Author: David Stone Date: To: exim-users Subject: [exim] Re: Report of new spam technique
Alan J. Flavell wrote: >> Cox Internet has been blocking outbound port 25 from their network
>> for a long time.
>
>But those customers /do/ presumably already have a way to submit bona
>fide mail; all that it takes is that the spammers find a way to
>subvert their computer (I nearly said "PC") into submitting the spam
>via the /same/ mechanism.
This isn't that hard on Windows systems if the user has set their
mail software (Outlook or whatever) to remember their password.
Which, I suggest, those who get infected by spam trojans are likely
to have done (and used some really simple password to boot, like
"password")
>The days of viruses coming with their own port-25 SMTP engine are
>clearly measured; but other techniques are already spreading.
>
Agreed. If not already implemented, something like spamassassin
on outbound mail might be a good pre-emptive measure. (The smarthost
for a domain who's mail service I help run does this). I would be
interested in alternative measures that can be included into exim,
though - particularly ones based on traffic patterns, not body content.