central authority to assist province
administrators who provide direct policy enforcement
Network Structure Separate dynamic and static IP's
Staff Support Province/Network administrators must have authority
to terminate quickly Give them tools and training for disconnecting
spammers
Organization Structure Use a unique ASN for each provincial "branch" Create central authority to assist province
administrators who provide direct policy enforcement
Network Structure Separate dynamic and static IP's
Staff Support Province/Network administrators must have authority
to terminate quickly Give them tools and training for disconnecting
spammers
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,20041010
Collaboration Among Collaboration Among ProvidersProvidersCollaboration Among Collaboration Among ProvidersProviders
Global Create RFC-2142 addresses; register with abuse.net Act on complaints made to abuse addresses Forum for international sharing of methods and
information Government and operator participation in APCauce,
SPAM-L, NANAE, etc.
National Forum for Province administrators Create a Chinese anti-spam site to help non-Chinese
users report spam involving China
Global Create RFC-2142 addresses; register with abuse.net Act on complaints made to abuse addresses Forum for international sharing of methods and
information Government and operator participation in APCauce,
SPAM-L, NANAE, etc.
National Forum for Province administrators Create a Chinese anti-spam site to help non-Chinese
users report spam involving China
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,20041111
OperationsOperationsOperationsOperations
Prevention Create a list of IP Address blocks that are run by anti-
spam ISPs, to permit whitelisting(!) Certify, block or rate-limit outbound SMTP for all hosts
Detection Monitor traffic flows for “spikes” Check outbound mail for viruses
Response Create response-time targets (< 24 hours) Responses in English would be nice
Prevention Create a list of IP Address blocks that are run by anti-
spam ISPs, to permit whitelisting(!) Certify, block or rate-limit outbound SMTP for all hosts
Detection Monitor traffic flows for “spikes” Check outbound mail for viruses
Response Create response-time targets (< 24 hours) Responses in English would be nice
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,20041212
Safe Internet service is achieved through collaboration among providers.
Safe Internet service is achieved through collaboration among providers.
A Direction for A Direction for Collaboration?Collaboration?A Direction for A Direction for Collaboration?Collaboration?
Safe Internet service requires collaboration among providers.
We need a venue for collaborative development, assistance, monitoring and reporting of safe operational practices.
Safe Internet service requires collaboration among providers.
We need a venue for collaborative development, assistance, monitoring and reporting of safe operational practices.
ASPASP
EnterpriseEnterprise
ISPISP
TechnologyTechnology
StandardStandard
GuidelineGuideline
Mutual Internet Practices
Association
D. Crocker, Brandenburg InternetWorking ISOC China – Beijing,20041313
SummarySummarySummarySummary
Spam is a complicated probem It needs to be treated with all due respect
Spam is a universal problem Fighting it requires global common action
Spam is an urgent problem We must attack it together… now!
Xie XieXie Xie
Spam is a complicated probem It needs to be treated with all due respect
Spam is a universal problem Fighting it requires global common action
Spam is an urgent problem We must attack it together… now!
Xie XieXie Xie