[Dshield] Re: Dshield digest, Vol 1 #503 - 15 msgs

server ns1 at dwhite.ws
Sat Mar 9 16:12:02 GMT 2002


> Subject: Re: HTML email and spam tracking (was RE: [Dshield] Getting
even.)
> From: Clint Byrum <cbyrum at erp.com>
> To: list at dshield.org
> Date: 08 Mar 2002 15:10:57 -0800
> Reply-To: list at dshield.org
> You know, this brings up a really big gaping hole in one of the most (if
> not *the* most) popular email programs... Outlook/Outlook Express. I
> don't know about other windows mail programs, but these two don't seem
> to offer any method to stop downloading images linked to in emails.
>
> Or am I just unclear about how security zones work? I have email in the
> restricted zone.. so I would figure that would be enough.
>
> I got trapped by this(and I'm sure a lot of other people did) this past
> summer when it started running rampant. My users also have noticed a lot
> more spam that comes in with their address in the To: field instead of a
> bogus one. Sure enough these all have some sort of <IFRAME
>
src="http://wespamyoutillyoupuke.com/gotchya.cgi?asaffasdf7asdf8asdf9asfd6as
"> In it.
>

Outlook Express *DOES* have the option of turning away, or stripping
attachments from email.  Just check th rule sets under email rules.  You can
set it to not even download the attachemen, or even delete the entire email
(that has an attachment) from the server, and it will never even get on your
computer.
You are correct in setting the security zone to "restricted" as this will
stop some of the harmful embedded scripting from running.

Another best practice with OE is to turn off the "auto preview"  so that you
open only ehe email you want to open and will not be taken by suprise by
harmful scripting taking over your computer automatically.

As a side note, I have two email addresses that I used only for registering
software when I bought it, and those are the only ones that get any spam at
all.  I spent three years dutifully reporting all of them through SpamCop,
however, it has not even slowed down the spamming, in fact it continues to
increase.

Now my real email address is run on my own server, and I have the entire
European, South American and Pacific Rim net Blocks blocked.  I get NO spam
on my own server.

One of the biggest problems I run into is the unresponsiveness of the abuse
desks of the big US ISPs.  Now if I could resolve that problem, I would be a
happy camper indeed.






More information about the list mailing list