Re: CRIME Korean spam & Klez

From: Alan (alan@private)
Date: Wed May 22 2002 - 13:23:42 PDT

  • Next message: George Heuston: "CRIME FW: NIPC Advisory 02-003 "Microsoft SQL Worm Spida""

    On Wed, 2002-05-22 at 06:05, jeffrey wrote:
    > Though perhaps draconian, I have had great success with blocking most 
    > of the chinese and korean IP space at a firewall (just port 25). Yes, 
    > I get a lot of log entries and, yes, there is a chance I may block a 
    > legit email (someday), but it has reduced that source to the merest 
    > trickle....
    > 
    > Most viruses come in as attachments. Most attachments come in with a 
    > .xxx suffix that can be filtered at the mail server level. I haven't 
    > accepted a .com, .vbs, .shr, etc. file via email in a long time, 
    > because of the probability of it being a virus.
    
    I just save them.  Sometimes they come in handy.  (Like testing virus
    scanners on e-mail gateways.  I found that some are not as bulletproof
    as they advertise.)
    
    Of course, not reading mail under Windows helps.
    
    I have noticed that the amount of Spam I am getting has jumped about
    300% in the last week or so.  Not all of it is Klez either. Since the
    junk fax case went down, I have seen a hard rise in crap in my mailbox.
    
    Glad i gave the mail queue over a gig of space the last time I rebuilt
    the mail server.
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:43:32 PDT