grinner
06-23-2004, 08:20 AM
ISPs call for action on 'zombie' spam
By Scott Morrison in San Francisco
Published: June 22 2004 21:20 | Last Updated: June 22 2004 21:20
The four largest US internet service providers on Tuesday called on government agencies, corporations and other ISPs to start unplugging from the internet "zombie" computers that have been secretly programmed to send out millions of spam messages.
These computers, also known as open relays, are typically infected by viruses that leave them vulnerable to spammers who use them to send millions of junk e-mails without their owners' knowledge.
Microsoft said up to 40 per cent of all spam on its MSN network is sent by or through zombies - a practice that enables spammers to cover their tracks. AOL said zombies could account for as much as 89 per cent of all junk e-mail on its network, and that shutting down compromised computers could have a "substantial impact" on the flow of spam.
The proposal was one of several industry best practices that Microsoft, Yahoo, Time Warner's America Online and Earthlink said would help curtail the explosion in junk e-mail, which now comprises 70-80 per cent of all e-mail messages on the internet.
Studies have suggested spam is costing ISPs and large corporations billions of dollars annually in wasted bandwidth, lower employee productivity, technical support and legal bills.
In addition to proposing best practices, the four ISPs said they would co-operate in testing two different technologies designed to help prevent spammers from covering their tracks by forging e-mail addresses, a practice known as spoofing.
Curtailing spoofing has become more urgent in recent months, as online fraudsters have started sending untraceable "phishing" e-mails aimed at tricking unwitting recipients into handing over sensitive personal information, such as bank account numbers and passwords.
Spoofing has emerged as one of the biggest challenges for ISPs and anti-spam software makers because the worldwide e-mail system, built around the SMTP protocol, provides no widespread manner to detect and verify a sender's identity.
The four ISPs said they would test complementary technologies backed by Microsoft and Yahoo, with the aim of making recommendations for an internet-wide authentication system by the end of the year.
One such technology would enable recipient servers to confirm a sender's domain, which is typically spelled out as a word or words. Corporations could then create anti-spam filters that could block all incoming messages bearing numerical internet addresses that do not match the domain name.
The inability of ISPs to track and authenticate e-mail was a primary reason the US Federal Trade Commission last week opted not to create a list of people who did not want to receive junk e-mail. The agency feared spammers would be able to use the registry to flood address holders with even more junk mail. Without technology to confirm a sender's identity, authorities would be virtually powerless to identify those who abused the registry.link (http://news.ft.com/servlet/ContentServer?pagename=FT.com/StoryFT/FullStory&c=StoryFT&cid=1087373190669&p=1012571727108)
By Scott Morrison in San Francisco
Published: June 22 2004 21:20 | Last Updated: June 22 2004 21:20
The four largest US internet service providers on Tuesday called on government agencies, corporations and other ISPs to start unplugging from the internet "zombie" computers that have been secretly programmed to send out millions of spam messages.
These computers, also known as open relays, are typically infected by viruses that leave them vulnerable to spammers who use them to send millions of junk e-mails without their owners' knowledge.
Microsoft said up to 40 per cent of all spam on its MSN network is sent by or through zombies - a practice that enables spammers to cover their tracks. AOL said zombies could account for as much as 89 per cent of all junk e-mail on its network, and that shutting down compromised computers could have a "substantial impact" on the flow of spam.
The proposal was one of several industry best practices that Microsoft, Yahoo, Time Warner's America Online and Earthlink said would help curtail the explosion in junk e-mail, which now comprises 70-80 per cent of all e-mail messages on the internet.
Studies have suggested spam is costing ISPs and large corporations billions of dollars annually in wasted bandwidth, lower employee productivity, technical support and legal bills.
In addition to proposing best practices, the four ISPs said they would co-operate in testing two different technologies designed to help prevent spammers from covering their tracks by forging e-mail addresses, a practice known as spoofing.
Curtailing spoofing has become more urgent in recent months, as online fraudsters have started sending untraceable "phishing" e-mails aimed at tricking unwitting recipients into handing over sensitive personal information, such as bank account numbers and passwords.
Spoofing has emerged as one of the biggest challenges for ISPs and anti-spam software makers because the worldwide e-mail system, built around the SMTP protocol, provides no widespread manner to detect and verify a sender's identity.
The four ISPs said they would test complementary technologies backed by Microsoft and Yahoo, with the aim of making recommendations for an internet-wide authentication system by the end of the year.
One such technology would enable recipient servers to confirm a sender's domain, which is typically spelled out as a word or words. Corporations could then create anti-spam filters that could block all incoming messages bearing numerical internet addresses that do not match the domain name.
The inability of ISPs to track and authenticate e-mail was a primary reason the US Federal Trade Commission last week opted not to create a list of people who did not want to receive junk e-mail. The agency feared spammers would be able to use the registry to flood address holders with even more junk mail. Without technology to confirm a sender's identity, authorities would be virtually powerless to identify those who abused the registry.link (http://news.ft.com/servlet/ContentServer?pagename=FT.com/StoryFT/FullStory&c=StoryFT&cid=1087373190669&p=1012571727108)