The FTC, the Department of Commerce and the Department of Homeland Security are collaborating with officials from 25 other countries to educate Internet service providers about measures they can take to stem the flow of spam sent across their networks from zombie computers. The campaign will include the sending of letters to 3,000 ISPs urging them to implement such measures as blocking inappropriate uses of port 25 when possible; applying rate-limiting controls for e-mail relays; identifying computers that are sending atypical amounts of e-mail and take steps to determine if the computer is acting as a spam zombie. More extreme measures include quarantining the affected computer until the source of the problem is removed and providing information for consumers on how to keep their home computers secure as well as providing easy-to-use tools to remove the software that turns the consumer's computer into a zombie.
The next phase of the operation will be to identify likely spam zombies around the world as well as the providers that operate the networks that are hosting them. The partners will then notify these providers of the problem and urge them to implement corrective measures.
"Computers around the globe have been hijacked to send unwanted e-mail," said Lydia Parnes, Director of the FTC's Bureau of Consumer Protection. "With our international partners, we're urging Internet Service Providers worldwide to step up their efforts to protect computer users from costly, annoying, and intrusive spam 'zombies.'"
A Web page created for the project includes a summary of the project and will include update on Operation Spam Zombie as it progresses.
"The FTC is to be commended for its leadership role in spurring action to stop outbound e-mail abuse," said Scott Chasin, chief technology officer, MX Logic Inc. "In addition to public policy and industry cooperation, a comprehensive solution to the abuse of outbound e-mail will require robust technology that gives service providers insight into the behavior of individual senders, without compromising user privacy," Chasin said.
Operation Spam Zombie follows "Operation Secure Your Server," an educational effort to let individuals and organizations know that spammers can abuse their mail or proxy servers, conducted in 2004 and a campaign against "open relays" conducted in 2003.
"The abuse of Internet e-mail by spammers and others has levied a heavy cost on ISPs and e-mail end users and has had the overall effect of degrading e-mail as a communications medium," Chasin said. "So far this year alone, millions of e-mail users have been unknowingly blacklisted, often through no fault of their own."
For example, over 900,000 customers of British-based service provider Telewest were blacklisted earlier this month by the Spam Prevention Early Warning System (SPEWS), largely as a result of the customers' PCs being unwittingly hijacked and turned into spam zombies.
"In this new world of e-mail authentication protocols like Sender ID and Sender Policy Framework (SPF), an ISP's reputation determines whether or not a subscriber's e-mail will make it to the recipient or end up in the spam bit-bucket," Chasin said. "At the end of the day, it is ISPs and e-mail end users who suffer the most from the rogue behavior of a few bad actors."
