Re: ISP phishing

[Joel Jaeggli <joelja () darkwing uoregon edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 23 Jun 2005, Gadi Evron wrote:

> > Due to the huge number of variants in the wild, our AV software can't
> > keep up (probably nobody's can). Instead, we enabled a global rule which
> > blocks any email from accounts such as billing, root, postmaster,
> > antivirus, abuse, security, etc. which don't originate from our
> > management IP space where our people work. As a result, we have stopped
> > these phishing scams for our users dead in their tracks.
> >
> > -Robert
>
> We did as well, but we did not yet find a solution for legit bounces..
> it naturally breaks that.
>
> It's a temporary solution to what I see that is going to become very big.

The bigger issue is that users simply don't trust any kind of "official 
communication" anymore and I don't see anything other than pki that could 
actually restore that.


- -- 
- --------------------------------------------------------------------------
Joel Jaeggli           Unix Consulting         joelja () darkwing uoregon edu
GPG Key Fingerprint:     5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/

iD8DBQFCuzh+8AA1q7Z/VrIRAoLNAJwIlI+xeEk5TDu22mhGMYVfFIypGACfb2BR
/hUazqmv3nleXPriXwuMeSY=
=erGj
-----END PGP SIGNATURE-----