(Japanese Site)
|
|
| MITI Mail Server Used to Relay Overseas Junk Mail
|
|
March 3, 1998 (TOKYO) -- Japan's Ministry of International Trade and Industry (MITI) revealed that
its mail server was the target of relay abuse in late January from someone overseas.
|
The originator of the bulk email, also known as "spam," allegedly used the ministry as a relay
server to send out mail for advertising and solicitation purposes. MITI immediately announced that a
spamming incident had occurred and took anti-abuse measures 10 days after the discovery.
According to an informed source within the ministry, on Jan. 20 MITI's system administrator
discovered a problem on the mail server. A large quantity of mail was waiting in the outbound queue.
>From the mail addresses it appeared that none of the recipients was in any way related to MITI. On
checking the transmission log, it was found that more than 200 dubious messages had already been
forwarded.
The following day, on Jan. 21, more than 10 complaint messages were posted to the Web master of
MITI's Web pages. All the complaints were in English and stated that spam had been received through
MITI.
According to the MITI informant, two types of spam were forwarded through the ministry. One was a
money-making scheme promoted by a broker, and the other was an advertisement for spamming software.
Both types of spam originated overseas.
Most of the mail users who sent complaints expressed disbelief that MITI could be involved in such
advertising or solicitation, and wanted an explanation as to how the incident occurred.
One of the complaints was from an Internet service provider outside Japan. In a strongly worded
message, the ISP said that "in the future, we will not relay any mail received via MITI."
Users in Japan were also among the spam targets. An invitation to contact MITI, carried on its Web
site, elicited a complaint from within Japan. A spam victim also made a report to the Japan Computer
Emergency Response Team Coordination Center (JPCERT/CC), an organization that provides information
about incidents of illegal access to computer systems.
On Jan. 23, MITI announced on its Web site that the spam contents had nothing to do with the
ministry. On Jan. 25 the vendor in charge of MITI's computer system took preventive measures. The
mail system was set up so that no mail received from the three addresses that spawned the spam would
be relayed in the future.
However, this fix was hardly a radical solution, since it could only block mail from the recent spam
culprits. Consequently, on Jan. 30, MITI upgraded to the latest version of the mail server software
"sendmail" and configured its server to reject all relay mail unrelated to MITI.
As a result of the "sendmail" upgrade, MITI has apparently succeeded in blocking several hundred
spam messages since the beginning of February.
There is no apparent reason why MITI's mail server came under attack. MITI sent a letter of protest
to the broker's facsimile number given in the "get rich" spam, but got no response.
MITI also sent email requests asking the ISP closest to the spam origins not to relay spam. The
reply received from that ISP stated that in future it will not relay mail from the parties who sent
the spam, according to MITI.
(Nikkei Computer)
|
|
|
