Saturday, January 21, 2006

China, now the leading manufacturer of spam?

Nearly every product we buy, well let me rephrase that. Nearly every cheap product we buy nowadays is made in China. Nothing really wrong with that. Don't like it... don't buy it. Thats why we call it a free market.

But what happens when the Chinese pervasiveness crosses that boundary of freedom? Of late I have started tracking where my spam comes from. Tracking the source of spam is not always easy. Its easy to fudge email headers so amateurs like myself cannot determine who really sent the spam. But there is an easier way to track spam. Most spam email wants you to go to some web site to do some business. Who cares where the email came from. Clearly it was sent by those whose sites we are asked to visit.

So I started tracking these sites. Doing a whois seems to point me to random owners (apparently false information) in the United States. But strangely all the IP numbers for these web sites seem to come from China. They are all under APNIC and upong looking up the IP number at I get the following information:

inetnum: -
netname: CNCGROUP-HI
descr: CNC Group Hainan province network
descr: China Network Communications Group Corporation
descr: No.156,Fu-Xing-Men-Nei Street,
descr: Beijing 100031
country: CN
admin-c: CH455-AP
tech-c: CH455-AP
remarks: service provider
mnt-by: APNIC-HM
changed: 20030122
source: APNIC
role: CNCGroup Hostmaster
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China
nic-hdl: CH455-AP
phone: +86-10-82993155
fax-no: +86-10-82993102
country: CN
admin-c: CH444-AP
tech-c: CH444-AP
changed: 20041119
source: APNIC

Almost 100% of all email I get send me to web sites that are have an IP number that is in the range - So I created a new gmail account and used it to send emails to to report this issue. I sent them all teh emails I was receiving and explaining that they need to do something to stop these sites.

Since I do not speak Mandarin or Cantonese or any other chineses language my emails were in English. So I was not necessarily surprised that I got no response.

What was also not much of surprise is that this brand new gmail address started receiving spam. And yes, all from these web sites that have their IP numbers coming from this network owned by China Network Communications Group Corporation.

So I wonder how is this possible. We are talking about a country where I thought people are tossed off into prison, tortured, and killed for little or no reason. So how could somone be so brave so as to be so corrupt? Or is it that the spam industry is now a favorite child of the Chinese government. I would like to investigate further, but then I do not wish to be arrested, tortured, and killed :-)

More on this later.....


Blogger Gussa Waala said...

More on the Chinese spam connection. After much complaining I stopped getting spam from IP number at the network I mentioned in my post. Alas victory was not long lived. I started getting new spam and this time it was from a different network. A query on APNIC whois revealed the following:

inetnum: -
netname: CHINANET-GX
descr: CHINANET Guangxi province network
descr: China Telecom
descr: No1,jin-rong Street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: CR766-AP
changed: 20031030
mnt-by: APNIC-HM
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to with your
remarks: organisation account name in the subject line.
source: APNIC

address: No.35,Minzhu Road,Nanning 530015
country: CN
phone: +86-771-2815987
fax-no: +86-771-2839278
trouble: send spam reports to
trouble: send abuse reports to
trouble: times in GMT+8
admin-c: CR76-AP
tech-c: BD37-AP
nic-hdl: CR766-AP
changed: 20021024
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: 20051212
source: APNIC

And when I sent an email to the spam reporting email box, it came back with a mailbox is full message.

Watch out people, unless you want to buy chinese viagra :-)

6:25 PM  

Post a Comment

<< Home

Free Website Counters
Free Website Counters