[exim] Re: Report of new spam technique

Top Page
Delete this message
Reply to this message
Author: David Stone
Date:  
To: exim-users
Subject: [exim] Re: Report of new spam technique
Alan J. Flavell wrote:
>> Cox Internet has been blocking outbound port 25 from their network
>> for a long time.
>
>But those customers /do/ presumably already have a way to submit bona
>fide mail; all that it takes is that the spammers find a way to
>subvert their computer (I nearly said "PC") into submitting the spam
>via the /same/ mechanism.


This isn't that hard on Windows systems if the user has set their
mail software (Outlook or whatever) to remember their password.
Which, I suggest, those who get infected by spam trojans are likely
to have done (and used some really simple password to boot, like
"password")

>The days of viruses coming with their own port-25 SMTP engine are
>clearly measured; but other techniques are already spreading.
>


Agreed. If not already implemented, something like spamassassin
on outbound mail might be a good pre-emptive measure. (The smarthost
for a domain who's mail service I help run does this). I would be
interested in alternative measures that can be included into exim,
though - particularly ones based on traffic patterns, not body content.

Dave Stone