I have a bit of a meta-question...
On 18 May 2001, at 10:11, Chuq Von Rospach wrote:
> Fairly widespread. Right now, for instance, I'm seeing a lot of stuff
> bounced if it has the word "homepage" in it, which is (IMHO) ludicrous.
Is this for real? I occasionally get a message that has "IL*VEYOU" in it
with a note saying that they munged it so that their message wont kick
off virus-catchers... but that's SO ineffective I couldn't imagine that
*sysops* actually did that kind of thing. I had always assumed that it
was just one of the anomalies of the unclued [who are both too unclued to
have learned not to open attachments AND are too unclued to know how to
set up simple filters in their mail client, and so they need to be told
"If you get a message that says it has a nude picture of Anna K, *dont*
open the attachment"..... But *sysops*, blocking *their*site* based on
random text matches???
I think that *that's* more indicative of the depth and breadth of what we
have to deal with than almost anything else... It is one thing when the
average skill of the *user* goes into the crapper, but quite another when
the *sysops*, too, follow their clientiele into the without-a-clue
crapper... Whew!!
> To be blunt about it, there's not a lot you can do. Writing admins to
> poke at them is usually fruitless.
I've complained to world.std.com that some mailing list stuff from one of
my lists gets bounced by them (I mention them because they're a pretty
competent site with mostly-clueful folks at the helm). They're basically
non-apologetic and take the attitude that such things are acceptable
collateral damage in their approach to dealing with incoming spam, and
that's that. I admit that not *much* gets bounced, but nonetheless their
filters *do* catch legitimate stuff and if your list _happens_ to have
traffic that is closer to their secret-filtering-criteria than mine is, I
can see that this would be a major PITA.
> .. I've *never* seen the net with such agressive and virulent
> beasts that have this level of penetration.
I analyzed the last couple and I noticed that there is now the email
equivalent of a "root kit" -- that is, we're now at the stage where a
clueless script kiddie can touch off an email worm without having a clue
about 'vbs' or self-replicating software or anything like that. So, IMO,
things are going to get worse, perhaps a LOT worse, before they get
better.
[part of my cynicism about this is that in the end, the only real
recourse to stop worms like these are users-with-a-clue [since I would
disagree with your terminology: I haven't seen a real "virus", in the old
sense of the term, in a long time -- these are all trojans, that arrive
and invite the unwary/unclued to shoot themselves in their collective
feet, and they do it with amazing and mindboggling consistency]. Since,
IMO, the density of clueness is going down, overall, I think that these
things will always be finding more and more gullible 'hosts' and so be an
essentially unstoppable plague on our house.
> ... I just think many of them are
> going about it sideways, but then, not all network admins have the
> experience some of us have; worse, many are stuck with things like
> Exchange or NOtes or other badly written mail systems, and have their
> hands tied up front...)
Yeah, and we're just seeing the beginning of the *fun* ones: the ones
that mutate on every propagation, that download new 'stealth modules' and
patch themselves on-the-fly, that hide more cleverly in their host
systems... And some sysadmins will still be blocking email with
"Kournikova" in the subject line.... Sigh..
/Bernie\
--
Bernie Cosell Fantasy Farm Fibers
mailto:[EMAIL PROTECTED] Pearisburg, VA
--> Too many people, too few sheep <--
