Re: [Exim] New Metod to Control SPAM : Mail Online Listing

Steve Thomas <lists@???> wrote:
> On Thu, Jun 24, 2004 at 04:52:57PM -0400, Erik Jacobs is rumored to
> have said:
>>
>>> And then there's the fact that the vast majority of spam
>>> comes through proxies, trojaned machines, etc. Very little
>>> spam is sent through ISP servers these days, from what I'm seeing.
>>>
>>> It's a responsible thing to do and would certainly help with
>>> the accounting, but I don't think it'd do much of anything to
>>> abate the spam problem.
>>
>> This isn't entirely true. Many people are calling the recent
>> email-based virii "attacks" SPAM. This would help to cut down on
>> the net internet impact of these email sending worms as it woud
>> essentially shut down a user's ability to send email after they had
>> exceeded their limit.
>
> But are the viruses using their victim's MAPI client settings to
> blast themselves all over the place? I was under the impression that
> virus writers have taken to looking up MX records and/or attempting
> to connect to targetdomain.com directly. If they're doing this, then
> the mail servers which belong to the victim's ISP are completely out
> of the loop and can't do anything about the volume of mail going out.

They can either block or redirect port 25 outbound so that they stop this
traffic altogether, or send it though their outbound relays and apply the
controls discussed at tht top of the thread. My vote would be to block it,
and use SMTP AUTH on port 587 instead - RFC 2476.

Peter