Re: ISPs' willingness to take action
On Sun, 26 Oct 2003 [EMAIL PROTECTED] wrote: A few things that make sense to me (as a non-ISP network consultant) include: 1) Summarily fencing/sandboxing/disconnecting clients sending high volumes of spam, virii, etc. You might politely contact your commercial/static clients first, but anyone connecting a bare PC on a broadband circuit is too stupid to deserve coddling. The great majority of your clients would thank you profusely. An article appeared today on The Register, talking about people connecting bare machines to the net. It discusses the level of clue posessed by the typical American computer user and is quite a sobering read. From the article: I'm here to tell the security pros reading this that we are in deep trouble when it comes to securing the computers of these people. Security is just not a concept that normal folks focus on. It's not even on the radar screen. It's just not thought about at all. Online at http://www.theregister.co.uk/content/56/33599.html Cheers, Jonathan
Re: Windows updates and dial up users
On Sun, 21 Sep 2003, Sean Donelan wrote: It occurred to me that one way to make things easier for dial-up users, and even broadband users in many cases, would be to issue periodic update CDs. Imagine a disc with all of the updates on it and a program, it could even be written in Windows Script Host, to check a system for which updates need to be installed, apply them in the correct order and even reboot in between. Such a program would not be hard to write. [...] I recently put this suggestion to Microsoft and their response basically avoided the whole issue. Why wouldn't the company want to offer such a CD, assuming that's the motivation behind their stonewalling? From this month's issue of /PC Pro/ magazine (UK, Issue 109) : please accept our apologies for the lack of Microsoft patches or DirectX on our cover discs. Microsoft US has banned the inclusion of any of its code on magazine discs. Presumably, the company assumes we all have broadband to download up to 166MB for DirectX 9b or 134MB for Windows XP Service Pack 1a. And that's without mentioning the mean-time-till-infection of an unpatched system, of course... Regards, Jonathan
Re: Fun new policy at AOL
Sometime mid last week, one of my clients--a state chapter of a national association--became unable to send to all of their AOL members. Assuming it was simply that AOLs servers were inundated with infected emails, I gave it some time. The errors were simply delay and not delivered in time specified errors. AOL appear to have recently changed their MX receiving policies, see the following demon.announce post: http://groups.google.com/groups?selm=xVIP4XA5f7M%24EwzW%40demon.netoe=UTF-8 output=gplain --- cut here --- One such scheme uses a list of end user IP addresses on the basis that such users will only be sending legitimate email via their own ISP's smarthost email server. The idea is that the blocklist will be able to block non-legitimate email because it arrives directly. In particular it should block spam sent via insecure systems or virus/worm infections. We have recently been in discussion with AOL who are, at a future date, planning to implement just such a scheme as they have found, working with many ISPs around the world, that it significantly impacts their incoming spam volumes. --- cut here --- Regards, Jonathan
