Re: attachment and e-mail where to report these security issues?

From: BeamGuy (nobody_at_spam.com)
Date: 03/27/04


Date: Sat, 27 Mar 2004 17:28:51 -0500

Yes - the antivirus program is a good place to originate notifications about viruses,
but lets not let microsoft off the hook too soon yet. I'd like to see one button
notification of SPAM, and I'd like my email program to flag that the headers do not
match the return address. Maybe I want too much...

I sense from this forum that we mostly believe the ISPs are good citizens
and respond to such notifications. Certainly if all the antivirus manufacturers
got together and setup a standard protocal for such notifications it would make it
easier for the ISPs to respond. What do we do about the slaggards? Will peer
pressure be enough, or maybe I should start composing a letter to my congressman.

>
> That would be a great thing to have in antivirus program, since they're
> already picking out the emails that have the viruses. One more button that
> says "Notify sender's ISP" would be nice. Of course, the success of
> something like that would depend on the ISPs doing anythng about the
> virus-laden mail. The ISP I use for my "real" business mail is very well
> filtered at the ISP's server, and they've just installed some new AV
> software so it's getting even better. Come to think of it, I don't think
> I've had a single virus-infested email come through the provider yet.
>
> It would be interesting to see stats on which ISPs are filtering email,
> which ones are most successful in keeping viruses out, etc. I know some of
> them advertise that they filter the mail, but that doesn't mean they're good
> at it.
>
> >
> > --
> > Phil Weldon, pweldonatmindjumpdotcom
> > For communication,
> > replace "at" with the 'at sign'
> > replace "mindjump" with "mindspring."
> > replace "dot" with "."
> >
> > "BeamGuy" <nobody@spam.com> wrote in message
> > news:ufFXir6EEHA.2768@tk2msftngp13.phx.gbl...
> > > "Phil Weldon" <notdisclosed@example.com> wrote in message news:
> > > KC29c.2108$Dv2.1170@newsread2.news.pas.earthlink.net...
> > > > As for why ISP's act the way they do? Inertia, money,
> shortsightness,
> > lack of staff,
> > > > concerns about privacy concerns account holders might have, not
> wanting
> > to change a
> > > > system that is not broken.
> > >
> > > Here is a response from an ISP that is posted on the website
> > www.dshield.org
> > >
> > > -------------------------
> > > Date: Sat, 7 Jun 2003 14:16:03 +0200
> > > > This is an abuse notice meaning that one of your machines might
> > > > be infected with a virus and is trying to infect other machines.
> > > > See http://www.dshield.org/ for more information
> > > We don't care, the major issue is that we don't want to receive this
> kind
> > of mail,
> > > because we're a large ISP and we have no control about our multiple
> > clients and
> > > their Windows systems. Your mail was annoying, so we simply filtered it
> > out. We
> > > know that many of them are infected even if we don't receive your mail.
> > > -------------------------
> > >
> > > I have friends who have identified PC's in schools locked up for the
> > summer,
> > > that sat there for three months straight sending out viruses whereever
> > they could.
> > >
> > > These things cause a big disruption in the productivity of this country.
> > If ISP's
> > > won't start acting responsibly I'm sure we can convince some legislators
> > to get
> > > involved in enforcing more responsible behavior!
> > >
> > >
> > >
> > > > Phil Weldon, pweldonatmindjumpdotcom
> > > > For communication,
> > > > replace "at" with the 'at sign'
> > > > replace "mindjump" with "mindspring."
> > > > replace "dot" with "."
> > > >
> > > > "BeamGuy" <nobodys@SPAM.com> wrote in message
> > > > news:Obj9JK4EEHA.3576@tk2msftngp13.phx.gbl...
> > > > >
> > > > > > And "you guys" includes YOU.
> > > > > Sorry - when I said "you guys" I was aiming at the programmers of
> > > > microsoft
> > > > > who could add such a feature. I don't have the source code for
> > microsoft
> > > > > outlook express, nor the inclination to create such a feature.
> > > > >
> > > > > > On the other hand, one difficulty coordinating between the
> > antivirus
> > > > dectector
> > > > > > and the email program, since there are at least a dozen of each.
> > > > > I know coordination is difficult, thats why we pay more for an
> office
> > > > program
> > > > > suite than we do for the hardware to run it on! I also have office
> > 2000
> > > > pro
> > > > > installed.
> > > > >
> > > > > > Finally, since you use Outlook Express 6.0 to post (that's in the
> > > > headers of
> > > > > > your post), all you need to do to get the full headers of a
> message
> > is
> > > > to
> > > > > > right click on the message in your message list and select
> > "Options"; a
> > > > > > window will open and display all the headers which can then be
> > copied
> > > > and
> > > > > > pasted into a notification email.
> > > > > I am not paid to report virus problems to people in canada, but I
> > might do
> > > > it
> > > > > if it is simple enough. I pay big bucks to microsoft to make my
> > computing
> > > > > experience convienient - copying and pasting the a whole bunch of
> > > > > garbledy gook into an email message, running a tracert or reverse
> DNS
> > > > > lookup and guessing at the guy's ISP provider is not all that
> > convienient,
> > > > > but could be automated.
> > > > >
> > > > > > Of course, and even better solution, and really, the only
> solution,
> > is
> > > > for
> > > > > > all ISP's and email service providers to scan ALL email for
> viruses,
> > > > then
> > > > > > helping their customers get clean. Some already do so, and more
> are
> > > > > > beginning to.
> > > > > I already compained to this guy's ISP provider last week
> > > > (abuse@aliant.net)
> > > > > that he was sending email with my return address forged. He still is
> > doing
> > > > it
> > > > > and now I got a copy of the virus as well. Perhaps the job of
> tracking
> > > > down
> > > > > this mess should be automated at their end as well.
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>



Relevant Pages

  • Re: Outlook and irrational virus fears
    ... in this message, I am using the word "virus" to refer to computer viruses, worms, trojans, ... them are written specifically to exploit vulnerabilities in Outlook. ... And not just any antivirus program: ...
    (microsoft.public.outlook)
  • Re: Viruses
    ... antivirus program with up-to-date virus definitions will not allow a defined ... not all viruses and worms have had detection definitions ... Updates don't kill viruses noted in the log file. ... infection; just putting a floppy in the drive was enough to transfer a virus ...
    (microsoft.public.security.virus)
  • Re: Are Antivirus software companies like the Mafia?
    ... Viruses require user intervention to spread - some ... a coincidence would entail some sort of similarity of unusual nature. ... > antivirus program like this one: ...
    (microsoft.public.security.virus)
  • Re: system configuration utility
    ... none turned up any viruses. ... I also reran my Norton 2005 antivirus program, ... > MS-MVP Windows Shell/User ... >> typing msconfig in the run box will not start up the utility. ...
    (microsoft.public.windowsxp.newusers)
  • Re: getting rid of outbreaks and spam
    ... In a broader view, notifications ARE currently the ... > virus and only serve to spread FUD. ... when viruses attached themselves to otherwise legitimate EXEs, ... although in this case notifying the recipient wasn't very effective. ...
    (Bugtraq)