• Save
Telecom Spam Mathan Session2 08 Dec 06
Upcoming SlideShare
Loading in...5
×
 

Telecom Spam Mathan Session2 08 Dec 06

on

  • 515 views

 

Statistics

Views

Total Views
515
Views on SlideShare
515
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Telecom Spam Mathan Session2 08 Dec 06 Telecom Spam Mathan Session2 08 Dec 06 Presentation Transcript

  • Messaging Anti-Abuse Working Group ITU Telecom World 2006 Anti-Spam workshop Hong-Kong, December 8, 2006 Luc Mathan Co-chair Public Policy MAAWG Board of Directors www.maawg.org ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 1
  • =? • Private sector consortium • Not for profit • Network operators (ISPs, enterprises), senders, vendors • International coverage • Focuses on anti-abuse, currently anti-spam • Engages with standards, legislation, law enforcement • 3-pronged approach – Collaboration, technology, public policy ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 2
  • = + 70 more Objective: Preserve electronic messaging from online exploits and abuse – Stop abusive email, deliver legitimate email – Eliminate a great source of cost to • Society – Consumers – Employees – Businesses • Network operators – Experts – Infrastructure – Customer care ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 3
  • Role of private sector • Help forge and adhere to Best Practices – For ISPs – For senders • Cooperate with all stakeholders – Reach common understanding of the spam situation • Do our part on user education – Rule #1: Protect yourself (don't click, don't reply, don't buy from spam, etc) – Rule #2: Protect your computer (up-to-date anti-virus, firewall, patched OS, etc) – Rule #3: Report spam if possible ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 4
  • Best common practices for ISPs • Manage port 25 – Remember ~80% of spam is from botnets • Monitor inbound and outbound traffic – Anti-virus both ways • Block specific attachments – Known to contain malware • Rate limit outbound traffic • Implement available sender authentication protocols – SenderID, DKIM • Listen to complaints – From ISPs, RBLs, your customers • Quarantine infected customers – Direct to free scan&repair ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 5
  • Best common practices for ISPs (…) • Cut the botnet control link – Prevent PC-botnet communication by blocking appropriate ports • Avoid creating unnecessary email traffic – NDNs to forged addresses constitute a large part of spam • Close open proxies/relays – Exclusive usage of your SMTP servers to your customers • Use your IP space responsibly – Keep accurate Whois contact information • Ensure your IP reputation is good – Keep accurate DNS and reverse DNS records • Communicate your security policy • Etc. ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 6
  • Role of MAAWG Most preceding BP are known and referenced by national orgs, but … • Some BP need particular emphasis – MAAWG Recommendation on port 25 mgnt – MAAWG Code of Conduct for ISPs • Global references are also needed – MAAWG-BIAC BP for ISPs, for OECD Toolkit – MAAWG-APWG BP on Anti-Phishing • Non-local guidelines on technology are needed – Implementation guidelines for SPF/SenderID, DKIM • Need spam metrics coming from ISPs • Interlocutor for international governmental orgs ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 7
  • Email metrics programme • OECD request for data from ISPs • Program covers ~400 million mailboxes • Spam not defined, only quot;abusivequot; email • Number of quot;abusivequot; vs quot;okquot; email per mailbox 4Q2005 1Q2006 2Q2006 1009 1041 937 246 263 327 • Ratio abusive email / total received email 4Q2005 1Q2006 2Q2006 81% 80% 74% • BUT: warning of a spam increase since last report ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 8
  • Latest output • MAAWG Best Practices for senders – Underlying principles • Recipient prior consent • Protection of receiving infrastructure – Public review: deadline for comments 22 December 2006 • http://www.maawg.org/about/MAAWG_Senders_BCP • MAAWG Contact Database for members – Real time communication between ISPs • React to complaints from your neighbour – Tailored to each ISP's internal organisation • Data sharing on spam/virus attacks, compromised IPs, company legal contacts, etc – MAAWG gateway acting as trusted third party • No visible personal identification information ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 9
  • Legislation problems, one example • Nov. 06: German ct rules ISP must delete IP logs – Piracy vs privacy battle – Nothing to do with spam, but… – Cost/benefit ratio overlooked – Side-effects clearly neglected: attributability of spam or cybercrime (worse) impossible ! Focus on anti-spam legislation is not enough Also need to worry about whole Internet legislation ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 10
  • Other concerns • Whois database, ICANN – Do not sacrifice Whois purpose to commercial interests ! • More troublesome court cases – Spammer vs Spamhaus (US federal ct) • Etc. ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 11
  • Cooperation (ITU-D) • Experience in anti-spam is valuable (and we must share it), but it reflects a fundamentally flawed environment: Don't repeat mistakes of the past ! • Worry about security when defining broadband policy, not after – Beware of ultra-wide bb: could mean ultra-wide abuse ! • Mechanisms for cooperation on cyber-security and combating spam could include: – Scholarships for postmasters and abuse managers – Experts sent to localised training seminars ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 12
  • In conclusion… • Too early to conclude ! • Spam unfortunately far from being extinct • On vectors other than email, it is still to come www . maawg . org • Thank you ! info @ maawg . org luc . mathan @ orange-ftgroup . fr • MAAWG 9th general meeting Jan 29-31, San Francisco, USA ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 13
  • MAAWG member roster as of Nov. 2006 • SPONSOR MEMBERS • America Online • Bell Canada • FULL MEMBERS • BellSouth • 1&1 Internet AG • SUPPORTING MEMBERS • AcquireWeb, Inc.; Adknowledge, Inc. • AT&T • Charter Communications Aladdin Knowledge Systems ; Alt-N • Bizanga LTD • Cloudmark, Inc. Technologies, Ltd ; BigHip ; CheetahMail, An Experian Company ; Cincinnati Bell ; • Cablevision • Cingular Wireless Commtouch Software LTD ; Constant • Internet Initiative Japan Contact ; Critical Path, Inc. ; Datran Media • Comcast (IIJ) ; e-Dialog ; EastLink ; eleven GmbH ; • Cox Communications EmailLabs ; ECO ; Epsilon Interactive ; • Ironport Systems ExactTarget, Inc ; F-Secure Corporation ; • MX Logic • Earthlink Habeas Inc. ; Insender Technologies Inc. ; • O2 Lashback, LLC ; Mansell Group, Inc. ; • France Telecom Message Level, LLC ; Message Systems ; • Outblaze LTD • Goodmail Systems Messagelabs ; Messaging Architects ; • Return Path, Inc. Mirapoint Inc. ; MTS Allstream Inc. ; • Microsoft Corporation Netsuite, Inc. ; Nextel Communications ; • Rogers Cable NTL Group Ltd ; Perftech, Inc. ; Pivotal • Openwave Systems • Sprint Veracity ; Premiere Global Services ; • Time Warner Cable Responsys, Inc. ; RPost ; Salesforce.com • Sun Microsystems, Inc. ; Sendmail, Inc. ; Singlefin ; SMobile • Verizon Communications • Symantec Systems ; Sophos Plc ; StrongMail Systems, Inc. ; Swisscom Fixnet LTD ; • Telus • Yahoo! Inc. TDC ; TDS Telecom ; ThinData ; Trend Micro, Inc. ; Tucows Inc. ; Verisign Inc. ; VistaPrint : Word To The Wise ; Yesmail ; ZDirect, Inc. ITU Telecom World 06 – HK, 8 Dec. 2006 MAAWG slide 14