On Thu, 25 Feb 2010 17:51:15 -0500
Kris Deugau <kdeu...@vianet.ca> articulated:
> Even as a small boutique ISP (~1200-1300 dialup customers) before
> being swallowed by a larger company, when we introduced outbound
> virus scanning in ~2001 we regularly found virus mail originating
> from customer systems. Customers therefore knew about the virus(es)
> that slipped past their desktop AV (if any) much, *much* earlier than
> they might have otherwise. A few of the viruses were even Javascript
> viruses that attached themselves to legitimate mail.
>
> Catching a couple hundred viruses per *day* was normal traffic for
> those ~1200 users, for a while.
>
> We also tried sending automated "you have a virus" and "$sender tried
> to send you a virus" notices. With a staff of two-and-a-half at the
> time, we quickly stopped doing that, because of all the calls asking
> what this was all about.
Boo-Hoo! If you are going to scan and delay/delete a user's e-mail,
whether they are sending it or receiving it, then you had better notify
them immediately of your actions. If you cannot do that, then get a new
day job. I was briefly involved in a class action suit against an ISP
for employing just that sort of business model. They would complain
they couldn't afford it. yet they had no problem buying shiny new
'toys' for the executives of the company. They too were bought out by a
larger company and the suit was dismissed.
To reiterate, I have no problem with an ISP scanning e-mail. I do have
a real problem when they scan and delete traffic without notifying the
originator of the message, as well as its intended recipient. Such
notification to include the exact reason for the dismissal of said
message. Blanked notices, such as: message "bla-bla-bla) contained a
virus or was in violation of our EUL" are unacceptable. The ISP must
also be made legally responsible for any such damages incurred by the
incorrect labeling of said document. They should also be required to
support a telephone help desk system capable of handling customer
inquiries regarding such actions. (Hello Google). If they are going to
take my money, they better be ready to take my call and answer it 24/7.
> > In reality, a user running his own mail server has a
> > greater chance of getting blacklisted if they produce 'backscatter'.
>
> Probably. But a small personal-domain system is "trivial" in scale.
So size does matter?
--
Jerry
ges...@yahoo.com
|::::=======
|::::=======
|===========
|===========
|
Zisla's Law: If you're asked to join a parade, don't march behind the
elephants.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
