The U.S. Federal Trade Commission (FTC) and 35 government partners from more than 20 countries are targeting illegal spammers who take remote control of unwitting users’ computers to serve as spam transmission zombies. By hijacking home and business computers, spam can be routed through them, thereby hiding the true source of the spam and making the enforcement of antispam laws more difficult.
According to the FTC website, Operation Spam Zombies was announced yesterday as an international campaign to educate Internet Service Providers and other Internet connectivity providers about hijacked, or zombie computers that spammers use to flood in-boxes here and abroad. Twenty members of the London Action Plan, an international network combating spam, and 16 additional government agencies who will participate in Operation Spam Zombies will send letters to more than 3,000 ISPs around the world, urging them to employ protective measures to prevent their customers’ computers from being hijacked by spammers. The measures include:
1. block port 25 except for the outbound SMTP requirements of authenticated users of mail servers designed for client traffic. Explore implementing Authenticated SMTP on port 587 for clients who must operate outgoing mail servers.
2. apply rate-limiting controls for email relays.
3. identify computers that are sending atypical amounts of email, and take steps to determine if the computer is acting as a spam zombie. When necessary, quarantine the affected computer until the source of the problem is removed.
4. give your customers plain-language advice on how to prevent their computers from being infected by worms, Trojans, or other malware that turn PCs into spam zombies, and provide the appropriate tools and assistance.
5. provide, or point your customers to, easy-to-use tools to remove zombie code if their computers have been infected, and provide the appropriate assistance.
These are good first steps for security-aware ISPs to take in throttling the transmission of spam.
Call for Comments
What do you think? Leave your comments below.