China Outlaws Private E-mail Servers

Outsmart Malicious Hackers


Ah China, always been famous for repressing their population, now there repression is moving onto the Internet and using digital means..

Just like the so called ‘Great Firewall of China’, I’ve been meaning to do an article about that for quite some time, I have something drafted.

Anyway the latest thing China has done has made it illegal to own a private e-mail server without a ‘licence’. I guess it could be said that it’s an effort to curb spam…but..

China has introduced regulations that make it illegal to run an email server without a licence. The new rules, which came into force two weeks ago, mean that most companies running their own email servers in China are now breaking the law.

More than 600,000 servers were sold in China last year, according to market researchers. It’s unclear how many of these are running mail server software, which includes programs like Microsoft Exchange Server, Sendmail, Qmail or Lotus Notes.

They are calling it part of the anti-spam effort..

The new email licensing clause is just a small part of a new anti-spam law formulated by China’s Ministry of Information Industry (MII). The chilling effect on corporate email servers, which are commonly used by companies with more than a handful of employees, appears to have gone unnoticed until now.

However, Singapore-based technology consultant, James Seng, who first drew attention to the new email licence requirement, believes the inclusion of the prohibition on mail servers is no accident.

“Looking at the Chinese text, it is clear they have worded it carefully”, he told vnnet,”They know exactly what they are doing and what they want. So this isn’t a case of clueless civil servants screwing up or just bad translation.”

To be fair though spam originating from China has become a massive problem in the last 6-12 months, I’ve even noticed the amount of Chinese language spam increasing exponentially.

Under the new regulations, Email Service Providers must register their mail servers’ internet protocol (IP) addresses with authorities 20 days before they start operating the server. The must also keep a record of all emails sent and received for 60 days. The rules even prohibit open relays: mail servers which accept and relay email from any source without verification

The regulations also ban many of the techniques commonly used by spammers, such as hijacking servers to use as ‘zombie’ spam relays. In addition, advertisers sending unsolicited commercial mail also need to prefix the subject line with ‘Advertisement’ or ‘AD’, and comply with recipients’ requests to cease sending them unwanted email.

Perhaps in a way it might be a good thing?

Source: VNUnet

Posted in: Spammers & Scammers

, , ,


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


5 Responses to China Outlaws Private E-mail Servers

  1. The shtint September 20, 2006 at 8:42 am #

    Where did you read this information? Is there a reference to a newspaper article or govn’t news release?

    cheers,
    The Shtint

  2. Darknet September 20, 2006 at 8:51 am #

    There is a link at the bottom “Source: VNUnet” if you click the orange VNUnet link it will take you to the source article. Cheers!

  3. Dan September 20, 2006 at 3:14 pm #

    Although China is interested in spam control, you have to really wonder. No one, especially countries, do things for “free”. China loses nothing if it is seen as a hub for spammers – fighting spam will be a costly thing, and “registering” e-mail servers and requiring the lock-down of servers will do nothing if they do not police it, and police it they will. This costs money — but why? What’s in it for them to take these steps?

    Yes, it looks like it’s very well crafted, this plan to lock down spam. However, the more important thing, the one that the Chinese goverment will pay good money for, is control. Knowing exactly where every e-mail server is in the country (and being able to punish rogue e-mail servers for no reason other than that they haven’t registered) gives them the next step of control they need. Once they know this, it’ll be a small step to require “monitoring software” to be placed on each server, to ensure that they remain “safe”.

    Doesn’t anyone else see where this is going? Think of China vs. Microsoft, Google and Yahoo. It doesn’t take much to see that this is one more step in the lock-down, not of e-mail servers and spam, but of free speech in China itself.

  4. Nigel Mellish September 20, 2006 at 6:28 pm #

    You really think this is about Spam? Are you kidding? This is about access to communication – an email version of wiretapping, plain and simple. The Chinese gov’t doesn’t want you to send or receive email unless it’s to or from a server that they can access.

  5. Darknet September 20, 2006 at 7:37 pm #

    Dan: I totally agree. China already took control of their own DNS a while ago…next it will be a seperate Chinese Internet? Well the regulation states all e-mails must be kept for 60 days, so that saves them having to install anything directly, as they monitor all links anyway so if they want anything they sniffed whilst it flew past they can grab it directly from the licenced e-mail it originated from or was sent to..

    Nigel: Who thinks it’s about spam? If I really thought it was about spam I wouldn’t have mentioned the great firewall of China and the repression of the Chinese populace in the first paragraph..