<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [anti-spam-wg@localhost] Doom etc


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 03/02/2004 17:25 +0100, Anthony Mellor wrote:

> Copy below of a warning message, offers no means of response so I 
> usually ignore them (take that as guidance, not a request for advice 
> please, you'll see why I ignore below.)

Ignore is the right action. Most of these warnings should never have
been sent because they go not to the person with the infested computer
(which would be slightly useful) or to their ISP (who can do something)
but to an innocent bystander such as yourself, whose address the worm
found somewhere. You could be very cross with the organizations whose
mail systems send the warnings, but being cross will cost you nervous
energy as well as time ...


> I have spent ages on the phone to (one of) my main service provider
> and they assure me all my sending domains are secure (pop before
> send and now authenticated SMTP).

That's good, but neither you nor they thought that your systems were
sending all these unwanted messages. The only thing that links them
to you is your address or domain which is misleadingly inserted by
the bulker or by the zombie mailer.

My own view is that your ISP is the right place to go first; but it
costs them money and most of them really don't like it. Most e-mail
services are provided at minimum cost and you get what you pay for;
server availability, message store integrity etc are OK, but no effort
on the quality of mail delivered.
If they offered you some different service, what would it have to do?
How much would you be prepared to pay for it?


> grr.. there should be no defence anywhere on the planet for these 
> people; this is my livelihood's chargeable earning time being lost 
> daily.

That's a hard choice for you. When you feel that using e-mail is
costing you more than it earns, you will of course stop using it.
Or perhaps you will decide that profit and loss are only part of the
story. There is the view that the abusive practices have to go for
reasons other than the direct or indirect cost, such as privacy or
the fundamental threat to open communication.

Rodney Tillotson, JANET-CERT
+44 1235 822 255.


> The mail system received a message from you (...)
> destined to
>    some address
> that contains either infected or suspicious file(s)
> and it has not reached the above destination(s).

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBQB/djcxy/J7PAuvpEQKGgQCfT4JKV2N/dYtN6UyHL7NO2LX7/I0An24m
Ugu6AE5AOzy6CwmFmwqpao6C
=zDNt
-----END PGP SIGNATURE-----




<<< Chronological >>> Author    Subject <<< Threads >>>