[exim] Re: Report of new spam technique

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MStephanie at <-
MRichard Clayton at ->
Delete this message
Reply to this message
Author: David Stone
Date:  
To: exim-users
Subject: [exim] Re: Report of new spam technique
Alan J. Flavell wrote:
>> Cox Internet has been blocking outbound port 25 from their network
>> for a long time.
>
>But those customers /do/ presumably already have a way to submit bona
>fide mail; all that it takes is that the spammers find a way to
>subvert their computer (I nearly said "PC") into submitting the spam
>via the /same/ mechanism.

This isn't that hard on Windows systems if the user has set their
mail software (Outlook or whatever) to remember their password.
Which, I suggest, those who get infected by spam trojans are likely
to have done (and used some really simple password to boot, like
"password")

>The days of viruses coming with their own port-25 SMTP engine are
>clearly measured; but other techniques are already spreading.
>

Agreed. If not already implemented, something like spamassassin
on outbound mail might be a good pre-emptive measure. (The smarthost
for a domain who's mail service I help run does this). I would be
interested in alternative measures that can be included into exim,
though - particularly ones based on traffic patterns, not body content.

Dave Stone




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] allow headers_remove|add options to be given multiple times[exim] Eximstats average message size->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)