[Mimedefang] ZDnet article on new Zombie Trick
Ben Kamen
bkamen at uiuc.edu
Thu Feb 3 10:43:30 EST 2005
I would think ISP's would want a greylisting filter on their inbound-outbound
ports...
But with my recent experience with my local ISP (SBC) proves to me (since I
directly asked the half a dozen or so SBC tech rep's on the line if anyone
knew anything about TCP/IP - "no" from all) I doubt if they even know they're
in a sense a source of the problem and if they even care.
I do know SBC now blocks port 25 from dynamic DSL customers. With the trojan
mentioned, however, that won't matter much.
It should be interesting to see if a lot of the spam is going to the MSN, AOL,
yahoo portal's and getting blocked if they'll notice once their email servers
start to crash from filled queues...
I have to implement greylisting one of these days... (sigh) Maybe this weekend
is the day.
-Ben
James Ebright wrote:
> While I do not agree with the "doom and gloom" garbage Linford spews in this
> article, and I don't think this is really a "new" approach... wasn't there
> some MAPI exploits that were used to do this several months ago?
>
> But this was sent to me by a colleague and is an interesting read, esp some
> of the clueless "talkback" comments.
>
> http://news.zdnet.com/2100-1009_22-5560664.html
>
> We currently monitor email traffic via snmp/mrtg so would notice an abnormal
> increase in outgoing mail trafic pretty fast. I used to have a throttle on
> mail messages per time increment back in the day (pre-Mimedefang hehe, here
> for after known as P-MD hehe), perhaps it is time to resurrect that?
More information about the MIMEDefang
mailing list