[Dshield] Rise in UCE
barkerjr at barkerjr.net
Tue Jan 6 19:31:23 GMT 2004
> > Filter ALL incoming attachments (most are already doing this), and of
> > course if anyone's computer IS exploited, to disconnect them
> > immediately before any more damage can be done. Of course, this is
> > very BAD medicine.
> Simple. ISP's should block outbound port 25 from dynamic IP ranges for
> customers that haven't signed up for the "I have a clue" service level,
> or for those who specifically request direct outbound email be enabled.
Not so simple. At least a couple viruses I've seen in the past month were sent
via the ISP's mail servers.
More information about the list