nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Is there anything that actually gets users to fix their computers?

From: Suresh Ramasubramanian <suresh () outblaze com>
Date: Sun, 5 Oct 2003 02:11:08 +0000

Kee Hinckley [04/10/03 13:01 -0400]:

I've played the user-notification game myself in fighting hoaxes (do 
a search on wormalert () somewhere com sometime--and consider what 
happens when tens of thousands of people add it to their address book 
and then forward the latest joke/hoax/virus to everyone in their 
address book).  I used to send auto-replies debunking the hoax--but 


For more fun, consider that you are postmaster () somewhere com, and get those
horrible automated notices sent out by SpamKiller (now Norton [something],
since NAV 2003.

The one that generates complaints with subject UCE Complaint (Original
Subject) and "I have received the attached unsolicited email ..." boilerplate
in the body.

Reply to that and you will, as likely as not, get your reply sent back to you
and your upstreams as a spam complaint.

Sending autoreplies to anything that the teeming mass of lusers out there
send out is practically guaranteed to produce such an effect.


then they'd report them as spam to their ISP, and their ISP would 
block my domain.  Others would just delete them.  Often the only way 
to get their attention was to send mail to everyone they'd cc'd, and 
ask *them* to contact the offender.


First, you'd get your email address added to a whole lot of other "cc
everybody on my address book" type lists.  Another thing is that you stand a
good chance of mailing a significantly non trivial number of people who are
on that cc list for the same reason that you are - Outlook Express being set
up to add all people that you reply to, to your address book.


been told right and left not to open mail from strangers (a 
completely bogus concept, given that viruses tend to come from 
friends).  What I found was that they take that quite literally. 


Say what?  I have received virii from people I don't know from Adam, from
countries where I don't know anyone at all.


They either need to be contacted out of band, or their email software 
needs to support a secure channel of communications that they can 
really trust.


Hotmail, for example, clearly marks mail from hotmail staff (service
announcements etc) with a different colored text in the inbox ... I guess if
you control the client your user uses (using a custom built web interface is
one way, a customized browser / mail client is another way) ...
 
But other than that, you could well ask for the moon.

        srs
Previous By Date Next
Previous By Thread Next

Current thread: