[81702] in North American Network Operators' Group
Re: ISP phishing
daemon@ATHENA.MIT.EDU (Robert Boyle)
Fri Jun 24 03:08:10 2005
Date: Fri, 24 Jun 2005 03:06:34 -0400
To: Gadi Evron <ge@linuxbox.org>, nanog@merit.edu
From: Robert Boyle <robert@tellurian.com>
In-Reply-To: <42BACA0D.2090808@linuxbox.org>
Errors-To: owner-nanog@merit.edu
At 10:41 AM 6/23/2005, you wrote:
>We did as well, but we did not yet find a solution for legit bounces..
>it naturally breaks that.
I've been thinking about what you said, but I can't imagine a scenario in
which this would affect bounce delivery to or from our admin-type
addresses. Incoming bounces would be from <> and to admin@domain.net.
Outgoing bounces would be from <> and to whatever@domain.com. We only block
mail sent with the from as one of our admin addresses when it was not sent
from our management / customer service / noc address space. If there is a
problem which this creates which I haven't thought of, please explain since
I would like to eliminate the problem or be aware of it if elimination
isn't an option.
>It's a temporary solution to what I see that is going to become very big.
x% of people are stupid and will never cease to be stupid. Provided these
users are easy enough to reach, they will continue to open naked pictures,
free pirated software emailed to them, password protected zip files with
really important executables, antivirus "cleaners", microsoft updates from
bgates@microsoft.com, 'You gotta see this!' IM URL links from friends, etc.
My goal is not to stop stupid people from infecting themselves, but to stop
our users from thinking WE infected them by eliminating the one threat
vector over which we have absolute control and hence responsibility in the
eyes of our customers. "Why did you allow someone to send mail as
support@tellurian.net to my account if it had a virus in it?"
-Robert
Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com | 888-TELLURIAN | 973-300-9211
"Well done is better than well said." - Benjamin Franklin
