On Fri, Apr 02, 2004 at 08:51:52PM -0800, Mike Lee wrote: > It also does a limited dictionary attack, with a list of several dozen > common names, sending a message to each of these names on each domain > in its list. So it doesn't just send to email addresses it got from > you, it also tries to guess email address names for all the domains it > found anywhere on your computer. This is very rude, and means that the > big domains are having to send tons of non-delivery reports for all > the bogus email coming at them. And if you're the poor From guy, then > you start getting all those NDRs delivered to your mailbox too. Along > with all the bitch mail from antivirus programs telling you that you > sent them a virus. (This is why these programs should quit notifying > senders of viruses--forged From is getting to be so common that they > just end up panicking or annoying someone innocent.)
Actually, there is a better solution than that: SPF http://spf.pobox.com/ It could potentially solve all the spam from legitimate computers that you mention when you get Joe Jobb'ed. It would also break MyDoom, or force it to use only the From: of the computer it infected. SPF won't solve all spam and virus problems, but it will help. Everyone should start using it or encourage their ISP to use it (hopefully all the big ISP's will turn it on by the end of 2004). -- Erik Reuter http://www.erikreuter.net/ _______________________________________________ http://www.mccmedia.com/mailman/listinfo/brin-l
