China Internet Security Analysis And Anti-spam Measures Ⅱ

1. Managing according to law
The Ministry of Information Industry issued "Internet Email Service Regulations" on February 21, 2006, which went in force on March 30, 2006. On August 16, 2006, a company in Shenzhen which had sent spam emails to netizens was the first to be punished by the Guangdong Communications Bureau. The company was requested to stop sending spam emails and fined 5,000 yuan.

2. Promoting self-discipline in the industry
In 2003, two documents on standards were promulgated by the Internet Society of China with support from people in the Internet industry, namely the "ISC Email Service Regulations" and "ISC Anti-spam Regulations". The principle of "information sharing and concerted action" was agreed upon, and the methods of blacklisting, reformation within the deadline and joint boycott were adopted.

Entrusted by the Ministry of Information Industry, ISC established an anti-spam center on February 21, 2006, which has so far received about 340,000 spam reports.

3. Establishing an anti-spam technical guarantee platform with joint investment
ISC has established an anti-spam technical guarantee platform which has been functioning successfully. It also provides RBL Service on DNS. The RBL's queries number 300,000 a day or 4 in each second, and the ratio of access is 65.97 percent. Altogether 12 ISP/ESPs have been included in the white-list on the platform, including Sina, Netease and 263, and the number of their email users accounts for 82 percent of the total registered email users in China.

4. Conducting foundational surveys and technical studies
ISC began to conduct continued and systematic surveys of spam in China from the end of 2003. Up to now, it has carried out eleven nationwide anti-spam surveys, collecting almost 400,000 questionnaires.

In addition, together with NET263 Co., Ltd and Jiaotong University of Shanghai, ISC has undertaken the project of "Research & Realization of Multi-Feature Anti-Spam System and Standards," a part under the 863 Program (National Hi-tech Research & Development Program). Moreover, ISC has submitted the "Draft Recommendation: Technical Framework for Countering Email Spam (X.fcs)" to ITU-T SG17 together with the Telecommunication Academy of the Ministry of Information Industry, which has been initially accepted. ISC has worked out a 30,000-word research report on the dynamic IP address situation of China. Right now, in cooperation with Jiaotong University of Shanghai and other technology research organizations, ISC is studying email stamp technology which can be used to identify the origin of emails.

5. Educating people on anti-spam
On February 28, 2006, the Ministry of Information Industry, the State Administration for Industry and Commerce and the Internet Society of China jointly launched the "Internet Sweeping Day for 2006" with the theme of "Sweep Internet Spam and Protect Consumers' Rights" in Beijing. Xi Guohua, vice minister of the Ministry of Information Industry, Wang Dongfeng, vice minister of the State Administration for Industry and Commerce, and Gao Xinmin, executive vice president of ISC, as well as leaders of Internet businesses and netizen representatives smashed a hammer on an ice sculpture symbolizing email spam into pieces, in an effort to demonstrate their resolve of getting rid of email spam, maintaining a healthy environment on the Internet and safeguarding the lawful rights and interests of consumers.

ISC also organized a conference to publicize the "Internet Email Service Regulations," distributed a million copies of anti-spam brochures, collected signatures from 200,000 volunteers to resist email spam, arranged training and educating programs in 30 provinces, recruited 20,000 volunteers for anti-spam work, and organized training sessions for 1,000 email server administrators in China.

6. Enhancing international cooperation and exploring new anti-spam channels
Based on self-discipline within the industry, efforts have been made to establish international cooperation, build up trust, draw up standards, solve the question of blacklists, and explore multi-lateral and global anti-spam cooperation. ISC has not only established relations with ITU, OECD, APCAUSE, and other international organizations, but also reached agreements on anti-spam memorandums with eBay, Microsoft, AOL, Yahoo and the Internet Society of Australia. It also signed the "Seoul-Melbourne Multilateral Cooperation Agreement of Anti-spam" with ACA and KISA. ISC maintains a long-term relationship of cooperation with KISA, regularly exchanging information and data.

ISC has carried out a thorough study on how to cooperate on anti-spam internationally. On July 12, 2006, KISA reported to ISC that some IPs from China often changed domain names and spread malicious codes by spam. ISC quickly checked them out, gathered witness evidence and had the spread of spam stopped.

In August 2006, ACMA reported that they had received a large quantity of spam sent from Chinese IPs. We looked up at more than 10 IP addresses that sent out spam around August 16, which also included business advertisements, drug selling, and gambling. ISC immediately contacted the IP-affiliated network companies and found the problem was caused by virus and open-relay. ISC helped the IPs owners to recover control of their servers and solve the problem.

In September 2006, the Internet Law Group from the USA asked for help in investigating a problematic IP under their attention. ISC responded actively and offered a quick feedback. Through these cooperative actions, more information on dealing email spam became available, and at the same time, China has made positive contribution to the international anti-spam effort, wining good reputation internationally.

Although China has done a great deal of work in regard to Internet security and anti-spam, and has achieved initial success, we clearly aware that various kinds of unsolicited electronic messages and many Internet problems are still interrupting netizens' lives and the order of the network. There is still a long way to go. We shall work harder, closely cooperate with international organizations and contribute more to the sound development of the global Internet.