Re: Anti-Spam ideas for usenet/list harvested email addresses
On Tuesday 23 September 2003 15:12, Jacob Anawalt wrote:
> Jeronimo Pellegrini said:
> > On Tue, Sep 23, 2003 at 01:16:38PM -0600, Jacob Anawalt wrote:
>
> [snip]
> The latest churn on debian-user about Spam hasn't been UCE spam.
> It's been worm spam. I don't know anyone personally who likes to
> recieve WORM/Virus code in their inbox but it persists. I don't see
> a near-term solution for convincing the individuals who write this
> code.
<rant>
it seems to me the easiest solution would be for ISPs to have a
policy and software that supported the policy of no .exe .com .src
.pif .bat (etc...) attachments. any email will either be dropped or
have the attachment dropped and replaced with a short explination of
it being against policy and how to make a zip/gz/tar/whatever file if
they really want to send a .exe
since most viruses now use bad mime headers for the attachment, we
won't be able to filter on that. i talked with my isp about it, but
for some reason one customer regularly sends a .exe and since they
don't want to make a policy change that would affect their customers
business we don't get to enable that feature on our email server.
the downside of course will be that virus writers will then attach
.zips and use the normal social hacking they do now to get people to
open the attachment anyway.
perhaps if someone wrote the "don't f*&$ open me"[1] virus and had it
go through a little tutorial about why not to open unknow attachments
have message go something like "I was foolish enough to open the
attachment, and since you are at risk of getting a message from me
with a virus, this attachment has forwarded itsself to you"
[1] http://msn.bbspot.com/News/2002/01/open.html
</rant>
Reply to: