China Outlaws Private E-mail Servers

Outsmart Malicious Hackers


Ah China, always been famous for repressing their population, now there repression is moving onto the Internet and using digital means..

Just like the so called ‘Great Firewall of China’, I’ve been meaning to do an article about that for quite some time, I have something drafted.

Anyway the latest thing China has done has made it illegal to own a private e-mail server without a ‘licence’. I guess it could be said that it’s an effort to curb spam…but..

China has introduced regulations that make it illegal to run an email server without a licence. The new rules, which came into force two weeks ago, mean that most companies running their own email servers in China are now breaking the law.

More than 600,000 servers were sold in China last year, according to market researchers. It’s unclear how many of these are running mail server software, which includes programs like Microsoft Exchange Server, Sendmail, Qmail or Lotus Notes.

They are calling it part of the anti-spam effort..

The new email licensing clause is just a small part of a new anti-spam law formulated by China’s Ministry of Information Industry (MII). The chilling effect on corporate email servers, which are commonly used by companies with more than a handful of employees, appears to have gone unnoticed until now.

However, Singapore-based technology consultant, James Seng, who first drew attention to the new email licence requirement, believes the inclusion of the prohibition on mail servers is no accident.

“Looking at the Chinese text, it is clear they have worded it carefully”, he told vnnet,”They know exactly what they are doing and what they want. So this isn’t a case of clueless civil servants screwing up or just bad translation.”

To be fair though spam originating from China has become a massive problem in the last 6-12 months, I’ve even noticed the amount of Chinese language spam increasing exponentially.

Under the new regulations, Email Service Providers must register their mail servers’ internet protocol (IP) addresses with authorities 20 days before they start operating the server. The must also keep a record of all emails sent and received for 60 days. The rules even prohibit open relays: mail servers which accept and relay email from any source without verification

The regulations also ban many of the techniques commonly used by spammers, such as hijacking servers to use as ‘zombie’ spam relays. In addition, advertisers sending unsolicited commercial mail also need to prefix the subject line with ‘Advertisement’ or ‘AD’, and comply with recipients’ requests to cease sending them unwanted email.

Perhaps in a way it might be a good thing?

Source: VNUnet

Posted in: Spammers & Scammers

, , ,


Latest Posts:


StaCoAn - Mobile App Static Analysis Tool StaCoAn – Mobile App Static Analysis Tool
StaCoAn is a cross-platform tool which aids developers, bug bounty hunters and ethical hackers performing mobile app static analysis on the code of the application for both native Android and iOS applications.
snallygaster - Scan For Secret Files On HTTP Servers snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn't be public and can pose a s
Portspoof - Spoof All Ports Open & Emulate Valid Services Portspoof – Spoof All Ports Open & Emulate Valid Services
The primary goal of the Portspoof program is to enhance your system security through a set of new camouflage techniques which spoof all ports open and also emulate valid services on every port.
Cambridge Analytica Facebook Data Scandal Cambridge Analytica Facebook Data Scandal
One of the biggest stories of the year so far has been the scandal surrounding Cambridge Analytica that came out after a Channel 4 expose that demonstrated the depths they are willing to go to profile voters, manipulate elections and much more.
GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.


5 Responses to China Outlaws Private E-mail Servers

  1. The shtint September 20, 2006 at 8:42 am #

    Where did you read this information? Is there a reference to a newspaper article or govn’t news release?

    cheers,
    The Shtint

  2. Darknet September 20, 2006 at 8:51 am #

    There is a link at the bottom “Source: VNUnet” if you click the orange VNUnet link it will take you to the source article. Cheers!

  3. Dan September 20, 2006 at 3:14 pm #

    Although China is interested in spam control, you have to really wonder. No one, especially countries, do things for “free”. China loses nothing if it is seen as a hub for spammers – fighting spam will be a costly thing, and “registering” e-mail servers and requiring the lock-down of servers will do nothing if they do not police it, and police it they will. This costs money — but why? What’s in it for them to take these steps?

    Yes, it looks like it’s very well crafted, this plan to lock down spam. However, the more important thing, the one that the Chinese goverment will pay good money for, is control. Knowing exactly where every e-mail server is in the country (and being able to punish rogue e-mail servers for no reason other than that they haven’t registered) gives them the next step of control they need. Once they know this, it’ll be a small step to require “monitoring software” to be placed on each server, to ensure that they remain “safe”.

    Doesn’t anyone else see where this is going? Think of China vs. Microsoft, Google and Yahoo. It doesn’t take much to see that this is one more step in the lock-down, not of e-mail servers and spam, but of free speech in China itself.

  4. Nigel Mellish September 20, 2006 at 6:28 pm #

    You really think this is about Spam? Are you kidding? This is about access to communication – an email version of wiretapping, plain and simple. The Chinese gov’t doesn’t want you to send or receive email unless it’s to or from a server that they can access.

  5. Darknet September 20, 2006 at 7:37 pm #

    Dan: I totally agree. China already took control of their own DNS a while ago…next it will be a seperate Chinese Internet? Well the regulation states all e-mails must be kept for 60 days, so that saves them having to install anything directly, as they monitor all links anyway so if they want anything they sniffed whilst it flew past they can grab it directly from the licenced e-mail it originated from or was sent to..

    Nigel: Who thinks it’s about spam? If I really thought it was about spam I wouldn’t have mentioned the great firewall of China and the repression of the Chinese populace in the first paragraph..