Internet Industry Code on Spam, Australia

Published Tue, 2006-03-28 17:47

A Code of practice for internet service providers and email service providers on countering spam.

The new code, Internet Industry Spam Code Of Practice - A Code For Internet And Email Service Providers requires internet service providers and email service providers to provide spam filtering options to their subscribers. It also requires internet service providers and email service providers to give end-users information about how to deal with spam and to have in place a process for handling complaints from subscribers.

The code sets out how internet service providers and email service providers will address the sources of spam within their own networks, including actual spammers, misconfigured customer email servers and the virus-infected computers used to spread spam (known as ‘zombies’).

The code includes a range of suggested technical best practices for hardening the network against spam and related threats such as zombies. These are consistent with the technical best practices being promoted by global internet service provider and email service provider associations.

Industry codes represent one element of Australia’s multilayered strategy against spam, which includes legislation, technical counter-measures, education and awareness initiatives and international cooperation.

The Australian internet industry is already actively combating spam. For example, three-quarters of all internet service providers in Australia already voluntarily offer a spam filtering product to their customers as either a free or charged service (Australian Bureau of Statistics figures).

The code applies to all of the 689 active internet service providers in Australia, as well as those global email service providers such as Hotmail and Yahoo providing services in Australia. The code obligations will come into force on 16 July 2006.

The code requires internet service providers and email service providers:

*
* to provide spam filtering options to their subscribers. to tell their subscribers what default filtering of the subscriber’s email the internet service provider or email service provider does at its own servers.
* to advise their subscribers how to deal with, and report, spam.
* to ensure their Acceptable Use Policies prohibit the use of their networks for spamming; and to inform their subscribers to that effect.
* to comply with all lawful requests of law enforcement and regulatory agencies investigating spam activity.

The code requires internet service providers:

*
* not to have open relay or open proxy servers, and to impose the same obligations on their subscribers through their Acceptable Use Policies. to retain the right in their Acceptable Use Policies to scan their own networks for subscribers’ misconfigured mail and proxy servers.
* to ensure their Acceptable Use Policies allow for the immediate termination of connections they host where the connection has become an open relay or open server, either due to intentional misconfiguration or to unintentional infection by a virus or other intrusion (ie. become a zombie).
* if notified that a subscriber’s account is spamming (eg. because the subscriber’s computer is a zombie), to take reasonable steps to warn the subscriber and offer suggestions on how to correct the problem. The internet service provider may immediately terminate the connection if the problem is serious or continuing.
* internet service providers using dynamic IP address allocation to use all reasonable efforts to retain records of subscriber allocation for at least seven days.

The code promotes the following as best practice technical measures:

An internet service provider or email service provider

*
* should publish SPF records for each domain administered by it. shall comply with all APNIC requirements for keeping WHOIS data updated, including ensuring that their own internet service provider customers do the same.

In addition, an internet service provider should:

*
* impose reasonable limits on the rate at which subscribers can send email. allow subscribers to authenticate to their mail servers using SMTP AUTH. Subscribers wishing to send email through the internet service provider’s mail server, but who are not connecting through the internet service provider’s network, must be required to authenticate themselves using SMTP AUTH or an equivalent.
* not distribute customer premises equipment that is configured by default so as to allow remote administration across the internet.
* prevent automated registration of email accounts.
* provide reverse Domain Name System (DNS) entries for any server on an internet service provider’s network being used to send email, including those of the internet service provider’s subscribers.
* where technically and commercially viable, not permit computers at dynamically allocated IP addresses to connect directly via Port 25.

Post new comment

* Internet
* Software
* Linux
* Computers/Servers
* Memory
* RFID
* Video Cards
* NanoTechnology
* Mobile

* Space
* Military
* Energy
* Spam
* Corporate Finance
* Acquisitions and Mergers
* CPU
* Embedded
* Automotive Tech

10 Gigabit Ethernet Switch, Force10 S2410

At 300 nanoseconds, the Force10 S2410 delivers the industry’s lowest Ethernet switching latency

Setting a new standard for 10 Gigabit Ethernet performance, switching latency and port price, the S2410 data center switch. Supporting 24 line-rate 10 Gigabit Ethernet ports and Infiniband-like switching latency of 300 nanoseconds in a compact form factor, the Force10 S2410 establishes the following three critical benchmarks:
The Dawn Mission

The Dawn mission, a robotic exploration of two major asteroids

The Dawn mission, a robotic exploration of two major asteroids. The mission, named because it was designed to study objects dating from the dawn of the solar system, would travel to Vesta and Ceres, two of the largest asteroids orbiting the sun between Mars and Jupiter. Dawn will use an electric ion propulsion system and orbit multiple objects.
Hybrid Neuroelectronic Devices, NACHIP

Hybrid neuroelectronic devices will be the basis for future information technology relying on the plasticity of networks formed by mammalian neurons in culture.

European researchers have created an interface between mammalian neurons and silicon chips. The development is a crucial first step in the development of advanced technologies that combine silicon circuits with a mammal’s nervous system.
A Holographic Drive with Half-Terabit Per Square Inch

Holographic Storage Successfully Demonstrated at 515 Gigabits Per Square Inch Data Density

InPhase Technologies has demonstrated the highest data density of any commercial technology by recording 515 gigabits of data per square inch. Holographic storage is a revolutionary departure from all existing recording methods because it takes advantage of volumetric efficiencies rather than only recording on the surface of the material. InPhase will deliver the industry’s first holographic drive and media later this year. The first generation drive has a capacity of 300 gigabytes on a single disk with a 20 megabyte per second transfer rate. The first product will be followed by a family ranging from 800GB to 1.6 terabyte (TB) capacity.
Nigerian Email Scam

Four Defendants Indicted In Nigerian ‘Advance-Fee’ Fraud Scam

Three of the defendants named in the 11-count indictment – two of whom were Nigerian citizens residing in the Netherlands – were arrested in Amsterdam by Dutch authorities on February 21, 2006, based on a criminal complaint filed in the United States. They are being held by the Dutch authorities pending extradition to the United States. The fourth defendant, also a Nigerian citizen, is a fugitive.