On Thu, Oct 16, 2003 at 11:29:25AM -0400, Derrick 'dman' Hudson wrote: > On Thu, Oct 16, 2003 at 02:33:18PM +0200, Jan Schulz wrote: > | Hallo! > | > | * Paul Johnson <baloo@ursine.ca> wrote: > | [swen] > | > Please report these just like spam (just remember you have to do it by > | > hand and not via spamcop). I've been approaching 75% kill rate thanks > | > to cooperative ISPs. > | > | Not everybody is online all the time. I've disabled my 'non local' SA > | tests and I would pay too much for downloading all the swen crap > | (-> Mailfilter). Sorry... > > You could still report those without downloading the data. I don't > know if Mailfilter can do the job, but the POP3 protocol allows you to > download just the headers without the body of the message. Doing > that, then deleteing the message on the server would allow you to > obtain the necessary information to report the virus. Sticking SHOW_HEADERS=yes in ~/.mailfilterrc makes it save all the headers in the log file. > I have sufficient bandwidth, and I find it simplest to discard any MS > executable. What I don't have is time to manually inspect the headers > of each of the 300+ copies of swen I receive each day and report them. > > Paul is welcome to keep reporting the stuff he gets (say, if you want > I'll redirect all the copies I get to you instead of the bit bucket) > and it's great that it appears to be so effective for him. I think > the best impetus will come when the less technologically adept masses > complaining (since they have to manually delete all the junk) and > discontinue service or switch to an ISP with better service. Then > businesses will (eventually) react to the change in the marketplace. > Since the propagation of Windows and the complacency of ISPs is driven > by money, if the people paying the money complain then the businesses > will have to respond in order to maintain business. It is the > non-geek masses who are hurt the most by these levels of junk because > geeks like myself rarely see any of it. My filtering works just fine but my ISP's POP3 server still seems to be groaning under the strain of all the crap it's receiving for everyone. I've emailed them suggesting they block at least the well-known, easily-identified offenders like swen and sobig at SMTP time. Dunno what they'll say... -- Pigeon Be kind to pigeons Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F
Attachment:
pgpmI284teVyJ.pgp
Description: PGP signature