Re: [Exim] use of _ in HELO... again

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Adrian Phillips
Fecha:  
A: exim-users
Asunto: Re: [Exim] use of _ in HELO... again
>>>>> "Wakko" == Wakko Warner <wakko@???> writes:

    Wakko> Sobig was a good one for us.  250 emails in the past 3 days
    Wakko> contained sobig.  All caught by the virus scanner.  I said
    Wakko> I could stop them by checking their HELO strings.  Answer
    Wakko> "Don't bother".


What happens when a new SPAM "originates" near you; that happened to
us with SOBIG-F - we got hit by the virus at least an hour before any
of our virus systems (Norman and Trend Micro) had a pattern file that
could catch it; in fact it took Trend Micro several hours to release a
version that could, although they did have a pre-release pattern file
available which I had to hand install.

Fortunately none of our clients were infected because very few
individuals received the message and the few that did were either
clever enough not to click on them or running some Unix variant.

The question for your management then is how much damage are they
willing to take on the chance that this scenario happens to them
noting that if only one machine in the company becomes infected there
is a good chance that your whole company (or the Windows part of it)
could be infected very quickly because of the way this particulour
virus works.

Catching viruses by other means than relying on a mechanism that is
always going to trail the release of new viruses seems a no-brainer to
me (of course many people seem to have managers with no brains so ...).

Sincerely,

Adrian Phillips

--
Who really wrote the works of William Shakespeare ?
http://www.pbs.org/wgbh/pages/frontline/shakespeare/