Ben wrote:
I would think ISP's would want a greylisting filter on their inbound-outbound ports...
If the spam is coming from their legitimate customers, and is indistinguishable from normal mail, this will add nothing and annoy their customers, especially when those using Outlook Express (i.e. most of them) see what looks like a server error.
Sorry - I spaced.. I keep thinking EVERYONE has a sendmail server in their home that retries... heheh. Oops!
On the other hand, applying quotas on outbound mail will make a big difference, especially if the quota system is rate-based rather than volume-based, so for example sending out 1000 messages per day from a home system might be OK if they are at the rate of 100 per hour for 10 hours, but not OK if they are all seen in a single hour.
I agree there. I think the ISP's will be able to tag suspicious activity more easily (since their servers will be crashing) and possibly begin a wave of suits against spammers..
Wait.. I must be dreaming... the (big) ISP's doing something PROACTIVE!?!? What was I thinking.
I do know SBC now blocks port 25 from dynamic DSL customers. With the trojan mentioned, however, that won't matter much.
And in any case, how long will it be before the trojan stuffs keypresses or VB script into Windows to start Outlook or Outlook Express in a hidden window if it finds it, and then plug away sending messages with the correct client settings, including client authentication?
That's a scary thought.
Since any SPAM generated through this will be coming via ISP mail servers, which are guaranteed to try again as they are legitimate mailers rather than bulk sending programs, greylisting will make no difference. The ISPs will of course see a massive increase in e-mail volumes, but a quota system would soon sort this out.
True... I should stop typing stuff like this 1st thing when I get to work. I'm not awake yet.
-------------
To a large extend, this is an interesting argument for those who might sue gun or weapon makers because the crook does the harm with the weapon. While I truly believe that if guns didn't exist, a crook would just find another tool to do the job... in this case, it's MS and their bad practices given crooks the tools to do the job. You can't make a gun do anything different than what it does... it propels little objects at high speed. Could be used for food, protection, robbing convenient stores..... there was a guy running around Denver CO whacking people with a 2x4 at bus stops and robbing them. What do we do next? outlaw 2x4's?? no. But in MS's case, the email client or OS could be made to operate the same but minus the features that are being so easily exploited... thus the concept of being responsible (in some part) for the mess. Could MS be sued to take out these functions which seem to be causing all this mess?? it's an interesting topic to ponder I leave open for debate.
-Ben _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
