Security Basics mailing list archives
Re: Spam prevention vs mitigation
From: Champ Clark III <cclark () quadrantsec com>
Date: Thu, 12 Apr 2012 18:03:08 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
That being said, a let through rate of 3-6 spam/user/day is overly high. Thanks, Erik
Maybe, maybe not. Depends on the "spam". For example, let say the individual has signed up for an account on Victoria Secrets web site. When they did, then neglected to uncheck mark the "send me e-mail" box. Now the user complains about "spam" Victoria Secret. (I only use them as an example because i've seen it happen). The end user will swear up and down they've "never signed up for it!". Sure, they can "unsubscibe", but then you're trusting the user to known how to do this and to actually do it. Is the username something common like "bob () example com" or "mary () example com". Common targets will get hit a lot. It also depend on the e-mail volume and they "type" of user they are. Ie - they never post to mailing list/group verses someone who always posts to groups? What the spam to legit email rate. - -- - - Champ Clark III (cclark () quadrantsec com) Quadrant Information Security (http://quadrantsec.com) Key Fingerprint: 2E56 C2EB 1B25 C517 D5BA 2DCF 5E70 B2F8 0381 878A GPG Key ID: 0381878A -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJPh1EcAAoJENnmXt7Lmc3KIrcH/i6+BpTKi0mToH7/d/DaT8tV /AGv7hr5g1q2L0zNGGAu7CXKNwDDqYwT5yE2+lL11zLLYJsAZsabiGV7VUOq6SmT DYKHNmBAWPKj/eYnBokNz2GFqMr42eHVMqNeBxmMIBTQQfI0LZBA12SxA8HTZ8Uu gpAL+kKBRpx1TZtK9tT4fYpQNiuBZH3H6g0MV6S42+fX5dbihpHce6V3LuoPVH+C FT9FGGuYo/80FeMTD/nfOCBygWwShXGmMTm1IeShPqt/cyZ1Z7A7sJcAbE7/sjx7 6L6MvmasA+ADSlU/vi9nCFoLCYRgC0DQ3iho2J7kyxxn6TVg9wzjM1d67m2TPZw= =R1wQ -----END PGP SIGNATURE----- ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Spam prevention vs mitigation Steve Sirag (Apr 12)
- RE: Spam prevention vs mitigation Ivan Carlos (Apr 12)
- Re: Spam prevention vs mitigation List Man (Apr 12)
- RE: Spam prevention vs mitigation Erik Soosalu (Apr 12)
- Re: Spam prevention vs mitigation Champ Clark III (Apr 12)
- RE: Spam prevention vs mitigation Steve Melcher (Apr 12)
- Re: Spam prevention vs mitigation Clint Davis (Apr 12)
- Re: Spam prevention vs mitigation Champ Clark III (Apr 12)
- RE: Spam prevention vs mitigation Gillmer, Renier, VF-NZ (Apr 15)
- Re: Spam prevention vs mitigation Champ Clark III (Apr 12)
- Re: Spam prevention vs mitigation Todd Haverkos (Apr 12)
- Re: Spam prevention vs mitigation Champ Clark III (Apr 12)
- RE: Spam prevention vs mitigation Joseph Laico (Apr 12)
- Re: Spam prevention vs mitigation Ansgar Wiechers (Apr 15)
- RE: Spam prevention vs mitigation Mike Saldivar (Apr 15)
- <Possible follow-ups>
- RE: Spam prevention vs mitigation Vincent Yeo (Apr 15)
(Thread continues...)