Full Disclosure mailing list archives
Re: Email marketing company gives out questionable security advice
From: "Richard Johnson" <rdump () river com>
Date: Wed, 2 Jul 2003 22:44:45 -0600
At 20:03 -0400 on 2003-07-02, Richard M. Smith wrote:
Hi, Last week, I received an unsolicited email message from Mobil Travel Guide about their new online service. In the message, I was encouraged to turn back on ActiveX and scripting in Outlook in order to view a Flash movie embedded in the message. Needless to say, I thought this was a terrible idea. Instead, I wrote the company who created the ad, Digital Produce (http://www.digita lproduce.com), saying they were giving out bad security advice and they should stop doing this sort of thing in future mailings.
The spamming for Mobile Travel Guide isn't the worst this bunch has done. Amusingly, digitalproduce.com (AKA flashedmail.com) was involved in a whitcon.net/uswives.com spamgang [1] attack against a number of addresses on our servers just about a year ago. They've been blacklisted on all our servers since. Mere mention of their security violation URLs in mail bodies causes the mail to be rejected. This prevents their willful lack of security, let alone their deliberately bad advice, from affecting our users. All in all, their association with infamous porn spam gang Whitaker Consulting has been a good thing for securing our systems against their shoddy flash and evilX. I sincerely applaud their taste in business partners. Bad company breeds bad attitude. Or is it the other way around? As long as they keep spamming, and providing spam support, they'll remain blocked.
It will be interesting to see how email marketing companies and spammers adapt to these technical changes in HTML email.
I've yet to discover any useful, practical difference between "email marketing companies" and "spammers". The terms are synonymous. Why anyone would trust active content from a spammer is beyond me. Richard [1] http://www.spamhaus.org/rokso/search.lasso?evidencefile=1610 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Email marketing company gives out questionable security advice Richard M. Smith (Jul 02)
- Re: Email marketing company gives out questionable security advice Nick FitzGerald (Jul 02)
- RE: Email marketing company gives out questionable security advice Richard M. Smith (Jul 03)
- Re: Email marketing company gives out questionable security advice Richard Johnson (Jul 02)
- Re: Email marketing company gives out questionable security advice Nick FitzGerald (Jul 02)