Re: [exim] Report of new spam technique

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [exim] Report of new spam technique
On Sat, 5 Feb 2005, David Daniels wrote:

> There may be some good news.

[..]
> Recently SWBELL has begun to block port 25 outbound from their
> networks. I have no idea if any other Bell applied the same rule.
> One could hope :)
>
> Cox Internet has been blocking outbound port 25 from their network
> for a long time.


But those customers /do/ presumably already have a way to submit bona
fide mail; all that it takes is that the spammers find a way to
subvert their computer (I nearly said "PC") into submitting the spam
via the /same/ mechanism.

The days of viruses coming with their own port-25 SMTP engine are
clearly measured; but other techniques are already spreading.

There's a dominant vendor who has a long history of making things easy
that ought to remain hard - such as multifarious ways of executing
code supplied by an untrusted sender. They've recently shown some
signs of a change of heart, but I'm reserving judgment till I see how
it works out. And no matter how good the technology, there's always
the social engineering approach. Had to nobble yet another "send this
to all your friends" chain letter just the other day (to take a fairly
trivial example with no significant technical content, to demonstrate
how gullible users are).