ISPs should do more to fight spam
7th September 2004 (The Star)
By STEVEN PATRICK

SERI KEMBANGAN: Internet service providers (ISPs) have to be more proactive in combating junk e-mail or spam, said National ICT Security and Emergency Response Centre (Niser) director Lt Col Husin Jazri.

Speaking at the E-Security Seminar 2004 Expo and Forum here last week, he said that ISPs should consider taking stern action against spammers, either by terminating their accounts, fining them or issuing warnings.

"Malaysians now receive an average of 18 spam messages per day," he said.

The Malaysian Communications and Multimedia Commission's (MCMC) Information Network Security Department senior executive Devi Annamalai agreed on the role ISPs can play.

"ISPs could eradicate spam through the gateway and block spammers from using the networks to spam," she said.

Jaring, the country's second largest ISP, recently announced antispam measures. It is putting up a filtering wall around its e-mail servers, according to its chief executive officer Dr Mohamed Awang Lah.

Work on installing the filters is expected to be completed by the end of this month.

Jaring is also making use of blocklists provided by renowned antispam crusaders Spamhaus Project (www.spamhaus.org) to filter spam.

The Spamhaus blocklist is used by ISPs worldwide to identify sources of spam, which they can then block.

Need for spam laws

Niser's Husin said that Malaysia should also consider introducing antispam laws.

However, MCMC's Information Network Security Department monitoring and enforcement division head Shamsul Jafni Shafie told In.Tech that he wasn't sure to what degree legislation on spam would be effective.

"America has legislated the CAN-SPAM Act and prosecuted a few people, but it hasn't stopped spammers," he said.

According to an AFN report, nearly half of 2,000 e-mail users questioned said they were receiving more unsolicited e-mail despite the CAN-SPAM Act, which went into effect in the United States in January.

"There is no silver bullet to address the issue. It should be a multipronged exercise," Husin told a panel at the E-Security event.

"Regulators, ISPs and users should work together to address the problem," he said.

Shamsul encouraged the public to lodge complaints about spam from both local and foreign sources at the MCMC's website (www.mcmc.gov.my).

"If we have enough complaints about US spammers, perhaps we can work with the US authorities on this problem," he said.

Husin said that spam posed a huge threat to national security, and was now a "global threat."

"Recently, hackers hijacked PCs at the US Defence Department and used them to send spam," he said, referring to an incident where hackers gained secret control of the computers by sending viruses and worms or by planting software code on relevant websites (www.usatoday.com/money/industries/technology/2004-08-30-cyber-crime_x.htm).

The E-Security Seminar 2004 Expo and Forum was part of Malaysia ICT Week 2004.