On 2 February 2004 the ACCC and 36 agencies in 26 countries announced ‘Operation secure your server’, an international effort to reduce the flow of unsolicited commercial email (spam) by urging organisations to close open relays proxies. As part of the initiative, the participating agencies have identified owners or operators of potentially open relay or proxy servers around the world and are sending letters urging them to protect themselves from becoming unwitting sources of spam.
The Australian Communications Authority (ACA), the government body charged with implementing Australia’s anti-spam legislation from 11 April 2004, is also taking part in the project. The Spam Act 2003 prohibits spam that have an Australian link and can fine companies A$110 000 with court imposed penalties of up to A$1.1 million per day.
Open relays and proxies are servers that allow any computer in the world to ‘bounce’ or route email through servers of other organisations, thereby disguising the real origin of the email. Spammers often abuse these servers to flood the internet with unwanted email. Their abuses not only overload servers, but could also damage the reputation of an unwitting business if it appears that the business sent the spam.
‘Operation secure your server’ provides businesses with simple, inexpensive ways to protect their computer systems from misuse. The ACCC suggests that businesses consider these questions to find out whether their proxy servers are vulnerable:
Does your proxy allow connections from questionable networks such as the internet?
Are you using the most current version of your proxy software and hardware?
Have you applied the latest patches or upgrades available?
Are you using proper access controls for your server?
Is someone regularly checking for unauthorized uses of your proxy server?
Do you have and monitor an "abuse@" email account where people can report abuses of your proxy server?
International cooperation is going to play an important role in the war on spam. Government cannot solve the spam problem on its own; everyone with an internet connection must do their bit to solve this problem.
A web page containing information for businesses on protection against becoming unwitting distributors of spam is available at www.ftc.gov/secureyourserver. The site contains a map of world regions affected by open relay and proxy issues, business education and links to other resources.
International cooperation through the International Consumer Protection and Enforcement Network (ICPEN) or other appropriate mechanisms such as this project are essential to combat spam.
Too good to be true?
On 10 and 12 February 2004 members of the International Consumer Protection and Enforcement Network (ICPEN) participated in the 6th annual international internet sweep day.
ICPEN is a network of consumer protection authorities from 31 countries, including Australia, Canada, Germany, NZ, UK and the US which cooperate to prevent and redress deceptive marketing practices with an international component.
The sweep is an annual event which is coordinated by the ACCC. This year 76 agencies from 24 countries searched the internet for websites which make claims that are ‘too good to be true’ such as get-rich-quick schemes and work-at-home schemes which grossly exaggerate earnings potential and ‘free’ offers. The lure of quick, easy money and opportunities to work from home entice vulnerable consumers into such schemes. Common pitfalls include start-up fees, added costs and grossly exaggerated earning potential, often resulting in thousands of dollars lost after being poured into internet scams.
Globally, a record 1847 suspicious sites were flagged by sweepers. Participating agencies are now acting on results in a number of ways, such as educating traders about compliance, advising consumers on how to avoid being duped by such sites, sending warnings to traders, seeking settlements and taking enforcement action.
