Presentation is loading. Please wait.

Presentation is loading. Please wait.

Taking Common Action Against Spam Internet Society of China Beijing – 2004 Dave Crocker Brandenburg InternetWorking <http://brandenburg.com/current.html>

Published byJordan Golden Modified over 8 years ago

Similar presentations

Presentation on theme: "Taking Common Action Against Spam Internet Society of China Beijing – 2004 Dave Crocker Brandenburg InternetWorking <http://brandenburg.com/current.html>"— Presentation transcript:

1 Taking Common Action Against Spam Internet Society of China Beijing – 2004 Dave Crocker Brandenburg InternetWorking <http://brandenburg.com/current.html> Internet Society of China Beijing – 2004 Dave Crocker Brandenburg InternetWorking <http://brandenburg.com/current.html>

2 2 2 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 Setting the Context © 1975(!) Datamation © 1975(!) Datamation This? Oh, this is the display for my electronic junk mail.

3 3 3 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 A Personal Perspective social  Spam is a complex social problem follow  Technical solutions must follow the social decisions  The situation is getting much worse, very quickly  It is like moving from a safe, small town to a big (U.S.) city  Spam is created in one country, and sent out from another  And no technique has yet reduced global spam!  Spam is a global problem  On the Internet, every place is a close neighbor common  We can only control it by taking common action social  Spam is a complex social problem follow  Technical solutions must follow the social decisions  The situation is getting much worse, very quickly  It is like moving from a safe, small town to a big (U.S.) city  Spam is created in one country, and sent out from another  And no technique has yet reduced global spam!  Spam is a global problem  On the Internet, every place is a close neighbor common  We can only control it by taking common action

4 4 4 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 Wheel of Spam (Mis)Fortune  Control of spam  Techniques are not precise  We must balance the facets  Need many partial solutions  Heuristics to consider  Long lists  Complicated  Complicated  Be careful! Political Legal Social Human Administration Technical Management Deployment Many Facets of Email

5 5 5 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 Formulating Proposals Spammers  “Accountable”  Legitimate businesses with aggressive marketing  Need rules to constrain  “Rogue”  Avoid accountability  Same as criminal virus and worm attackers Spammers  “Accountable”  Legitimate businesses with aggressive marketing  Need rules to constrain  “Rogue”  Avoid accountability  Same as criminal virus and worm attackers Pragmatic Approach  Specify:  Type of targeted spam  How it is occurring  How the mechanism will fix the problem  Explore how mechanism can fail

6 6 6 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 A List of Common Suggestions  Initial suggestions from the anti-spam community  Most are useful for providers and countries everywhere  We need a venue for forming on-going agreements  Categories Legal: Legal: Formal boundaries and consequences Accountability: Accountability: For whitelisting(!) Administrative: Administrative: Organization commitment and efficiency Collaboration: Collaboration: Adapt and respond to changes Operations: Operations: Tools for responding  Initial suggestions from the anti-spam community  Most are useful for providers and countries everywhere  We need a venue for forming on-going agreements  Categories Legal: Legal: Formal boundaries and consequences Accountability: Accountability: For whitelisting(!) Administrative: Administrative: Organization commitment and efficiency Collaboration: Collaboration: Adapt and respond to changes Operations: Operations: Tools for responding

7 7 7 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 Legal and Political  Provide government assistance and oversight  Treat spam as a common international and national emergency  This requires a commitment by both government and operators  Formulate Acceptable Use Policies (AUP)  Create legal procedures to disconnect spammers  Specify serious consequences for violating AUP  Provide government assistance and oversight  Treat spam as a common international and national emergency  This requires a commitment by both government and operators  Formulate Acceptable Use Policies (AUP)  Create legal procedures to disconnect spammers  Specify serious consequences for violating AUP

8 8 8 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 AccountabilityAccountability  rDNS (in-addr.arpa)  Maintain IP address-to-name mappings for all visible addresses  Map to “useful” domain names  WHOIS information  Maintain accurate entries  Indirect spam referencing via ‘landing hosts’  Lines of accountability to owner of the host  rDNS (in-addr.arpa)  Maintain IP address-to-name mappings for all visible addresses  Map to “useful” domain names  WHOIS information  Maintain accurate entries  Indirect spam referencing via ‘landing hosts’  Lines of accountability to owner of the host

9 9 9 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 Organizational and Administrative  Organization Structure  Use a unique ASN for each provincial "branch"  Create central authority to assist province administrators who provide direct policy enforcement  Network Structure  Separate dynamic and static IP's  Staff Support  Province/Network administrators must have authority to terminate quickly  Give them tools and training for disconnecting spammers  Organization Structure  Use a unique ASN for each provincial "branch"  Create central authority to assist province administrators who provide direct policy enforcement  Network Structure  Separate dynamic and static IP's  Staff Support  Province/Network administrators must have authority to terminate quickly  Give them tools and training for disconnecting spammers

10 10 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 Collaboration Among Providers  Global  Create RFC-2142 addresses; register with abuse.net  Act on complaints made to abuse addresses  Forum for international sharing of methods and information  Government and operator participation in APCauce, SPAM-L, NANAE, etc.  National  Forum for Province administrators  Create a Chinese anti-spam site to help non-Chinese users report spam involving China  Global  Create RFC-2142 addresses; register with abuse.net  Act on complaints made to abuse addresses  Forum for international sharing of methods and information  Government and operator participation in APCauce, SPAM-L, NANAE, etc.  National  Forum for Province administrators  Create a Chinese anti-spam site to help non-Chinese users report spam involving China

11 11 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 OperationsOperations  Prevention  Create a list of IP Address blocks that are run by anti-spam ISPs, to permit whitelisting(!)  Certify, block or rate-limit outbound SMTP for all hosts  Detection  Monitor traffic flows for “spikes”  Check outbound mail for viruses  Response  Create response-time targets (< 24 hours)  Responses in English would be nice  Prevention  Create a list of IP Address blocks that are run by anti-spam ISPs, to permit whitelisting(!)  Certify, block or rate-limit outbound SMTP for all hosts  Detection  Monitor traffic flows for “spikes”  Check outbound mail for viruses  Response  Create response-time targets (< 24 hours)  Responses in English would be nice

12 12 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004  Safe Internet service is achieved through collaboration among providers. A Direction for Collaboration? Safe Internet service requires collaboration among providers. We need a venue for collaborative development, assistance, monitoring and reporting of safe operational practices. Safe Internet service requires collaboration among providers. We need a venue for collaborative development, assistance, monitoring and reporting of safe operational practices. ASP Enterprise ISP Technology Standard Guideline Mutual Internet Practices Association

13 13 D. Crocker, Brandenburg InternetWorkingISOC China – Beijing,2004 SummarySummary  Spam is a complicated probem  It needs to be treated with all due respect  Spam is a universal problem  Fighting it requires global common action  Spam is an urgent problem  We must attack it together… now! Xie Xie  Spam is a complicated probem  It needs to be treated with all due respect  Spam is a universal problem  Fighting it requires global common action  Spam is an urgent problem  We must attack it together… now! Xie Xie

Download ppt "Taking Common Action Against Spam Internet Society of China Beijing – 2004 Dave Crocker Brandenburg InternetWorking <http://brandenburg.com/current.html>"

Similar presentations

Anti-SPAM activities in Malaysia - Current Situation, Regulatory Environment and Future Developments ITU virtual conference on anti-spam regulation and.

Anti-SPAM activities in Malaysia - Current Situation, Regulatory Environment and Future Developments ITU virtual conference on anti-spam regulation and.
Principle 2 Promoting the public good. Because the public sector is the mechanism through which governments deliver programs and services for the benefit.

Principle 2 Promoting the public good. Because the public sector is the mechanism through which governments deliver programs and services for the benefit.
Anti-Spam Management for Service Provider in Malaysia Alan Lee NTT MSC.

Anti-Spam Management for Service Provider in Malaysia Alan Lee NTT MSC.
1 Effective, secure and reliable hosted email security and continuity solution.

1 Effective, secure and reliable hosted security and continuity solution.
Addressing spam email and enforcing a Do Not Email Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.

Addressing spam and enforcing a Do Not Registry using a Certified Electronic Mail System Information Technology Advisory Group, Inc.
EInfrastructures (Internet and Grids) US Resource Centers Perspective: implementation and execution challenges Alan Blatecky Executive Director SDSC.

EInfrastructures (Internet and Grids) US Resource Centers Perspective: implementation and execution challenges Alan Blatecky Executive Director SDSC.
Methods for Stopping Spam James Lick

Methods for Stopping Spam James Lick
How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task.

How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task.
Security Controls – What Works

Security Controls – What Works
System Aspects of Spam Control Architecture and Operations Issues IBM Academy 6 Apr 2005 Dave Crocker Brandenburg InternetWorking IBM.

System Aspects of Spam Control Architecture and Operations Issues IBM Academy 6 Apr 2005 Dave Crocker Brandenburg InternetWorking IBM.
Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.

Developing Network Security Strategies Network Security D ESIGN Network Security M ECHANISMS.
The problems associated with operating an effective anti-spam blocklist system in an increasingly hostile environment. Robert Gallagher September 2004.

The problems associated with operating an effective anti-spam blocklist system in an increasingly hostile environment. Robert Gallagher September 2004.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Spam May 15 2006 CS239. Taxonomy E-mail (UBE)  Advertisement  Phishing Webpage  Content  Links From: Thrifty Health-Insurance Mailed-By: noticeoption.comReply-To:

Spam May CS239. Taxonomy (UBE)  Advertisement  Phishing Webpage  Content  Links From: Thrifty Health-Insurance Mailed-By: noticeoption.comReply-To:
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
Network security policy: best practices

Network security policy: best practices
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Understanding Active Directory

Understanding Active Directory
1 Internet Society of China (ISC) ANTI-SPAM Activities of Internet Society of China Anting HU Anti-Spam Committee of ISC Geneva, 13 Dec 2006.

1 Internet Society of China (ISC) ANTI-SPAM Activities of Internet Society of China Anting HU Anti-Spam Committee of ISC Geneva, 13 Dec 2006.

Similar presentations

Ads by Google