On Thu, 31 Jul 2014 18:47:19 +0100 Brian <a...@cityscape.co.uk> wrote:
> On Thu 31 Jul 2014 at 17:37:21 +0100, Joe wrote: > >The preference is for > > malware to use a primitive SMTP engine which is entirely separate > > from the compromised system's email. > > I didn't know that. I don't envisage such an engine on my system but > if it could read /etc/exim4/passwd.client (a plaintext file) it's in > business. You pointed out how easy it is to talk to an SMTP server with telnet, I have a couple of times actually sent someone a short email that way. It would be pretty easy to write a script that would automate the process for a few hundred recipients at a time. And it won't know what /etc/exim4 is, it will be Windows malware, and while Windows does indeed have an /etc (actually \etc) it only keeps hosts, lmhosts, protocols and services files there. > > > Also, probably more important, your mail hosting company may well > > spot the spam going through their own mail server, whereas they are > > probably less likely to spot outgoing spam just passing through > > their routers, along with hundreds of torrent feeds... I'm sure the > > ISPs will be required to monitor and analyse all traffic in and out > > of their customers' systems one day, but I doubt that they're > > looking forward to it. > > I can well understand any decent ISP monitoring port 25 traffic > through its network. Those who block port 25 may eventually come up > with before and after statistics but somehow I doubt it; commercial > confidentiality and all that. > > I think the ISPs have enough to do in recording email in and out of their own servers, for the government's benefit. Relatively few companies and almost no individuals send mail direct. But we all know that the only direction for the Internet to go is downhill... -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140731194458.1c078...@jretrading.com
