IETF Logo Mail Archive

Re: [Asrg] 0.General - News Article - NYT Reports Porn Spam Hijacking Network

mathew <meta@pobox.com> Tue, 15 July 2003 01:33 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA16477 for <asrg-archive@odin.ietf.org>; Mon, 14 Jul 2003 21:33:40 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cEgr-00033v-35 for asrg-archive@odin.ietf.org; Mon, 14 Jul 2003 21:33:13 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h6F1XDnr011765 for asrg-archive@odin.ietf.org; Mon, 14 Jul 2003 21:33:13 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cEgq-00033g-VF for asrg-web-archive@optimus.ietf.org; Mon, 14 Jul 2003 21:33:12 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA16435; Mon, 14 Jul 2003 21:33:09 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19cEgo-00057S-00; Mon, 14 Jul 2003 21:33:10 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19cEgn-00057P-00; Mon, 14 Jul 2003 21:33:09 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cEgf-00031n-6g; Mon, 14 Jul 2003 21:33:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cEgI-00031Z-CR for asrg@optimus.ietf.org; Mon, 14 Jul 2003 21:32:38 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA16393 for <asrg@ietf.org>; Mon, 14 Jul 2003 21:32:34 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19cEgF-00056k-00 for asrg@ietf.org; Mon, 14 Jul 2003 21:32:35 -0400
Received: from sccrmhc12.comcast.net ([204.127.202.56]) by ietf-mx with esmtp (Exim 4.12) id 19cEgE-000561-00 for asrg@ietf.org; Mon, 14 Jul 2003 21:32:34 -0400
Received: from pobox.com (h005018086b3b.ne.client2.attbi.com[66.31.45.164](untrusted sender)) by comcast.net (sccrmhc12) with SMTP id <2003071501320401200b59cie>; Tue, 15 Jul 2003 01:32:05 +0000
X-Habeas-Swe-6: email in exchange for a license for this Habeas
Subject: Re: [Asrg] 0.General - News Article - NYT Reports Porn Spam Hijacking Network
Mime-Version: 1.0 (Apple Message framework v552)
Content-Transfer-Encoding: 7bit
From: mathew <meta@pobox.com>
In-Reply-To: <E19b12L-0001kI-00@mail.nitros9.org>
To: asrg@ietf.org
X-Habeas-Swe-1: winter into spring
X-Habeas-Swe-2: brightly anticipated
X-Habeas-Swe-3: like Habeas SWE (tm)
X-Habeas-Swe-4: Copyright 2002 Habeas (tm)
X-Habeas-Swe-5: Sender Warranted Email (SWE) (tm). The sender of this
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
X-Habeas-Swe-7: warrant mark warrants that this is a Habeas Compliant
X-Habeas-Swe-8: Message (HCM) and not spam. Please report use of this
X-Habeas-Swe-9: mark in spam to <http://www.habeas.com/report/>.
X-Image-Url: http://meta.ATH0.com/photos/MailPictures/meta@pobox.com
Message-Id: <23D3B662-B664-11D7-B331-00039380F1B6@pobox.com>
X-Mailer: Apple Mail (2.552)
Content-Transfer-Encoding: 7bit
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Mon, 14 Jul 2003 21:32:04 -0400
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

On Friday, July 11, 2003, at 12:46 PM, Alan DeKok wrote:
>   Unless the propogation of these malware programs is quenched, I
> think this incident can be taken as the start of the end for mobile
> users of naked, unauthenticated, unverifiable SMTP.  There are other
> methods by which they can send email, and those methods will help
> protect against this kind of spam attack, at least.

They will? How?

If the user's copy of Microsoft Outlook is capable of sending e-mail, 
then it doesn't matter if you authenticate or verify before allowing 
SMTP. It doesn't help a bit, any more than it would help to block SMTP.

As long as the machine can be used to send e-mail, and can easily be 
compromised (i.e. is running Windows), it can be used to send spam. If 
necessary the spamming trojan can simply feed its messages to Outlook 
to send via whatever method of authentication and verification the 
user's ISP requires.


mathew


_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email