[Politech] First-hand report from Asia Pacific "Net abuse" conference [sp]

From: Declan McCullagh (declan@private)
Date: Thu Mar 04 2004 - 07:27:38 PST

  • Next message: Declan McCullagh: "[Politech] Northwest Airlines defends handing over passenger data to Feds [priv]"

    -------- Original Message --------
    Subject: Report on 4th APCAUCE asia pacific antispam conference
    Date: Thu, 04 Mar 2004 11:14:58 +0000
    From: suresh@private (Suresh Ramasubramanian)
    Organization: Outblaze Limited - http://www.outblaze.com
    To: declan@private, dave@private
    
    Declan and Dave
    
    I and other members of APCAUCE (http://www.apcauce.org / CAUCE Asia
    Pacific) recently helped organize an asia pacific regional antispam
    conference on 2/26, during APRICOT 2004 in Kuala Lumpur, with Dave
    Crocker kindly agreeing to be the keynote speaker.
    
    Please excuse any rough edges - this is just an eyewitness account
    that doubles as a post to IP / politech :)
    
    The photographs of this event are available at
    http://www.jameslick.com/apcauce4/
    
    ---
    
    APCAUCE Organizes Fourth Asia Pacific Conference on Net Abuse
    
    The fourth Asia Pacific Net Abuse conference was held on 2/26/2004 at
    the Palace of Golden Horses hotel, Kuala Lumpur, and attended by over 70
    delegates from ISPs, government regulatory authorities and internet
    associations from around the Asia Pacific region.
    
    The keynote address, a holistic overview of the spam situation, was
    delivered by Dave Crocker, a man who has, in a quiet and unassuming
    manner, been involved over the last thirty years in the development and
    implementation of some of the fundamental concepts of internet and email.
    
    This was followed by a panel discussion on the cause and effect of
    antispam blocklist listings.  Richard DG Cox of the SBL antispam
    blocklist (http://www.spamhaus.org) and Syahrul Sazli, a senior systems
    administrator at Jaring (http://www.jaring.my), one of Malaysia's
    largest ISPs, discussed this issue.  The panel was moderated by Suresh
    Ramasubramanian, manager of antispam operations at Outblaze
    (http://www.outblaze.com), which is a large mail hosting provider that
    uses several blocklists to filter spam from reaching its users.
    
    The panelists drew attention to the problems faced by asian ISPs, who
    are increasingly finding their mailservers and IP addresses blocked for
    spam because of an increasing trend of spam hosting.
    
    The reason for this trend is apparently that ISPs and hosting providers
    in some asian countries are becoming increasingly popular with spammers
    around the world, who are perpetually looking for ISPs from which they
    will not be terminated for spamming.  Quite a few asian providers are
    apparently fast becoming infested with spammer hosted websites and
    mailservers, either because of their lack of knowledge about spam, or
    because of slow reaction times on the part of the ISP's support and
    antispam staff.  Jaring had persistent problems with one such spammer,
    and faced the unappealing prospect of extensive listings in the
    
    This panel struck a chord with several ISPs in the audience, who
    peppered the panelists with several questions about listing / removal
    criteria of blocklists and their role in spam filtering.
    
    The panel was followed by a regional update session, where
    representatives from various asia pacific economies, associated with
    internet associations, governments, regulatory agencies / watchdog
    bodies et al gave short updates on the status of spam problems, and of
    antispam legislation in their respective regions.
    
    The speakers included -
    
    Shamsul Jafni Shafie - Malaysian Communications and Multimedia Commission
    
    Li Yu Xiao - Director of the Antispam Task Force, Internet Society of China
    
    David Harris - Counsellor, Internet New Zealand
    
    James Seng - InfoComm Development Authority, Singapore
    
    Andrew Maurer - National Office of the Information Economy (NOIE), Australia
    
    Arthur Shay - Shay and Partners, Taipei
    
    Jeonghye Choi - Internet Association of Korea
    
    The regional update session, which brings together people from around
    the asia pacific region, was first introduced in APCAUCE 2 at Taipei, in
    February 2003.  It has been quite successful in its aim of exposing
    people who are responsible for consulting on or implementing antispam
    legislation to their counterparts from other regions.
    
    This cross pollination of ideas has proved quite fruitful - Australia's
    NOIE signed a Memorandum of Understanding (MoU) with the Korean
    Information Security Agency (KISA) in October 2003, about a month after
    representatives from these two organizations met during the regional
    updates at APCAUCE 3,  Pusan.  This was announced in
    http://www.noie.gov.au/projects/confidence/Improving/Korea_MoU.htm and
    reported in The Register at
    http://www.theregister.co.uk/content/55/35353.html
    
    The final event of the day was a panel that discussed new antispam
    proposals that are being introduced today.  The panelists were Dave
    Crocker and David Harris, and the discussion was moderated by James
    Seng.  This panel was well received and provoked an animated discussion
    on the features, merits and demerits of these new proposals
    
    As this panel points out, the current proposals can be categorized into
    three broad headings -
    
    1. Sender Pays email schemes - such as the "e-stamp" project introduced
    by Daum, one of korea's largest ISPs, and Microsoft's recent penny black
    project.  David Harris' presentation summarizing these is at
    http://icauce.org/proceedings/David_Harris(panel).pdf
    
    note: A presentation on Daum's online stamp initiative, delivered during
    APCAUCE 3 (august 2003 at Pusan, Korea) is at
    http://www.apcauce.org/meetings/030825/proceedings/Jaewoong_Lee.pdf
    
    2. Spam Disincentive Schemes such as Yahoo's domain keys.  these were
    summarized by Dave Crocker.
    http://icauce.org/proceedings/Dave_Crocker(panel).pdf
    
    3. SPF / Sender Policy Framework (http://spf.pobox.com) - James Seng
    presented a slideshow on SPF, on Meng Weng Wong's behalf.  Meng is the
    originator of the SPF antispam proposal - a proposal that is being
    widely adopted by several ISPs including Outblaze (for mail.com) and
    AOL.  Meng regretfully expressed his inability to be present during the
    APCAUCE conference.  The SPF presentation can be found at
    http://spf.pobox.com/slides/apcauce2004/
    
    A list of the presentations made at APCAUCE 4 can be found at
    http://icauce.org/proceedings.htm
    
    The next APCAUCE event will be held on July 28-29 2004 at Kathmandu,
    Nepal, during a meeting of SANOG (http://www.sanog.org) - the South
    Asian Network Operators Group.
    
    regards
       --srs
    
    -- 
    srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
    manager, outblaze.com security and antispam operations
    
    note - I would strongly recommend the keynote address "Spam - Ready,
    Fire, Aim" by Dave Crocker -
    http://icauce.org/proceedings/Dave%20Crocker.pdf to your attention.
    
    Another excellent read, an excellent summary of the problems faced by
    asian isps and the possible role of legislative solutions in
    regulating spam, is in Arthur Shay's presentation ".TW Update: Why So
    Much Spam?  What is Being Done to Reduce it?":
    http://icauce.org/proceedings/Arthur_Shay.pdf
    
    
    ----- End forwarded message -----
    _______________________________________________
    Politech mailing list
    Archived at http://www.politechbot.com/
    Moderated by Declan McCullagh (http://www.mccullagh.org/)
    



    This archive was generated by hypermail 2b30 : Thu Mar 04 2004 - 07:10:44 PST