This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
- Previous message (by thread): [anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
- Next message (by thread): [anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ox
andre at ox.co.za
Wed May 17 07:40:34 CEST 2017
On Mon, 15 May 2017 18:52:18 +0100 Gareth Llewellyn <gareth at networksaremadeofstring.co.uk> wrote: > On Mon, May 15, 2017 at 2:08 PM, peter h <peter at hk.ipsec.se> wrote: > > The main route of attack is by SPAM. > > Why is noone doing something effective against SPAM ? > > > > To date there has been no evidence that email was the vector. > exactly. WannaCry: Advice to consumers should place a lot more focus on Web Browsers (than on email - although email transports links, sometimes the payload, etc as well - this is well known...- What is not known is that the consumers favorite PORN website also installs 'monitor ware'...) Regarding Spam: Spam is becoming much more professional. Spammers now have; * registered companies, * advanced "policies" (claims of opt-in marketing only) * far greater technical focus on compliance ("standards" which they set and enforce themselves * "professional organizations" and associations/bodies providing "legitimacy" and group harassment of victims (or spamtraps or block lists) * when applying for removal from block lists, always claims shared hosting and issues have been resolved, over and over and over. * the sending of bulk (UBE) from the same IP number as legit user emails or allowing hosting users to send bulk (like mailchannels.com) * and a lot more... ********************************************************************************** Spammers have DKIM and SPF and in fact advanced email headers, so much so that legit email is not even as legit as SPAM! (in a technical sense) ********************************************************************************** The simple and salient fact is that email is a communications tool and not a marketing tool. Yes, email can be used for communicating marketing but not for marketing communication. Until that becomes firmly entrenched there will always be a spam problem. On a side note: Since the focus on sender reputation and not on spam itself, actual spam levels and user complaints are much lower. But, using a single source for reputation is still a unicorn, closest is SORBS, if you are listed on SORBS it means that you have sent spam and you are non responsive to complaints and/or are a habitual spammer sender. Simple. some thoughts... Andre
- Previous message (by thread): [anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
- Next message (by thread): [anti-abuse-wg] [cooperation-wg] WannaCry Ransomware
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]