[Dshield] PDF Spam Wave
tonni at hetnet.nl
Sat Aug 4 21:07:42 GMT 2007
Shaun skrev, on 04-08-2007 08:05:
> I rarely speak up on this list, but I've got to throw out my two cents
> on this one.
> Someone relays his experience about the recent rise in PDF spam, replete
> with details, headers, etc. trying to create a well-documented incident
> report, and he gets flamed by several people. Yet earlier the same day,
> someone reported a common phish to the list and received nary a response.
> Do the detractors only wake at night?
> Come on, folks, we're all working towards a common goal here. Certainly
> it's rewarding to think "gee, where have you been lately?" but not
> everyone is as widely exposed to net abuse as the rest of us. Incidents that
> most IT folks would consider innocuous might pique the interest of
> someone who's never seen such behavior.
> Any individual who's made it as far as this list - well beyond the
> dungeons of dslreports "OMG I AM GETTING PACKETS" - and is willing and
> able to provide a detailed report of what they feel to be an incident of
> note, deserves respect for the effort that they put into the report. If
> it's a known issue, a couple of URLs are all it takes to point that out.
> I'm no angel - far from it - but can we at least try not to patronize
> new contributors?
Well, I'm a prof mailadmin who happens to have been forced into the
Postfix shoe (latest version of everything with me) and am feeling very
I have a perfect pdf spam solution, I refuse all mail that isn't for my
users, my 1550+ user site currently refuses far more mail than it is
offered, we don't get any false positives, none of our users complains
about lost or delayed mail.
But I'm not going even to *begin* to explain how, to anyone (only to
die-hard Postfix people, but they taught me how, anyway). Yet less when
a novice yuks. The only answer is: "Learn to be a mailadmin", and that
take years, believe me.
Email: tonni at hetnet dot nl
More information about the list