[81698] in North American Network Operators' Group
Re: ISP phishing
daemon@ATHENA.MIT.EDU (Joel Jaeggli)
Thu Jun 23 18:33:56 2005
Date: Thu, 23 Jun 2005 15:32:22 -0700 (PDT)
From: Joel Jaeggli <joelja@darkwing.uoregon.edu>
To: Gadi Evron <ge@linuxbox.org>
Cc: Robert Boyle <robert@tellurian.com>,
Gadi Evron <gadi@tehila.gov.il>, nanog@merit.edu
In-Reply-To: <42BACA0D.2090808@linuxbox.org>
Errors-To: owner-nanog@merit.edu
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 23 Jun 2005, Gadi Evron wrote:
>> Due to the huge number of variants in the wild, our AV software can't
>> keep up (probably nobody's can). Instead, we enabled a global rule which
>> blocks any email from accounts such as billing, root, postmaster,
>> antivirus, abuse, security, etc. which don't originate from our
>> management IP space where our people work. As a result, we have stopped
>> these phishing scams for our users dead in their tracks.
>>
>> -Robert
>
> We did as well, but we did not yet find a solution for legit bounces..
> it naturally breaks that.
>
> It's a temporary solution to what I see that is going to become very big.
The bigger issue is that users simply don't trust any kind of "official
communication" anymore and I don't see anything other than pki that could
actually restore that.
- --
- --------------------------------------------------------------------------
Joel Jaeggli Unix Consulting joelja@darkwing.uoregon.edu
GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
iD8DBQFCuzh+8AA1q7Z/VrIRAoLNAJwIlI+xeEk5TDu22mhGMYVfFIypGACfb2BR
/hUazqmv3nleXPriXwuMeSY=
=erGj
-----END PGP SIGNATURE-----
