[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Authentication and email
They looked like SPAM mails to me. But in any event... does that matter?
Are we going to wait until they *are* SPAM mails and they *have* email
addresses of real subscribers before we make something?
Gonzalo
Harald Tveit Alvestrand wrote:
>
> checking:
>
> were those SPAM mails, or were those VIRUS mails?
> we know that this has been a problem with virii, but so far, I haven't seen
> spammers using this deliberately.
>
> Harald
>
> --On 27. januar 2003 16:35 +0200 Gonzalo Camarillo
> <Gonzalo.Camarillo@lmf.ericsson.se> wrote:
>
> > Folks,
> >
> > what happened finally with Dean's proposal of implementing security (at
> > least authentication and authorization) in the IETF mailing lists?
> >
> > At present, IETF's SPAM filters take the From field of any incoming
> > message, and if the address belongs to a subscriber, they let the
> > message thru. However, in the last days, many SPAM messages received by
> > the SIPPING and SIP mailing lists tried to use real subscriber's email
> > addresses in the From field.
> >
> > It is true that sometimes their guess is wrong. For example, today we
> > received a mail from "camarillo@ericsson.com". If they had used
> > "gonzalo.camarillo@ericsson.com" instead, the message would have passed
> > all our filters.
> >
> > Maybe it is time to reconsider Dean's proposal, before spammers get a
> > little cleverer.
> >
> > Gonzalo
> >
> >
> >
> >
> >