China Anti-Spam Workshop

April 2004

Trip Report by
Richard Cox and Dave Crocker

 

In late April, Internet Society of China held a series of anti-spam workshops in Beijing and Xi'an (central China). They were put together quickly, after this year's Apricot/APCauce meeting in Kuala Lumpur.

We (Richard Cox and Dave Crocker) would particularly like to applaud Internet Society of China for taking this initiative. The topic is timely and serious, to the level of extreme urgency. We believe the workshop and follow-on discussions will have a strategic benefit in inter-ISP relations involving China.

[Internet Society of China (ISC) is not part of the global Internet Society based in Reston VA, USA. The latter tends more towards educational activities. The former seems to be more of an industry trade association, including substantial liaison work with the government. An example of this more "applied" goal is that ISC has significant full-time staff, including locations outside Beijing.]

This workshop was important in at least two ways. The first is the usual potential of improving dialogue with the larger Internet community. The second is that the rest of the Internet provider community tends to class China as a major source of (relayed) spam, and significant portions of Chinese IP address space are consequently blocked. Finding a way to eliminate the causes of this blockage is necessary.

We (Dave Crocker and Richard Cox) were invited by Internet Society of China to give keynote addresses and then to participate in discussion sessions, covering a good array of spam-fighting issues, including law, operations/administration, and technology. Nearly all other speakers were Chinese, and were from government, service providers and product companies. The law and administration sessions were conducted as panels, with comments traded among participants and some questions taken from the audience. The technical sessions were started with additional, brief presentations by us and then had individual presentations by sponsors. Some of these were quite technically interesting and, of course, others were dominated by a marketing slant.

Richard and Dave made a pretty good team, if we do say so ourselves. Dave emphasized the social and global nature of spam and the overall complexity of the email service, hitting an oddly positive note that spammers are our common enemy. Then Richard delivered the operations punch. He gave a detailed explanation of the reason that, currently, there is no choice other than to block some addresses in China. He further explained why the only way for this to change requires that the relevant Chinese ISPs take appropriate action. Lastly he explained why the current style of spam-sending makes it technically and operationally difficult for action to be effective.

(Dave thinks that Richard's explanation of the current sophistication of the multi-component, large-scale spam-sending system "engine" -- spammer, spam control hosts, spam sending hosts -- involving many thousands of compromised systems, was particularly compelling. Dave also liked appearing to be the good guy, for once, though he is a bit unhappy that Richard managed to deliver the negatives in such a polite and constructive fashion...)

In general, the Chinese have been considering spam in terms of the original, 1-spammer/1-host model. So it is not surprising that even the proactive Chinese ISPs would expect that turning off a single, bad SMTP client would be sufficient. However in a world of massive spam relay host farms, turning off one host simply is not a significant step. Finding the person controlling the ballet of spam-sending is what is needed and it is on a par with finding someone who sends a virus. In fact it is often identical, because that is exactly what these guys are now doing.

In our opinion, the discussion panels sounded like similar panels anywhere else in the Internet community. There was remarkably little commentary that was distinctly "Chinese". People expressed widely diverse views. Some people were very sensitive to the social and technical complexities of the problem and others viewed it all as rather simple. Some people seemed insensitive to the civil rights and free speech issues and others were quick to raise them and to use terminology and perspectives that would be entirely comfortable and applicable in the US, UK and elsewhere.

There was, understandably, a Chinese focus on the IP Address blocking and a bit of concern about elitism elsewhere on the Internet -- that is, a concern about condescending attitudes towards the Chinese. The blockage was discussed by us as a very reluctant but very necessary step. We made clear that there is a very strong desire to, instead, have more Chinese ISPs work with other Internet providers in common cause. We expect the elitism concern to go away as folks work together. By the end of these sessions, a focus on pursuing continuing, pan-Internet efforts against the common foe -- the spammers -- became something of a mantra, among all of us.

Over the following days we had a number of interviews, including some online voice and chat sessions. We were told that the online ones were reaching tens of millions of Chinese Internet users. We also met with China Netcom and China Mobile. Both are relatively new telecommunications companies. A few years ago, China Netcom took over the services in the northern 1/3 of China's 31 provinces that had been part of the state-owned monopoly, China Telecom (CT). Both meetings were excellent. They had broad participation, including senior management, and we conducted extensive discussions. They explained their current anti-spam efforts and seemed to appreciate hearing more about the new methods used by spammers and others by anti-spammers.

We took note that China Telecom was not on the list of proposed meetings that had been arranged. Also, we had been advised that much of CT's non-responsiveness to the problem of spam was because the Chinese government had not directed them to do otherwise. Like most of us, they are responsive to their superiors.

After our discussions with the first two companies, we asked our ISC hosts to see whether we could meet with CT. We also asked to meet with a Director of the Ministry of Information who had been on the workshop's legal panel. She was clearly interested and well-informed about the problem of spam. Her Ministry is seeking legal strictures to control it. She even stated that her own preference would be to have the law require opt-in, rather than opt-out. (Note that this was her personal preference. She was not stating a formal, government position.)

Within a few hours of our making the request, the meetings were set for the next day. We cite the time frame because that kind of very quick response struck both of us as being pretty significant.

We had one hour with the Director. It was intense and we felt it was quite productive. Indeed she really does have a good understanding of the issues and quickly grasped the nature of the way the machinery of spam-sending has changed. We had what is typically described as a "full and frank" discussion about China Telecom, not as a complaint but as a need for getting change in their priorities about spam. She promised to pursue that.

She dispelled one significant concern, namely whether Chinese ISPs are legally constrained from disconnecting their customers. She said that the "Universal Service" requirements for Chinese local-loop operators do not extend to TCP/IP connectivity. She made clear to us that Chinese ISPs are permitted to disconnect customers who breach their terms of service ("AUP") provided the AUP is written into the service contract.

There are strictures against violating a customer's privacy. However, those strictures would not be allowed to obstruct investigations into Internet-based criminal activity such as machine hacking, pornography, illegal drug sales, and the like. She assured us that Chinese Law Enforcement would work with their counterparts elsewhere in the world, to track down offenders and provide evidence to enable prosecutions.

The meeting with China Telecom was striking in its contrast to our sessions at the other telecom companies. Only one junior staffer was present. He appears to be their entire anti-spam effort and it is part-time for him. We'll skip the details. He put on a good representation of the company's position and readily acknowledged that China Telecom's present policy is not to terminate web sites used in connection with spam, because sending spam is not currently in violation of Chinese law. We reviewed with him the points that we had learned from our discussions, why they made CT's position the wrong one to take, and why it guaranteed that CT would continue to be blocked. We also fully assured him that we viewed the problem as being with senior management and not with him. As we were leaving, one senior staffer came in to shake hands with us.

Internet Society of China went far beyond the usual array of excellent hospitality invited participants might expect of a host. They very generously introduced us to parts of the industry and the cultural heritage of China, including a tour of Beijing and Xi'an. The latter is mostly known for the terra cotta solders created by China's first emperor, but Xi'an is in fact the cradle of Chinese civilization. Since this is not a tour guide, we will spare you all from our amateur efforts to describe how wonderful it all was.

Still, some comments are warranted, as they relate to a strong, repeated impression that we both had: We now believe it is better to think of China as having the diversity and tone of a Europe, rather than of the monolithic, strictly-controlled bureaucracy many of us grew up hearing about. Beijing, Xi'an and Shanghai are busy and noisy, with lots of construction and lots of cars, motorcycles and bicycles, as well as a few horse-drawn and hand-drawn carts.

Most people are dressed according to global fashions. We had dinner in a KFC and nothing about its customers or service (or food) would have indicated that we were located outside North America or Europe. In other words, we came away with a view that businesses in China can be as entrepreneurial as anywhere else in the world, that Chinese people have considerable job opportunities and that Chinese people interact much as do others in the world, notably including spontaneity and fun.

Xi'an also was the site of a 2-hour meeting for us, with more than 100 local telecom workers from various companies. We repeated our presentations, but suitably altered them to reflect our (hopefully) improved knowledge of Chinese Internet issues. Attendees seemed more technical, perhaps best indicated by the question asking for discussion on the role of content hashing techniques to detect spam.

To build on this initiative from China, we now all have a lot of work to do -- certainly far more than any of us had originally expected.

ISC plans to continue to take the lead for a combined Chinese initiative against spam. Their next efforts will include forming a Chinese anti-spam group, to focus the country's efforts. An initial deliverable they plan is a web page to assist non-Chinese ISPs in dealing with Chinese-related spam issues. (Separately, Spamhaus has created a website to help Chinese admins understand the tactics used by western spammers.) ISC also plans to create a mailing list for use by Chinese ISPs and assorted Internet anti-spam experts, to continue the information exchange and problem-solving collaboration begun with the workshops.

Considerable patience, tolerance and effort will be needed to realize the full potential from these new relationships.

The good news is that the effort looks to be very much worth expending.