1 / 13

Taking Common Action

Internet Society of China. Beijing 2004. Dave Crocker. Brandenburg ... Safe Internet service is achieved through collaboration among providers. ...

jaden
Download Presentation

Taking Common Action

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    Slide 1:Taking Common Action Against Spam Internet Society of China Beijing – 2004 Dave Crocker Brandenburg InternetWorking <http://brandenburg.com/current.html>

    Slide 2:Setting the Context

    Slide 3:A Personal Perspective Spam is a complex social problem Technical solutions must follow the social decisions The situation is getting much worse, very quickly It is like moving from a safe, small town to a big (U.S.) city Spam is created in one country, and sent out from another And no technique has yet reduced global spam! Spam is a global problem On the Internet, every place is a close neighbor We can only control it by taking common action

    Slide 4:Wheel of Spam (Mis)Fortune Control of spam Techniques are not precise We must balance the facets Need many partial solutions Heuristics to consider Long lists ? Complicated Complicated ? Be careful!

    Slide 5:Formulating Proposals Spammers “Accountable” Legitimate businesses with aggressive marketing Need rules to constrain “Rogue” Avoid accountability Same as criminal virus and worm attackers Pragmatic Approach Specify: Type of targeted spam How it is occurring How the mechanism will fix the problem Explore how mechanism can fail

    Slide 6:A List of Common Suggestions Initial suggestions from the anti-spam community Most are useful for providers and countries everywhere We need a venue for forming on-going agreements Categories Legal: Formal boundaries and consequences Accountability: For whitelisting(!) Administrative: Organization commitment and efficiency Collaboration: Adapt and respond to changes Operations: Tools for responding

    Slide 7:Legal and Political Provide government assistance and oversight Treat spam as a common international and national emergency This requires a commitment by both government and operators Formulate Acceptable Use Policies (AUP) Create legal procedures to disconnect spammers Specify serious consequences for violating AUP

    Slide 8:Accountability rDNS (in-addr.arpa) Maintain IP address-to-name mappings for all visible addresses Map to “useful” domain names WHOIS information Maintain accurate entries Indirect spam referencing via ‘landing hosts’ Lines of accountability to owner of the host

    Slide 9:Organizational and Administrative Organization Structure Use a unique ASN for each provincial "branch" Create central authority to assist province administrators who provide direct policy enforcement Network Structure Separate dynamic and static IP's Staff Support Province/Network administrators must have authority to terminate quickly Give them tools and training for disconnecting spammers

    Slide 10:Collaboration Among Providers Global Create RFC-2142 addresses; register with abuse.net Act on complaints made to abuse addresses Forum for international sharing of methods and information Government and operator participation in APCauce, SPAM-L, NANAE, etc. National Forum for Province administrators Create a Chinese anti-spam site to help non-Chinese users report spam involving China

    Slide 11:Operations Prevention Create a list of IP Address blocks that are run by anti-spam ISPs, to permit whitelisting(!) Certify, block or rate-limit outbound SMTP for all hosts Detection Monitor traffic flows for “spikes” Check outbound mail for viruses Response Create response-time targets (< 24 hours) Responses in English would be nice

    Slide 12:A Direction for Collaboration? Safe Internet service requires collaboration among providers. We need a venue for collaborative development, assistance, monitoring and reporting of safe operational practices.

    Slide 13:Summary Spam is a complicated probem It needs to be treated with all due respect Spam is a universal problem Fighting it requires global common action Spam is an urgent problem We must attack it together… now! Xie Xie

More Related