HITBSecConf2017 Amsterdam (April 10th - 14th)
Register Online Now!
How China stopped spam and malware distribution on its domains
I stopped following the spam problem in detail a while ago, but assumed that China was a major source of the stuff. It just sort of seems like it would be, but it turns out this is no longer the case.
In most countries it's cheap and easy to register a domain name. Not in China where the government makes you run things past them. A side-effect was to kill off spamming from Chinese domains. It all began with a directive from CNNIC (China Internet Network Information Center), which administers the .CN domain:
- Domain name applicants need to submit the formal paper based application material when making the online application to the registrar. The application material includes the original application form with business seal, company business license (photocopy), and registrant ID (photocopy).
- Registrar should carefully review the application material. When application is deemed qualified, registrar need to submit the application material via fax or E-mail to CNNIC, and withhold the original application material.
Spammers need for domain acquisition to be cheap and fast, as they will lose them frequently. These procedures make it uneconomical for spammers to use Chinese domains for their links.