Re: [exim] Report of new spam technique

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Bill Hacker
Date:  
À: exim
Sujet: Re: [exim] Report of new spam technique
Matt wrote:

> Bill Hacker wrote:
>
>
>
>>- But it is not really all that clear which of several 'ratware'
>>techniques the author and AOL person interviewed
>>were on about...
>
>
>
> It is simply detailing the method of sending via the ISP's mailservers
> instead of directly from user|spammer pc's.
>
>
> Matt
>


Yes. That was the easy part.

But how is that 'new', and suddenly such a massive or 'increased' threat
that several newsfeeds picked it up
and a statement was made:

"The problem is that if ISPs don't tackle it, then by mid-2006 we're
going to have the spam levels at 95 percent of all e-mails, which is
going to cause failures to occur all over the place," he added.

That would presuppose some new vulnerability, more ISP's running either
WindWoes MTA's or *N*X MTA's configured less expertly than it was a year
ago.

I don't see that as the case:

- WinWoes share of 'backbone' server penetration apparently peaked over
a year ago, and continues to decline.

- Few professional ISP's of any size would risk using 'Exchange' and
such outside of a corporate intranet.

- The level major-provider UNIX MTA anti-spam configuration expertise
seems to be improving, not declining, (Exim, Postfix, Courier-MTA, -
even Sendmail has been improved).

So; I am still looking for the 'smoking gun' w/r ISP relay vulnerability.

Spammers may be trying harder, but so are the rest of us.
We have the advantage of operating in the open, cooperatively, and with
a better 'trust' model.

Ergo, the article(s) still look(s) like sensationalism and FUD to me.

But I remain paranoid enough to ask 'what have I missed', what do we
need to now change // make sure we have already changed // do not forget
to check ..... to stop such a risk?

'A good plan, violently implemented right now, will always beat a better
plan delayed a week'. GSP, Jr.

Bill Hacker