[unisog] Phishing targeting University Admissions

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Wed Jun 16 14:49:01 GMT 2004


On Mon, 14 Jun 2004 09:19:09 EDT, Joseph Brennan <brennan at columbia.edu>  said:

> Do you have the header portion?  I assume it claimed to be from an
> address at your school but really came from somewhere else.  Some
> general rule might be made to filter out such mail.

Note that unless your site is sufficiently clued to do something like
provide SMTP-AUTH on port 587, that general rule would effectively
break any roaming user, or user that wants to use a @your.edu address
while sending from their ISP at home.

(Yes, the *right* answer is "use SMTP-AUTH on 587 to let your users
post to your server but block others, and then block bozons from elsewhere on
port 25" - I'm re-iterating it mostly because waaay too many sites don't
get the first part right....)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20040616/345e4903/attachment-0004.bin


More information about the unisog mailing list