[Dshield] Rise in UCE

John Hardin johnh at aproposretail.com
Tue Jan 6 18:02:04 GMT 2004


On Mon, 2004-01-05 at 19:15, JD wrote:
> On Jan 3, 2004, at 8:35 PM, Michael Leone wrote:
> 
> > Has anyone else seen a major rise in spam (UCE) in the past few days? 
> > Even that this looks like a spike to an original incline of spam in 
> > the last few months.
> 
> yea - this crap is getting out of hand.  How can we pressure the ISP's 
> to crack down on people stupid enough to open attachments? 

We can't. I would suggest that we should pressure ISPs to provide DNSBLs
that list their dynamic IP address spaces insetad.

> Filter ALL incoming attachments (most are already doing this),  and of 
> course if anyone's computer IS exploited,  to disconnect them 
> immediately before any more damage can be done.    Of course,  this is 
> very BAD medicine.

Simple. ISP's should block outbound port 25 from dynamic IP ranges for
customers that haven't signed up for the "I have a clue" service level,
or for those who specifically request direct outbound email be enabled.

--
John Hardin  KA7OHZ                           
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
-----------------------------------------------------------------------
 If you smash a computer to bits with a mallet, that appears to count
 as encryption in the state of Nevada.
                                               - CRYPTO-GRAM 12/2001
-----------------------------------------------------------------------




More information about the list mailing list