[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Spam loads (was Re: How to post to linux.debian.user)

On Wed, 03 Dec 2003 14:20:18 +0100, "Karsten M. Self" <kmself@ix.netcom.com> wrote:

>on Tue, Dec 02, 2003 at 10:02:20PM -0600, Scott C. Linnenbringer (sl@panix.com) wrote:
>> On Tue, Dec 02, 2003, at 17:53 -0700, Dr. MacQuigg wrote:
>> > P.S.  The requirement to use a real email address in this public
>> > mailing list is a big problem.
>Not strictly required, but encouraged.
>> I, myself, use virus filters for procmail which work excellently. :)
>For those of us dealing with Swen to the tune of 300-600 MiB daily of
>mail over dialup, the situation's rather less friendly.  I've got very
>effective filters.  And there are now some specialized tools for dealing
>with Swen.  However, these will be of limited use the _next_ time a
>mass-mailing, heavy-payload worm propogates.  Particularly if it uses a
>wider range of subject/from headers, and/or has differently-sized
>payloads.  Swen was pretty easy to spot at 144 KiB + a fixed set of
>addresses and subject tokens.
>While more ISPs are offering mail filtering, most have pretty broken
>tools.  SMTP-time rejection + teergrubing is highly preferred.
>Newcomers to the 'Net have some very serious issues to deal with.

Both of my ISPs are filtering Swen ( at my request, since other users were not has heavily affected ). My spam load has been about 20 per day, including 2 or 3 Swen that manage to get past the filters. I can delete these in a few minutes, so I haven't felt the need yet to research spam filters.

In the last two days, my load has increased to about 100 per day, mostly Swen, all using the email address which I posted to this group, which has gotten only a few Swen in the past. The interesting thing about the new load is that instead of just the message text and a note that the attachment was deleted, these are arriving with the payload intact, which triggers my Norton AV and causes an annoying interruption. They come in batches, so I have to spend a couple of minutes dealing with repeated alarms from Norton. I can't just ignore these, or my email program stalls.

From now on, I will be much more careful in newsgroups, and use only a throw-away address.


Reply to: