ISPA’s Antispam Activities Bretton Vine, Future Foundation [email protected] / [email protected].
-
Upload
horatio-gordon -
Category
Documents
-
view
212 -
download
0
Transcript of ISPA’s Antispam Activities Bretton Vine, Future Foundation [email protected] / [email protected].
ISPA’s Antispam Activities
Bretton Vine, Future [email protected] / [email protected]
Background
• ISPA launches SpamJam meetups in 2009– BoF session for spam, abuse desks, IP reputation etc– And free beer!
• First Hall of Shame spammer report also released in 2009– 1. Database Development– 2. Dynamic Seminars– 3. James Munro– 4. The Peer Group– With a 5th party having signed an undertaking for removal just after
public release of the report
How it works
• ISPA members and trusted 3rd parties submit samples of South African spam to a reporting address
• Then at timed intervals, a set of listing criteria applied– Must have received from X different sources– Must all be within 30 days of each other– Clear indication of spam
• Producing a list of spammers with email addresses, domain names, IP addresses for the period under examination
• ISPA’s Antispam WG signs off on the report after checking it• Hall of Shame report published on ISPA website with email
addresses and domain names• Note: ISPA does not advise using the information to block
senders but this is the common practice, including use in a commercial product
Removals
• Listed spammers can be removed by signing an undertaking to observe best practice in the sending of commercial email– Opt-in only– No purchased addresses lists– Commitment to remove complainants– Failure to adhere to undertaking (repeat submissions as evidence) lead
to a listing for 3 years
• Roughly 1 in 15 listed spammers sign undertaking and get removed
• With at least half of those becoming repeat offenders– One party signed undertaking and resumed their mail shots 20mins
later!!
Objections
• One party (an ISP and bulk email provider, but not an ISPA member) turned to the Competition Commission– “ISPA was being anticompetitive as ISPA members also send bulk email”– Case dismissed
• Another party, Ketler, took ISPA to the high court citing defamation– Ketler failed to pitch up in court, continued spamming till March 2014– Case dismissed with costs, marked reportable as well– But Judge rapped ISPA over knuckles for process
(lack of notifying spammers of listing)– Ketler Paid a settlement of ~R65,000 earlier in 2014 against costs order
of ~R75,000– Signed a 2nd undertaking to become a model bulk mail sender– But will not be removed from report till 2017
Consequences
• Spam reporting system is mostly automated but still requires human review of every submitted spam sample
• As a result of the court case changes are underway to automatically notify– The parties accused of spamming– The abuse addresses for the sending host– ISPs, in particular ISPA members, even if submissions don’t meet listing
criteria– But this is fraught with problems as spammers often change their
details and many spam-friendly providers ignore abuse notices– Will rely heavily on providers wanting to protect their network
reputation
• Public submissions are also in the works provided ‘antispam activists’ register with ISPA beforehand
Questions
• Any questions?