North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ISP phishing

  • From: Joel Jaeggli
  • Date: Thu Jun 23 18:35:03 2005

Hash: SHA1

On Thu, 23 Jun 2005, Gadi Evron wrote:

Due to the huge number of variants in the wild, our AV software can't
keep up (probably nobody's can). Instead, we enabled a global rule which
blocks any email from accounts such as billing, root, postmaster,
antivirus, abuse, security, etc. which don't originate from our
management IP space where our people work. As a result, we have stopped
these phishing scams for our users dead in their tracks.

We did as well, but we did not yet find a solution for legit bounces..
it naturally breaks that.

It's a temporary solution to what I see that is going to become very big.
The bigger issue is that users simply don't trust any kind of "official communication" anymore and I don't see anything other than pki that could actually restore that.

- -- - --------------------------------------------------------------------------
Joel Jaeggli Unix Consulting [email protected]
GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2

Version: GnuPG v1.2.6 (GNU/Linux)
Comment: pgpenvelope 2.10.2 -