Re: Heads-up: AT&T apparently going to whitelist-only inbound mail

["Steven M. Bellovin" <smb () research att com>]

Some people have been wondering if my statement was authentic, 
authorized, etc.  That's a fair question.  I've pgp-signed this copy
of it; my public key is available via my Web page and via key servers 
around the net.  See http://www.internetnews.com/ent-news/article.php/3097171
for a news story with similar content.


>              AT&T STATEMENT - CURRENT SPAM ATTACK - 10/22/03
>
> AT&T and a number of other large companies have seen a marked
> increase in the amount of incoming SPAM in recent days. A team of
> experts that includes members from AT&T Labs, Network Services,
> and Corporate Security has implemented a number of procedures to
> remediate this situation and minimize its impact on those trying
> to send e-mail to "att.com" addresses.
>
> As of this morning - Wednesday, October 22nd - the level of incoming
> e-mail messages is returning to normal and the situation appears
> to be well in hand. Although all AT&T e-mail servers are fully
> operational at this time, some incoming messages are experiencing
> intermittent delays as SPAM filtering continues at all network
> gateways.
>
> Customers who received e-mail bulletins from AT&T Monday and Tuesday
> requesting specific information are advised to disregard those
> messages.  They were inadvertently sent out in error and we apologize
> for any confusion or inconvenience they may have caused.
Network reliability is one of our top priorities at AT&T, so for
> obvious reasons we will not be providing more detailed information
> regarding the specific security procedures implemented to curb this
> SPAM attack. We have no intention of helping those who generate
> this type of computer and Internet mischief.


                --Steve Bellovin, http://www.research.att.com/~smb

Attachment: _bin
Description: