[Dshield] PDF Spam Wave

Tony Earnshaw tonni at hetnet.nl
Sat Aug 4 21:07:42 GMT 2007


Shaun skrev, on 04-08-2007 08:05:

> I rarely speak up on this list, but I've got to throw out my two cents
> on this one.
> 
> Someone relays his experience about the recent rise in PDF spam, replete
> with details, headers, etc. trying to create a well-documented incident
> report, and he gets flamed by several people. Yet earlier the same day,
> someone reported a common phish to the list and received nary a response.
> Do the detractors only wake at night?
> 
> Come on, folks, we're all working towards a common goal here. Certainly
> it's rewarding to think "gee, where have you been lately?" but not
> everyone is as widely exposed to net abuse as the rest of us. Incidents that
> most IT folks would consider innocuous might pique the interest of
> someone who's never seen such behavior. 
> 
> Any individual who's made it as far as this list - well beyond the
> dungeons of dslreports "OMG I AM GETTING PACKETS" - and is willing and
> able to provide a detailed report of what they feel to be an incident of
> note, deserves respect for the effort that they put into the report. If
> it's a known issue, a couple of URLs are all it takes to point that out.
> 
> I'm no angel - far from it - but can we at least try not to patronize
> new contributors?

Well, I'm a prof mailadmin who happens to have been forced into the 
Postfix shoe (latest version of everything with me) and am feeling very 
comfortable.

I have a perfect pdf spam solution, I refuse all mail that isn't for my 
users, my 1550+ user site currently refuses far more mail than it is 
offered, we don't get any false positives, none of our users complains 
about lost or delayed mail.

But I'm not going even to *begin* to explain how, to anyone (only to 
die-hard Postfix people, but they taught me how, anyway). Yet less when 
a novice yuks. The only answer is: "Learn to be a mailadmin", and that 
take years, believe me.

--Tonni

-- 
Tony Earnshaw
Email: tonni at hetnet dot nl


More information about the list mailing list