RE: [inbox] Re: Fwd: Re: Administrivia: Binary Executables w/o Source

["Jason Coombs" <jasonc () science org>]

Nick FitzGerald will probably have the last word on this after the
debilitating blow delivered thus by his over-achieving intellect:
> > Ah, but Nick, I *DO* have omniscient access to the non-mythical IP-to-user
> > mapping list -- and so do you. ...
> No, we don't.
> It then can post from that machine using
> whichever of the addresses it chooses.
> all you get in the virus' message headers
> is what the first SMTP relay it
> hit records in its Received: headers.
> Finally, consider the subscriber to poster
> (or "lurker") ratio.

I see nothing at all wrong with blaming you personally for all of the spam
that originates from CLEAR Net Mail, New Zealand and ends up at FD. You are
the closest person of competency to the problem. ;-)

You discount the number of fixed-IP DSL and other broadband connections
employed by people who are candidates to have the FD e-mail address lurking
somewhere on their hard drive. That first-and-only SMTP relay hop directly to
netsys.com MX 199.201.233.10 will still give the FD MTA an opportunity to do
SMTP forensic logging, and all we need is the IP address to convict many FD
subscribers of willful, premeditated, or negligent wormicide.

You also dismiss implicitly the likelihood that the oblivious real end-user
will be spewing non-spam, non-worm communications and getting themselves
profiled and logged all over the place as the demonstrable temporary owner of
the IP address in question during the time period of interest...

Just think "doubleclick".

Sincerely,

Jason Coombs
jasonc () science org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html