[Afrispam-wg] paperwork

SM sm at resistor.net
Sat May 3 17:54:02 SAST 2008 

Hi Jean Robert,
At 05:08 03-05-2008, Jean Robert HOUNTOMEY wrote:
>Around July 2007 while blocking a customer network source of spam, 
>the whole network 196.207.0.0/16 was blacklisted at UCEPROTECT Level 
>3 and this consists of different entities on different geographical 
>locations managing & administering smaller subnets on this range.

That netblock was initially delegated through RIPE and might be seen 
as belonging to an organization instead of a registered and may be 
listed.  Some operators unfortunately tend to block entire 
regions.  Australia faced that problem some time back because of the 
region in which it is located.  Nowadays, it's not as common to block 
APNIC as there's a significant amount of mail exchange between that 
region ARIN, RIPE and that region.

>I.2. Challenges for African Network operators
>-----------------------------------------------
>
>African networks operators are facing several challenges due to spam.

>- Some filtering tools on the net are not usable because they don't 
>take in consideration the size of AfriNic network blocks. The recent 
>issue with UCEPROTECT summarizes the problems a lot of African 
>Network operators are facing using tools from outside.

Some filtering tools may not take into account AfriNIC as they look 
for the responsible organization for a netblock.

>- Service degradation while having their gateways, networks blacklisted.

Once a network is blacklisted, it is more costly to be it 
unlisted.  Africa has a low broadband penetration and that works to 
its advantage as there's not that much spam coming from the region as 
a whole compared to some countries in the APNIC region.

>- While there is a lack of registration, service providers in Africa 
>don't have any support from any entity where to send complaints or 
>to find help in a collaborative environment.

I suggest looking at the problem from the another angle.  It's not 
African ISPs that should have the support to send complaints; it's 
the rest of the world which should be able to do that as you want 
them to accept your messages.

>- When their provider is blacklisted their work is blocked in 
>countries where sometimes you have only one or few ISP

That's one of the challenges of Africa as blocking one ISP can 
sometimes result in an entire country being blocked.

>III- Recommendations.
>------------------------
>
>1- an action needs to be made to RBL operators and operators of 
>spams fighting tools in the world to make them aware of the size of 
>the AfriNic Block in they want to reach and provide service to a lt 
>of users. Africa is becoming a big place of business and is full of 
>a lot of resources.

Why would the RBL operators care?  If you want the RBL operators to 
take notice, you should take proactive steps in combating spam 
originating from your network.  It may prove difficult to get the 
entire region to agree.  However, if there's a sizable community 
agreeing on the measures to curtail abuse and enforcing them, it will 
be to the advantage of the region as a whole.

>2- ISP and Network operators need to document correctly their 
>network and to publish, document correctly their information in the 
>AfriNic Database

Agreed.

As an example, seeing the following results doesn't inspire confidence:

   remarks:      *******************************
   remarks:      This object is only an example!
   remarks:      *******************************
   source:       AFRINIC # Filtered

>III.2. Putting in place technical solutions - We are talking here 
>about operational and technical issues. Several things need to be done:
>-----------------------------------------
>- Defining BCP for network operators, ISP and users

It's easier if the focus was on network operators as they are viewed 
as the responsible party for their network.

>- Distribution of anti-spam tools for end user

That will only reduce inbound spam and doesn't address the problem 
mentioned in "Context".

>- Reinforce awareness and capacity building by
>- Training of ISP personnel in security and spam handling - ISP 
>personnel in developing countries are, quite often, comparatively 
>less skilled, not because of an actual lack of knowledge, but 
>because they may not be as well trained in issues specific to 
>practical systems and network administration, and tend not to remain 
>abreast of current trends in their field of work, such as by 
>participation in mailing lists, newsgroups and online discussion 
>forums on these subjects.

There's an Abuse department usually to handle such issues.

Your goals are laudable.  However, some of them may require 
significant time and effort.  You can create a momentum by building a 
community to fight the problem.  Once the changes are visible, the 
rest of the world will take note.

Regards,
-sm

More information about the Afrispam-wg mailing list