|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] cultural ethics of email and spam-China
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
jeff wrote:
> Stephen Gran wrote:
>> This is more of a perception than a reality. Over half of the world
>> wide spam comes from the US, IIRC.
>
> I've probably seen the same stats as you, but my experience states
> otherwise.
I've seen the stats for my own personal email ;) North America as a
whole was the very clear leader in origin, though that is last hop
before systems I controlled. So if someone in China sent a message
through a zombied Windows box on a DSL connection in Philly, it would
show as from .us.
I had graphs of my personal and work spam mail updated every few hours
for current month's results at http://spam.thegrebs.com though I
outsourced my personal email so had quit feeding the graphs with new
data and eventually took the site down.
Karsten Self did some great stuff on spam by ASN which got me involved
in the game though I went a step further and aggregated ASNs by country.
He presented a paper titled "CIDR House-Rules: Use of BGP router data
to identify and address sources of Internet abuse" on some of his work
at the Messaging Anti-Abuse Working Group last year that is available at
the following links:
<http://linuxmafia.com/~karsten/cidr-house-rules.pdf>
<http://linuxmafia.com/~karsten/cidr-house-rules.ps>
He lists addresses for his own reports online as well as a few others
(including mine which as noted above is no longer available :/).
Perhaps I should see about pushing work spam back through the processing
stuffs.
If you are interested and doing some of this sort of analysis on your
own, I wrote a module in CPAN named Net::Abuse::Utils that may be useful
to you, will do IP -> Announcing AS and AS -> Country or IP -> Country.
Some of the information is available via a CGI at
<http://thegrebs.com/ip-info/>.
Mike
- --
Michael Greb
Linode.com, LLC
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
iD8DBQFHF2Ji0Qbp4bPZvesRAvFNAKCx4MxzR0T8JZbTlC0HMb7v5ZGoqACguizT
uBF3nZdJ3KdPJhsxN68qmNM=
=P6rl
-----END PGP SIGNATURE-----
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|