>From what I understand, a larger portion of spam is now being sent by
viruses installed on computers which hack the address book and then start
sending out spams to generate affiliate income for the virus creator and/or
the virus creator's partners. In these types of cases, often, the message
sent is not necessarily a virus itself, but just spam.

One obvious sign of this is the increase in randomly forged FROMs where you
see signs of these being forged with interconnecting relationships of
people. However, some of these forgeries could also be due to "joe jobs"
campaigns and/or pre-programmed obfuscation using names on relative small
but interrelated lists?

At least, this is how I understand things to be. Corrections?

...now, my question...

Is there some way of knowing for definite whether a non-virus spam was sent
by a virus. Is there a corpus of such examples? Also, other than standard
maintenance (windows updates, virus checker, etc), does forcing users to use
password-authentication for SMTP server usage eliminate or minimize the
ability of these viruses to propagate their spam? (or do they just sent it
directly and/or hack into the system and use the authentication already set
up for Outlook?)

Basically, to bring this down to a more concrete situation, I have many
clients who use my server for POP3 and web hosting, but use their ISP's
server for SMTP. I'm wondering if switching them to my server for sending
mail will help due to my requirement for password authentication for SMTP
server usage. (of course, my spam filter alone would help in this situation)

Thanks,

Rob McEwen

Reply via email to