On Thu, 31 Jul 2014 15:37:31 +0100 Brian <a...@cityscape.co.uk> wrote:
> > What I do not understand is what prevents the malware (assuming it can > signicantly control the machine) from using the same authentication to > send spam as before. Isn't this back to square 1? > > I would assume it can, if it operates your email client under your credentials. But this may well leave traces, when you find sent mail that you definitely know you didn't send, or alien names added to your address book, that the malware has failed to erase properly. It is probably difficult for malware to pick security stuff out of the Registry without making a valid logon. Microsoft may be rubbish at general security, but these days it has to meet fairly strict standards for email confidentiality if it wants corporate US clients, particularly medical and legal ones. The preference is for malware to use a primitive SMTP engine which is entirely separate from the compromised system's email. Also, probably more important, your mail hosting company may well spot the spam going through their own mail server, whereas they are probably less likely to spot outgoing spam just passing through their routers, along with hundreds of torrent feeds... I'm sure the ISPs will be required to monitor and analyse all traffic in and out of their customers' systems one day, but I doubt that they're looking forward to it. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140731173721.501c1...@jretrading.com