The scenario described by Cliff is the equivilant of my sending junk
emails to Steve with Cliff's email address as the return address or
sender.
Steve is absolutely right. I am hopeful though that there might be a
way to stop these emails as spam filters get smarter.
But then again the spammers also get smarter but I am still hopeful.
Firm.
On Aug 25, 2009, at 4:08 PM, "STeve Andre'" <[log in to unmask]> wrote:
> On Tuesday 25 August 2009 10:35:06 Clifford Beckett wrote:
>> Hello Network admins.
>> I have a user who is receiving email error messages indicating a
>> "BANNED
>> CONTENTS ALERT" from <[log in to unmask]> on emails that
>> claim to be sent by this user but were not. Who should I talk to
>> about
>> this problem? Our email is primarily handled through the
>> Engineering
>> email server. The error message includes this information
>>
>> First upstream SMTP client IP address: [61.47.11.234] unknown
>> According to a 'Received:' trace, the message originated at:
>> [61.47.11.234], egr.msu.edu (unknown [61.47.11.234])
>>
>> Thanks
>> Cliff
>
> I don't think it makes sense to worry about this. We're all going to
> see this for the rest of our lives, and there is nothing that can be
> done about it, short of re-architecting the net itself, and all other
> communications devices.
>
> Having the IP address is useless, basically. Chances are the dreck is
> originating from some poor infected Windows machine, and its
> owner has no idea their machine is shoveling out garbage. At the
> very best, you can get the individual to clean up their machine,
> but then they'll screw up patching, or not upgrade to the latest
> version of some security horror like Flash, and will again get under
> the control of something evil and it starts all over again.
>
> If I sound jaded, its because I have fought spam/spit/email
> marketers in the past, and found that some huge amount (like
> 95%) came from compromised machines, and once I got the
> owners to even understand what that meant (and got it cleaned
> up), they all got infected again (four machines).
>
> The solution is to educate our users, to never, ever ever ever fall
> for requests for anything online, via txt message, or automated
> phone call requests (ever get a robotic voice asking for your
> bank data?), and discard them.
>
> Nothing else will work, nothing else is ever going to work.
>
> Teaching people to beware of scams is one of the most important
> parts of using the net. That is the one defense that will work,
> which the vandals can't get around.
>
> --STeve Andre'
|