[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] spam
Paul Koning <pkoning@equallogic.com> writes:
> Perry> However, those of us who run mailing lists find that although
> Perry> anyone "can" forge a list member's address, it is almost
> Perry> unheard of that it actually happens. Restricting my lists to
> Perry> subscribers only has eliminated 100% of the spam going to
> Perry> them.
>
> That certainly would not be true for the IPsec list -- I've looked
> over enough IPsec message headers to say that. FOr IPsec, the
> percentage of forged addresses is clearly quite large.
Not if you exclude viruses. The amount of spam from forged addresses
is nil -- the virus activity is separate.
However, the viruses are trivially blocked with a rule matching a
regular expression like this:
/^Content-(Type|Disposition):.*(file)?name=.*\.(asd|bat|chm|cmd|com|cpl|dll|exe|hlp|hta|js|jse|lnk|ocx|pif|rar|scr|shb|shm|shs|vb|vbe|vbs|vbx|vxd|wsf|wsh|zip)/
My machines block all email matching that regexps and as a result I
see no viruses at all.
--
Perry E. Metzger perry@piermont.com
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec