funsec mailing list archives
RE: Postage Is Due for Companies Sending E-Mail
From: Drsolly <drsollyp () drsolly com>
Date: Wed, 8 Feb 2006 14:28:09 +0000 (GMT)
On Tue, 7 Feb 2006, Ryan Counts wrote:
I can't wait to receive my first NDR due to insufficient postage... I'm a little curious about a few aspects of this :
Well, I don't know how they're doing it, but here's what I'd do:
1) What happens if a machine on your network gets botted? Is your company responsible for the postage of all these emails?
Yes. Just like you're responsible for fixing my garden wall if you rammed into it on acccount of your faulty brakes.
2) I'm guessing auditing this in any way - to verify they are billing you correctly for example - could get a little cumbersome.
It should be easy. All you need to do, is count the emails sent via their system.
3) What about personal emails from a company's employees to members of AOL? You mean I gotta pay for my people to send jokes to their ex-girlfriend's sister-in-law's roommate?
Company employees sending personal mail, would have to use the free system and take their chances like everyone else.
3) Is it just me, or does it seem that the ultimate result of this will be improved virii?
What's a virii?
Most of the spam I receive today seems to be from infected machines, which are sending emails that from a technical standpoint can look completely legit and trace back only to the infected machine. From that perspective, it seems that this is only going to increase financial burdens on small companies that can't afford good workstation security.
No, it creates an incentive on small companies to clean up their botted computers and stop it happening again.
Hmmmm, maybe they could file a class-action against Microsoft for security holes... As it is, right now the biggest problem in filtering spam is verifying the source, so how does this help that in any way?
It verifies who the source really is, and that this source has been willing to pay for the email to be delivered. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Postage Is Due for Companies Sending E-Mail, (continued)
- Re: Postage Is Due for Companies Sending E-Mail Valdis . Kletnieks (Feb 07)
- Re: Postage Is Due for Companies Sending E-Mail der Mouse (Feb 08)
- Re: Postage Is Due for Companies Sending E-Mail Stephen J. Smoogen (Feb 07)
- Re: Postage Is Due for Companies Sending E-Mail Drsolly (Feb 07)
- Re: Postage Is Due for Companies Sending E-Mail Stephen J. Smoogen (Feb 08)
- Re: Postage Is Due for Companies Sending E-Mail Vicky Røde (Feb 07)
- Re: Postage Is Due for Companies Sending E-Mail Bill Weiss (Feb 07)
- RE: Postage Is Due for Companies Sending E-Mail Drsolly (Feb 08)
- Re: Postage Is Due for Companies Sending E-Mail Stephen J. Smoogen (Feb 08)
- Re: Postage Is Due for Companies Sending E-Mail der Mouse (Feb 08)
- Re: Postage Is Due for Companies Sending E-Mail Dude VanWinkle (Feb 08)
- Re: Postage Is Due for Companies Sending E-Mail Drsolly (Feb 08)