Re: attachment and e-mail where to report these security issues?

From: Phil Weldon (notdisclosed_at_example.com)
Date: 03/27/04


Date: Sat, 27 Mar 2004 04:39:46 GMT

Attractive site and an encouraging response from the ISP. My ISP,
Earthlink, presently allows its account holders to opt in or out of scanning
all incoming email for virus infection. When a particular virus reaches
flood stage, the scanning is done regardless of the selection. I believe
this is just a step toward scanning all email for viruses, but they want to
educate there customers to the need without raising unnecessary privacy
concerns.

I've thought about your "One Button Reporting" idea, and it seems that it
would be an easy task to add that capability to antivirus programs. The
antivirus publisher would take responsibility to insure that the
identification of the virus was correct, and then package a notification
including all the header information that the user could send as an email to
the proper originating ISP or other email provider, just by clicking on a
button on the "Virus found" Windows message.

-- 
Phil Weldon, pweldonatmindjumpdotcom
For communication,
replace "at" with the 'at sign'
replace "mindjump" with "mindspring."
replace "dot" with "."
"BeamGuy" <nobody@spam.com> wrote in message
news:ufFXir6EEHA.2768@tk2msftngp13.phx.gbl...
> "Phil Weldon" <notdisclosed@example.com> wrote in message news:
> KC29c.2108$Dv2.1170@newsread2.news.pas.earthlink.net...
> >  As for why ISP's act the way they do?  Inertia, money, shortsightness,
lack of staff,
> > concerns about privacy concerns account holders might have, not wanting
to change a
> > system that is not broken.
>
> Here is a response from an ISP that is posted on the website
www.dshield.org
>
> -------------------------
> Date: Sat, 7 Jun 2003 14:16:03 +0200
> > This is an abuse notice meaning that one of your machines might
> > be infected with a virus and is trying to infect other machines.
> > See http://www.dshield.org/ for more information
> We don't care, the major issue is that we don't want to receive this kind
of mail,
> because we're a large ISP and we have no control about our multiple
clients and
> their Windows systems. Your mail was annoying, so we simply filtered it
out. We
> know that many of them are infected even if we don't receive your mail.
> -------------------------
>
> I have friends who have identified PC's in schools locked up for the
summer,
> that sat there for three months straight sending out viruses whereever
they could.
>
> These things cause a big disruption in the productivity of this country.
If ISP's
> won't start acting responsibly I'm sure we can convince some legislators
to get
> involved in enforcing more responsible behavior!
>
>
>
> > Phil Weldon, pweldonatmindjumpdotcom
> > For communication,
> > replace "at" with the 'at sign'
> > replace "mindjump" with "mindspring."
> > replace "dot" with "."
> >
> > "BeamGuy" <nobodys@SPAM.com> wrote in message
> > news:Obj9JK4EEHA.3576@tk2msftngp13.phx.gbl...
> > >
> > > >  And "you guys" includes YOU.
> > > Sorry - when I said "you guys" I was aiming at the programmers of
> > microsoft
> > > who could add such a feature. I don't have the source code for
microsoft
> > > outlook express, nor the inclination to create such a feature.
> > >
> > > > On  the other  hand,  one difficulty coordinating between the
antivirus
> > dectector
> > > > and the email program, since there are at least a dozen of each.
> > > I know coordination is difficult, thats why we pay more for an office
> > program
> > > suite than we do for the hardware to run it on! I also have office
2000
> > pro
> > > installed.
> > >
> > > > Finally, since you use Outlook Express 6.0 to post (that's in the
> > headers of
> > > > your post), all you  need to do to get the full headers of a message
is
> > to
> > > > right click on the message in your message list and select
"Options"; a
> > > > window will open and display all the headers which can then be
copied
> > and
> > > > pasted into a notification email.
> > > I am not paid to report virus problems to people in canada, but I
might do
> > it
> > > if it is simple enough. I pay big bucks to microsoft to make my
computing
> > > experience convienient - copying and pasting the a whole bunch of
> > > garbledy gook into an email message, running a tracert or reverse DNS
> > > lookup and guessing at the guy's ISP provider is not all that
convienient,
> > > but could be automated.
> > >
> > > > Of course, and even better solution, and really, the only solution,
is
> > for
> > > > all ISP's and email service providers to scan ALL email for viruses,
> > then
> > > > helping their customers get clean.  Some already do so, and more are
> > > > beginning to.
> > > I already compained to this guy's ISP provider last week
> > (abuse@aliant.net)
> > > that he was sending email with my return address forged. He still is
doing
> > it
> > > and now I got a copy of the virus as well. Perhaps the job of tracking
> > down
> > > this mess should be automated at their end as well.
> > >
> > >
> >
> >
>
>


Relevant Pages

  • Re: attachment and e-mail where to report these security issues?
    ... > Attractive site and an encouraging response from the ISP. ... the scanning is done regardless of the selection. ... already picking out the emails that have the viruses. ...
    (microsoft.public.security.virus)
  • Re: With all this SPAM
    ... should not become frustrated if you find no response from ... regarding guaranteed filtering of content. ... Did you just ignore spammers on the system you ... An ISP certainly knows the source of posts or can be ...
    (rec.photo.darkroom)
  • Re: Its driving me crazy!
    ... Verizon, my ISP, uses BrightMail SpamDetector. ... Do you have the option to dump spam automatically? ... If I use a spam blocker, ... it let many spam and virus messages through. ...
    (microsoft.public.security.virus)
  • Re: Wish list
    ... that as a reason to /dev/null complaints about users. ... is an Asian ISP - Korea is particularly bad - even if someone reads the ... Sorry - the thing that triggered that response was the indication you ... un-needed ports open, and for those ports that are, having servers up to ...
    (comp.os.linux.security)
  • RE: virus handling
    ... Well to be quite honest I've had a lot of luck mitigating with an ISP to ... > Looking at the current outbreak of the Mydoom.A worm I would like to ... Virus Detected Notifications ... > these notification messages may not reach the intended recipient and ...
    (Bugtraq)