Re: [Asrg] [IP] do-not-email list canned

[Gadi Evron <ge at egotistical.reprehensible.net>]

> I've thought this over and the only possibility is that worms will 
start to crack the
> cached SMTP AUTH credentials on the system and send through the ISP 
account. This is
> possible although not easy. Whatever ISPs are left that don't require 
SMTP AUTH will
> need to, but that's common sense.

Or simply use outlook.

> Two points about this scenario: all the zombied mail will come from 
the actual addfress
> of the user with the infected system, so they and their ISP will find 
out about it very
> fast. Also, authentication will wipe out the existing endemic 
population of mass-mailer
> worms.

I disagree.
Thing is, there are so many drone armies out thee of infected users. you 
only need to use each of them once to accomplish any job.

Plus, even if an ISP helps clean a user (which I don't see happening 
yet, mostly). Users get re-infected. It is a never ending circle, and 
spammers don't run out of infected machines.

Spammers don't need to look for a way to bypass these countermeasures... 
they are already using them.

    Gadi Evron.


_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg