Home / Blogs

Actions Required by Developing Economies Against Spam

Suresh Ramasubramanian

My OECD paper on spam problems in developing economies is now linked from the OECD Anti-Spam Toolkit page, as part of section 8 of the Anti-Spam Toolkit (Outreach). This ZDNet article provides a reasonably good summary of my paper as well. I welcome comments and suggestions from CircleID readers.

Spam is a much more serious issue in developing countries as it is a heavy drain on resources that are scarcer and costlier in developing countries than elsewhere. This OECD paper outlines what developing economies can do to combat spam on their own, as well as various possible ways in which developed economies can contribute their expertise and resources to help developing economies fight spam. Here is an overview of these recommendations for developing economies against spam:

Putting in place technical solutions - The best possible solution that can be hoped for is that large amounts of spam that are sent to the ISP's users are rejected at the ISP's mail gateways and prevented from entering the ISP's network. ISPs that do even basic filtering of spam on their MXs (Mail Exchangers, servers that handle inbound e-mail traffic for a domain) will see a tremendous drop in spam that reaches their customers' mailboxes about 50% of the incoming spam can be filtered out using a very basic and easy to deploy set of filters.

Open Source software solutions - In developing economies there are several local and international initiatives that encourage the use of Free/Libre and Open Source Software (FLOSS) alternatives to expensive legal versions of non-free software.

Formation of CSIRTs and CERTs - Computer Security and Incident Response Teams (CSIRTs) or Computer Emergency Response Teams (CERTs), at the organisational, national and regional levels help organise an effective and efficient response to individual computer security incidents, widespread security vulnerabilities (such as the spread of a worm or virus) and incident co-ordination throughout the region.

Training of ISP personnel in security and spam handling - ISP personnel in developing countries are, quite often, comparatively less skilled, not because of an actual lack of knowledge, but because they may not be as well trained in issues specific to practical systems and network administration, and tend not to remain abreast of current trends in their field of work, such as by participation in mailing lists, newsgroups and online discussion forums on these subjects.

Anti-spam policy setting and enforcement for ISPs - ISPs must strive to discourage spammers from abusing their services to send out spam. Unfortunately, there is a strong perception among at least some ISPs that anti-spam policy enforcement teams are cost centres rather than profit centres, and that customers, even spammers, are valuable sources of revenue.

International co-operation, and the role of regional organizations - In the fight against spam as for other Internet issues, it is essential that we combine the relevant skills of various bodies to best effect, to maximize success.

International co-operation on an ISP to ISP level - ISPs in developing economies must integrate themselves further with their peers in other economies.

International co-operation at an industry and end-user level - Businesses must reach out to ISPs and ISP associations, associations of computer users, such as local PC user groups, as well as international organisations such as ISOC that have a worldwide presence and a focus on several ICT issues that are substantially congruent with other stakeholders in this issue.

Legislative and regulatory framework to deal with spam - Several countries have already called for the development of an international framework to fight spam. Some have even suggested the signature of a 'Global MoU' on spam, and possibly, in the future, something structured on the lines of the Berne Convention or the Geneva Convention. However, such instruments will take a very long time to put in place, and moreover would be rendered meaningless if not backed by a strong legislative and regulatory set of anti-spam measures at the national level, which would then allow international co-operation to be effective. Therefore, countries that have not done so yet must expedite the implementation of a comprehensive legislative and regulatory framework to deal with spam, as well as associated computer crime issues, such as hacking, forgery of e-mail headers or other information, etc.

User education - Massive and widespread public education and awareness campaigns, using simple and easy to understand material such as cartoon strips, posters and ads will be needed, preferably in the local language, as not many Internet users in developing economies are likely to be comfortable with English.

By Suresh Ramasubramanian, Antispam Operations

Related topics: Security, Spam

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


Re: Actions Required by Developing Economies Against Spam Suresh Ramasubramanian  –  May 29, 2005 8:49 PM PDT

Here's a direct link to the paper, in pdf format - http://www.oecd.org/dataoecd/5/47/34935342.pdf

Re: Actions Required by Developing Economies Against Spam Mathew Varghese  –  Nov 11, 2005 7:05 PM PDT

Stopping spam / virus / brute force hack attempts originating from specific IP blocks is very simple, if IP allocation agencies like ARIN, APNIC take the responsibility!

All that is needed is, when IP allocation agencies like ARIN / APNIC allocate IP blocks to ISP's they should collect a security deposit. Then provide a simple web form interface to report IP misuse - the form should contain a field for IP and to another to paste the header of spam e-mail originating from the IP or log of brute force attacks originating from the IP etc.

Abuse reports can be processed automatically with simple parse algorithms and the ISP is sent an automated e-mail to check the IP address being misused. This will enable the ISP to contact the offending IP user and ask them to secure the system and stop the spam / virus issue. If the ISP does not respond and the number of spam reports cross a set threshold then the ISP is fined $10 this is a fairly low amount and the ISP can possibly collect this amount from the offending IP user.

A small fine of even $10 will have a cascading effect, nobody like paying fines! Users will start demanding more secure software from vendors and will hire experienced system admins to secure computers connecting to the internet.

Within 18 months of implementation spam and virus spreading through the internet will become very rare occurrence, anyone listening?

Re: Actions Required by Developing Economies Against Spam Suresh Ramasubramanian  –  Nov 12, 2005 8:28 PM PDT

Damn. I wish it were that simple.

Start with finding an abuse reporting format that is machine parseable (http://www.mipassoc.org/arf/ is a start but its still useful only for provider to provider aggregation of reports and not for general use)

Then try to introduce RIR policy in this kind of situation.  The most that RIRs can (and generally will) do is to educate people and bring them together

But they dont have nearly as big a stick as you think they do.

Re: Actions Required by Developing Economies Against Spam Mathew Varghese  –  Nov 12, 2005 11:26 PM PDT


Registry services, like APNIC, ARIN and RIPE, assign entries into tables. They typically specify good practice for organizations assisting in the assignment process. However their scope is limited to the operation of the registries.


The above paragraph defines the problem.....

Origin of all IP address abuse (spam / virus / dos attacks) is because the IP allocation registries do not take the responsibility to ensure that IP address are not abused by the ISP's (and their customers) to whom the IP blocks are allocated.

The only possible solution to fix IP address abuse is for the IP registries to take the responsibility.

It is *simple* for the IP registries like APNIC, ARIN and RIPE to implement a abuse reporting system and enforce compliance from ISP's. All that is required is few servers to run the abuse reporting system and few staff < 10 per registry, to co-ordinate the effort with ISP's. The cost of implementing the system can be easily added to the cost of allocating IP address blocks. The total cost will work out to be < $1 per IP address per year.

Re: Actions Required by Developing Economies Against Spam Suresh Ramasubramanian  –  Nov 13, 2005 12:07 AM PDT

It is not as simple as you think it is.  However it is an interesting idea that you might want to take before arin / apnic at one of their meetings .. the best place to start with if you're in India, would be the apnic open policy meeting which will be held at the next apnic (perth, feb 2006).

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Promoted Post

Boston Ivy Gets Competitive With Its TLDs, Offers Registrars New Wholesale Pricing

With a mission to make its top-level domains available to the broadest market possible, Boston Ivy has permanently reduced its registration, renewal and transfer prices for .Broker, .Forex, .Markets and .Trading. more»

Industry Updates – Sponsored Posts

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Verisign Q3 2016 DDoS Trends Report: User Datagram Protocol (UDP) Flood Attacks Continue to Dominate

2016 U.S. Election: An Internet Forecast

Government Guidance for Email Authentication Has Arrived in USA and UK

ValiMail Raises $12M for Its Email Authentication Service

Don't Gamble With Your DNS

Defending Against Layer 7 DDoS Attacks

Understanding the Risks of the Dark Web

New TLD? Make Sure It's Secure

Verisign Releases Q2 2016 DDoS Trends Report - Layer 7 DDoS Attacks a Growing Trend

How Savvy DDoS Attackers Are Using DNSSEC Against Us

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

Verisign Named to the Online Trust Alliance's 2016 Honor Roll

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Is Your TLD Threat Mitigation Strategy up to Scratch?

i2Coalition to Host First Ever Smarter Internet Forum

Encrypting Inbound and Outbound Email Connections with PowerMTA

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

Verisign Releases Q4 2015 DDoS Trends - DDoS Attack Activity Increasing by 85% Year Over Year

Sponsored Topics