RE: Decrease in Threats?

Bill, do you use MS Exchange, and if so, what method of grey
listing do you use?


Tom Milliner, CPA, MCSE
2404 Summer Place Dr.
Irving, TX 75062
(241) 540-2741
tom.milliner@xxxxxxxxxxx

-----Original Message-----
From: Bill Borton [mailto:bborton@xxxxxxxxxx]
Sent: Thursday, January 26, 2006 10:46 AM
To: incidents@xxxxxxxxxxxxxxxxx
Subject: Re: Decrease in Threats?

Hi there,

Your mention of fewer viruses but not spam made me think this might be worth
mentioning:

One of my mail servers that was getting 15,000 - 20,000 inbound infected
messages a month was also getting pounded by spam.
I an attempt to mitigate the spam I implemented "Greylisting".
It's working very well for that site. I don't have hard numbers available
at the moment, but I guesstimate that it took spam down by about %90.

The thing is, it also blocked the majority of inbound infected messages as
well. It went from tens of thousands to hundreds.
It makes perfect sense, but it definitely caused me a double take when I
first looked at it...

-Bill



On Wed, 25 Jan 2006 14:55:09 -0500
"Rohny Jotton" <rohnyjotton@xxxxxxxxxxx> wrote:
> In the last 30 days, I have experienced a extraordinary decrease in
> email threats being stopped at the edge and also being seen on our
> quarantine server. My first thought was something got in and disabled
> our security services, but upon investigation that is not the case. It
> looks like the quantity has indeed dropped, and I am trying to confirm
> it (only virus's, worms, etc.; not spam).
>
> I've been trying to find any trending of threats seen worldwide, and
> the only one I have found is at f-secure. The chart seems to support
> what I'm seeing but I'm curious if others are seeing a decrease also.
> If indeed the threats are dropping off, is it due to the efforts
> undertaken to mitigate the WMF flaw?
>
> Also if anyone knows of other sites that show historic trends, I'd
> appreciate being given the link. I see most antivirus sites will only
> give percentage breakdowns and not quantities seen.
>
> Thanks You
>
> _________________________________________________________________
> Don't just search. Find. Check out the new MSN Search!
> http://search.msn.click-url.com/go/onm00200636ave/direct/01/

Relevant Pages

  • Re: Odd virus(?) incident
    ... (keep my virus protection up to date, ... unusual even by my standards. ... message was virtually empty but contained a large (bizarrely large by spam ...
    (microsoft.public.security.virus)
  • Re: Decrease in Threats?
    ... Your mention of fewer viruses but not spam made me think this might ... infected messages a month was also getting pounded by spam. ... > I've been trying to find any trending of threats seen worldwide, ... Check out the new MSN Search! ...
    (Incidents)
  • Re: Odd virus(?) incident
    ... I think I'm fairly careful about such threats ... | (keep my virus protection up to date, be suspicious of spam) but this seemed ... | So I guess my question is: How common are Powerpoint-born viruses and is ...
    (microsoft.public.security.virus)
  • Re: !!! TO WHOM IT MAY CONCERN !!!
    ... fraud by "phishing" ... hate email, threats by email, and so on. ... Why was "CAN SPAM" such a toothless law? ...
    (sci.math)
  • Re: Malware Triangle
    ... Maybe your geometry is off and a triangle is not a good model. ... Maybe a "Quad Threat Matrix" where email (spam and phishing) are another angle of the ... | I agree on the malware definition - but once I had the triangle setup, ... | was hard to separate it from the rest of the threats. ...
    (alt.computer.security)