Re: Comcast censors the Bible

["Dennis Henderson" <hendomatic () gmail com>]

On 10/20/07, rms () computerbytesman com <rms () computerbytesman com> wrote:
> > They are currently out of fashion.
>
> Yep, I just checked my junk email folder and there are only a few messages
> with attached files containing malware.  The situation has changed in the
> last 6 to 12 months.  I was amazed the last time I checked how many
> malware-laden messages I had.  It was as if the bad guys hadn't heard
> about the Outlook executable blocker.


Just a point in evolution...

The thing that I think separates SMTP from HTTP where malware is concerned
is that everyone does HTTP as part of their business and pleasure.

Only businesses, bots and very few technical broadband users do SMTP to
arbitrary destinations legitimately.

Look at storm. They don't deliver malware in email, but they trick users
into getting clicking on malware via SMTP. HTTP is just the malware
transport. You just cant ignore this from the largest, longest sustaining
botnet ever thusfar.

Take away SMTP from the non-business IP address and storm would have to have
a completely different business model for existing.

Assuming ISP's took away arbitrary SMTP and malware writers were able to
compensate by figuring out how to relay mail via the ISP, I think if ISP's
would be a little more proactive if their mail servers started getting
blacklisted from all the P&D spam they were spewing.

Some ISP's like SBC(nets prior to ATT) already do this(deny residential SMTP
to arbitrary places) and you definitely see less of these networks in sender
IPs.

Just a different point of view from the field.

Dennis

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.