elmore
February 2nd, 2005, 22:02
Saw this article on cnet today and thought I'd post it here. The article focuses on new Malware that allows spammers to trojan horse machines and then abuse those same machines to send SPAM through their ISP's mailservers.

The Article then goes on to predict a complete e-mail system meltdown. As we have several e-mail specialists on the board I'm hoping I get thoughts on this. Here's the link:

http://news.com.com/Zombie+trick+expected+to+send+spam+sky-high/2100-7349_3-5560664.html?tag=cd.top

Strog
February 2nd, 2005, 23:11
As long as ISPs continue to allow direct SMTP traffic off their netblocks then we will continue to see DSL/Cable computers hijacked to be spam servers. ISPs really need to make their users go out through them and check for bulk/spoofed/etc. emails before they get forced into it.

bmw
February 3rd, 2005, 22:23
I fail to see why the emergence of this particular spambot behaviour should surprise anyone. ISPs have been closing off outbound port 25 (SMTP) access in increasing numbers, so of course the worm-writer/spammer alliances would come up with a new spambot that outbounds on the ISPs default SMTP relay. Sure ISPs will see an increased mail load: they are going to have to now enforce mail volume policies to combat this. They are being caught off-guard by a predictable problem. Typical.

Also, since this mail will now be coming via sanctioned relays, the value of SPF will plummet rapidly. It's already near zero, so it won't have to fall far.

The rest of us poor slobs will continue using active content filtering (DCC, SpamAss, etc.). RBLs, which are iffy at the best of times, will also be relatively useless unless you don't mind blocking all of the major ISPs mailservers.

bmw
February 4th, 2005, 14:55
And here's (http://news.com.com/E-mail+meltdown+claims+take+heat/2100-7349_3-5563617.html?part=rss&tag=5563617&subj=news.7349.10) a rebuttal article.

E-mail meltdown claims take heat
(http://news.com.com/E-mail+meltdown+claims+take+heat/2100-7349_3-5563617.html?part=rss&tag=5563617&subj=news.7349.10)