Monday, August 09, 2004
Taking A Few Days Off
Since it wouldn't be fair to leave without just a minor rant, I've analyzed the last month's spam, and the following parametric statistics may be of amusement:
- I receive an average of 5 spams daily
- The most I've gotten on any given day is 11
- The ISP who hosts the most spamvertised domains by far is Hanaro (about 42% of my spam hawks something hosted by these guys)
- The next two ISPs on the roll of dishonor are Chinanet and BrasilTelecom, each of whom host about 16% of the bad guys
- Moving a little lower on the food chain, Hinet and Epnetworks each host about 9% of the spammer sites.
- The rest of the spam hosters are onesie-twosies, and are in the noise level statistically.
- The sources of the spam are all over the map, but an observable pattern is evident in about 20-25% that are sourced by boxes in Hanaro, Hinet and Chinanet's address spaces.
See the pattern here? The bad guys are hosted by ISPs in countries that simply do not care about intellectual property rights. Spamhaus has 75 Hanaro hosted domains listed in its real-time blacklist. Chinanet has so many subdomains listed on Spamhaus it'll take way too much time to total them up.
I think it's time to request my ISP to block ASNs 9318, 4134 and 4813 at least. That's the nice thing about BGP. So much easier to implement policy at the macro level....
I should be back on Friday or Saturday with more trenchant commentary. Have a great week!