[lug] semi-related: advice on making The Call?
Bear Giles
bgiles at coyotesong.com
Thu Jun 13 18:14:48 MDT 2002
> I find it an interesting topic, and it will probably become a more
> common topic in the future. It would be interesting to follow this as it
> unfolds.
It looks like I'll be on the phone with various sites for the next few
hours.
It's been an interesting mix - some total cluelessness by the smallest
open relays, and astoundishing indifference by PacBell.net. Nobody
(especially PacBell) has been able to smoothly transition into an
incident response plan.
For those keeping track, to date every company has been running Exchange.
It's actually simplified my spiel now, since I can reduce it to
"Hi, you will deny this just like everyone else has but you're
running Microsoft Exchange for your email and somebody is using that
piece-o-shit software to send mail from your site to third parties
while fradulently claiming to be me. I want it to stop. Now.
I know you don't believe you're sending out this mail, but check
your logs - everyone has has sheepishly called be back after a few
hours and admited that they were spamming. In the meanwhile I can
send you the bounce message from AOL showing mail from xx.xx.xx.xx,
your IP address, and a sender claiming to be me. This hurts my
company's reputation and ability to do business, and I want it to
stop."
Bear
More information about the LUG
mailing list