Korea - rogue country: absolutely ignoring all complaints, hosting spammers, disabling contact addresses not to be bothered by complaints, legalizing spam (you put the "@" symbol in the Subject line and you are free to spam), open relays and proxies... Hopeless! Update: 31-Aug-2005: Korea Government agencies spam their own people many times, themselves. Blocked using the korea.blackholes.us database: http://blackholes.us/ (mirrored locally as korea.bl.dolphinwave.org). Update: Firewalled! Korea: Access denied! === First example of rogueness and spam-friendliness: Kornet === http://www.DolphinWave.org/spam/kornet.net.txt === First signs of the rogueness, people begin to block Korea === Path: uni-berlin.de!fu-berlin.de!cox.net!newsfeed1.earthlink.net!newsfeed2.earthlink.net!newsfeed.earthlink.net!newsfeed0.news.atl.earthlink.net!news.atl.earthlink.net!news.mindspring.net!not-for-mail From: Joel Rubin Newsgroups: news.admin.net-abuse.email Subject: Re: Korea Date: Sat, 15 Jun 2002 07:15:10 -0400 Organization: Entropic Lines: 68 Message-ID: References: NNTP-Posting-Host: 41.b2.09.c1 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Server-Date: 15 Jun 2002 11:15:31 GMT Xref: uni-berlin.de news.admin.net-abuse.email:1719066 On Fri, 14 Jun 2002 22:02:23 GMT, "will" wrote: > > Hi > Some bastige sold my addy to the whole fugging state of Korea and now I >get about 10 of these oriental adds every day. Does anyopne know how to >stop?These seem to be all random generated adds so the website doesnt give a >shit...Please reply email thanks Will > John Levine (IDG's Internet for Dummies books, abuse.net) has started an RBL-like DNS zone, korea.services.net. http://korea.services.net/ 211.55.181.179 is in Korea iff 179.181.55.211.korea.services.net resolves. (= 127.0.0.2) ping 179.181.55.211.korea.services.net Pinging 179.181.55.211.korea.services.net [127.0.0.2] with 32 bytes of data: ... http://korea.services.net/ [quote] The South Korea Blocking List Beginning in late 2001, we started receiving vast amounts of junk e-mail (better known as spam) from Korean networks. Some of it was in Korean, a language that nobody here understands, some was in English. Despite repeated attempts to contact system managers to alert them to the problem, we never received even a single acknowledgement. So, with regret, we have blocked mail from South Korea. The blocking mechanism is a DNSBL (DNS blocking list) called korea.services.net. It lists the numeric addresses of Korean networks, in a form that mail systems can check efficiently. See http://www.dnsbl.com/ for more info on DNSBLs. [...] Who can use korea.services.net ? As far as I'm concerned, anyone is allowed to use it. Please be sure that your mail software is set up to use a local DNS cache (BIND is the most common) rather than querying us directly, to limit the load. If the load becomes too large, we may ask heavy users to host mirror copies of the data. (If you don't understand these instructions, please consult the people who run your mail system, or the vendor that sold you your mail software.) What exactly is in the database? The database lists all IP address ranges assigned to Korea by APNIC,plus any older ARIN ranges with a history of sending spam. As networks clean up their act, get rid of their spammers, fix their abusable relays and proxies, and set up a reasonable procedure to receive and act on complaints, I hope to remove them from the list. [...] [end of quote] I faxed three spams from yescard.co.kr (Korea Exchange Bank's credit card operation) to the Park Ave. (Manhattan) branch of the bank. I told them to contact their idiot colleagues in Seoul if they wished to be removed from the fax list. === Korea passes the law that allows spamming === === http://times.hankooki.com/lpage/tech/200310/kt2003101216381911820.htm === === Mirrored locally: === === http://www.DolphinWave.org/spam/Korea/kt2003101216381911820.htm === The Korea Times New Anti-Spam Measure to Launch A new anti-spam measure to prevent outbound junk e-mail will be introduced, the Ministry of Information and Communication said yesterday. Under the new rule, commercial organizations sending unsolicited e-mail advertisements, or spam, will be required to place the ``@’’ symbol in the subject line, the ministry said. The presence of the symbol will allow recipients to filter out unwanted e-mails more easily. No clear timeframe has been set for the introduction of the new rule, which would also require spam distributors to include legitimate English-language contact information that offers a way to decline future messages for foreign recipients. Spammers who violate the proposed rule would be jailed for up to two years or be fined a maximum of 10 million won ($8,710), the ministry said. 10-12-2003 16:39 === Hanaro - presently one of the biggest spam-hosters (almost every spam === === page now is hosted there), disables their WHOIS contact addresses === Path: uni-berlin.de!fu-berlin.de!news.maxwell.syr.edu!news.cis.ohio-state.edu !nntp.service.ohio-state.edu!not-for-mail From: "Jay Stuler" Newsgroups: news.admin.net-abuse.email Subject: Hanaro gives up - disables WHOIS contact Date: Sat, 21 Aug 2004 21:26:24 -0400 Organization: Ohio State University Lines: 18 Sender: stuler.1@dhcp065-024-140-061.columbus.rr.com Message-ID: NNTP-Posting-Host: dhcp065-024-140-061.columbus.rr.com X-Trace: charm.magnus.acs.ohio-state.edu 1093137701 17595 65.24.140.61 (22 Aug 2004 01:21:41 GMT) X-Complaints-To: abuse@osu.edu NNTP-Posting-Date: 22 Aug 2004 01:21:41 GMT X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 Xref: uni-berlin.de news.admin.net-abuse.email:2236317 All of Hanaro's domains have this email as the "Admin" contact. I wonder if ICANN will make them correct it? As a side note, I wonder how long before Hanaro starts whining about being blocked. ----- The following addresses had permanent fatal errors ----- (reason: 550 5.1.1 Suspended user ) ----- Transcript of session follows ----- ... while talking to mail.hanaro.com.: >>> DATA <<< 550 5.1.1 Suspended user 550 5.1.1 ... User unknown -- "What we need are a couple of good hangings" - FTC Chairman Orson Swindle, regarding email spam === WHOIS on Hanaro === $ jwhois hanaro.com [Querying whois.internic.net] [Redirected to whois.ibi.net] [Querying whois.ibi.net] [whois.ibi.net] Welcome to NETPIA.COM's WHOIS Server Registrant: Hanaro Telecom,Inc. 8F Shindaebang BD Shindaebang-dong Tongjak-gu Seoul Domain Name: HANARO.COM Registrar: NETPIA.COM, INC.(http://www.ibi.net) Administrative Contact: Hanaro Telecom,Inc. hostmaster@hanaro.com 8F Shindaebang BD Shindaebang-dong Tongjak-gu Seoul 02-6266-6551 Technical Contact: Hanaro Telecom,Inc. dnsmaster@hanaro.com 8F Shindaebang BD Shindaebang-dong Tongjak-gu Seoul 02-6266-6551 Billing Contact: Hanaro Telecom,Inc. dnsmaster@hanaro.com 8F Shindaebang BD Shindaebang-dong Tongjak-gu Seoul 02-6266-6551 Record created on........: 08-Jul-1996 EST. Record expires on........: 07-Jul-2005 EST. Record last updated on...: 27-Jan-2003 07:04:46 EST. Domain Name Servers in listed order: NS.NETFOS.NET 210.220.163.20 NS2.NETFOS.NET 210.180.98.91 Please register domain name at www.ibi.net === How bad it really is === Path: uni-berlin.de!fu-berlin.de!postnews1.google.com!postnews2.google.com !not-for-mail From: usenet@break-left.org (Eddie Rickenbacker) Newsgroups: news.admin.net-abuse.email Subject: Re: Hanaro gives up - disables WHOIS contact Date: 22 Aug 2004 15:22:05 -0700 Organization: http://groups.google.com Lines: 51 Message-ID: <9c8ea055.0408221422.24ca5f12@posting.google.com> References: <3jfhi05ghpoir2idqmsr9ure7sfi87iobi@4ax.com> NNTP-Posting-Host: 80.203.39.99 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Trace: posting.google.com 1093213326 28776 127.0.0.1 (22 Aug 2004 22:22:06 GMT) X-Complaints-To: groups-abuse@google.com NNTP-Posting-Date: Sun, 22 Aug 2004 22:22:06 +0000 (UTC) Xref: uni-berlin.de news.admin.net-abuse.email:2236723 Jeff C wrote in message news:<3jfhi05ghpoir2idqmsr9ure7sfi87iobi@4ax.com>... > On Sat, 21 Aug 2004 21:26:24 -0400, "Jay Stuler" > wrote: > > >As a side note, I wonder how long before Hanaro starts whining about being blocked. > > I wonder who will care? I, for one, won't. If Hanaro goes out of business tomorrow, the internet will be a better place for everyone, at least until the spamming fuckwits come up with the next trick to support their antisocial behaviour and limitless greed. It's been a long long time since I accepted any traffic at all from Korea. The digital vomit that ends up here, only occasionally advertise websites hosted outside of Hanaro. It's tragic really. Hanaro wilfully let US spammers rape them anally with the blunt object colloquially the pain from that will *not* go away for years. YEARS! How on earth are Korean companies able to send mail abroad after not only being rejected wholesale on port 25, but are also denied routing? Ever since the botnet known as Comcast had its balls halfway cut off, 75% of my rejections are Korean. The rest is from the usual suspects all over the world. YMMV. Having clueless and compromised users on your DSL/Cable range is one thing. Knowingly providing services to the scum of the earth, the bottom 0.5% of the IQ bell curve, is another. And don't get me started on the insult to the global sysadmin population that is spamcop.or.kr. I have yet to see a meaningful LART response from Korea, be it zombies, webhosting, relays or what have you. I pity the sysadmin who - for whatever reasons upper management has this week - *has* to receive mail from Korea. You have my deepest sympathies. Hanaro's abuse of the internet is nothing short of a scandal. If the Hanaro top brass is in on this, let's hope they get out of the criminal business before they have to pull a Hyundai. If not, let the board scrape the remains off the sidewalk. I'm sick and tired of cleaning up after Hanaro. Let them know what you think: http://www.hanaro.com/eng/company/com_board_1.asp Here is their sotto voce lie about spam: http://www.hanaro.com/eng/other/spam.asp Chang-Bun Yoon, CAN YOU FUCKING HEAR ME? -- Flyboy 94th spam pursuit squadron === Korea Government agencies spam their own people many times === === http://english.chosun.com/w21data/html/news/200508/200508190025.html === === Mirrored: http://www.DolphinWave.org/spam/Korea/200508190025-print.html === Most People Ignore Government Spam A survey on the way government agencies go about their public relations by the Korea Productivity Center shows that eight out of 10 Koreans declined to open e-mails from their rulers. The survey covered 18 government agencies that spammed the public from January to July. Grand National Party lawmaker Kim Choong-Whan on Thursday revealed the results showing the government agencies sent e-mails to advertise their policies to 6.7 million people on 1,871 occasions during the period, but only 23.1 percent of recipients opened them. The greatest turnoff were e-mails from the Ministry of Maritime Affairs and Fisheries, followed by the Agriculture Ministry with 15.4 percent, the Ministry of Health and Welfare with 16.6 percent, the Defense Ministry with 17.1 percent and the Ministry of Information and Communication with 18.5 percent. The Maritime Ministry spammed 120,000 people 43 times during the period, but only 15.35 percent opened the messages. Kim said it was clear the government sent out unsolicited e-mails that were of no interest to the public. url: http://english.chosun.com/w21data/html/news/200508/200508190025.html Copyright (c)2003 DIGITAL CHOSUN All rights reserved. Contact letters@chosun.com for more information. Privacy Statement Contact privacy@chosun.com