RIPE 35

RIPE Meeting: 35
Working Group: Anti Spam
Status: 1st Draft
Revision Number: 1

Amsterdam, 23 February 2000

Chair: Rodney Tillotson, UKERNA
Scribe: Gerry Berthauer, RIPE NCC


Agenda.

1. Administrivia
1.1 Introduction
1.2 Note taker
1.3 Agree agenda

2. Update
2.1 Recent list discussion
2.2 Open relay products
2.3 Other developements

3. Code of conduct
3.1 AUP's
3.2 Adoption of the link BCP
3.3 opt-IN and opt-OUT

Added: Abuse of lists
Added: Blacklists
Added: Filter services


4. Assistance to CERT's
4.1 Reading mail headers

5 AOB

Added: Next meeting agenda

1.1 Introduction

The chair added points to the agnenda
Gerry Berthauer of RIPE NCC volunteered for scribe.
Agenda agreed.

2. Update.

Open relay products.

The chair asks if there are products which do not default to non-relay
configuration.

Following products were mentioned:

Old Sendmail versions till 9.3
Microsoft Exchange till 5.5
Appleshare till 6.1/6.2
We have to live with people using old Sendmail versions. We have to 'beat up'
manufacturers to default to non-relay configuration.

New developments:

Q: Is spam different than 3 months ago?

A: Lot of spam coming from the far east (China, Hong Kong, Korea, Singapore.
This region has been 'discovered' for open-relaying. Most of the spam comes
from the US though.

A: Robot scanning/harvesting for addresses on websites (and mailing lists?)

A: Spam sent to postmaster@, abuse@, majordomo@ email addresses. For instance
offering to sell domain names to the highest bidder.

A: Clever spammers pick good subject lines and personalise email.

A: Political spam (Belgium last election campaign) Traceable spam so most
likely not intentional but what if this kind of election spam is not meant for
non Belgina citizens?


A: Increase of virus-related spam.

A: Increase of 'dummy spam'. A new generation of spammers who use the original
tools of early day spam).

A: Spammers hacking machines, installing port forwarders.

What can we do about this? There is a risk of ISP's being blacklisted because
of installing port forwarders.

Is there any product to keep an eye on wrt port forwarding?

Wingate (with SMTP turned on & used in Windows 98)
Filter services.

Approval from customers needed first, cannot filter email messages (containing
viruses) just like that.


Is it illegal to store log files and to use these log files to control
spamming?

Log files can be stored and used to prevent breaking down services (this is
backed by the British Telecommunication Act).

Log files can be stored for billing reasons.


3.2 Adoption of the link BCP



Is there a consensus for a code of conduct? Is there a consensus for a RIPE
document?

The chair asks the attendees to agree?

The attendees agree and there are no objections

We have an adequate consensus.


Keith's document (see URL above) will be adapted to the European region and
use UK annotation.

Author: Richard Clayton (?? Is this the right name?) of Demon.


Black lists.
Consequences of using these lists may be severe wrt blocking people, you get
listed if you do not cooperate.

However, people are encouraged to use MAPS.

Half of the audience uses MAPS.

RFC checks or syntax checks clashes with legitimate direct marketing?


Unfortunately we ran out of time so we had to skip:

OPT-IN and OPT-OUT

4. Assistance to CERT's
Added: Next meeting agenda


The chair will circulate documentation about how to run a mailing list
properly.


No AOB


Please mail comments/suggestions on: