Hello Kristian,
KK> There is need for a 100% automated reporting mechanism that KK> integrates with _all_ ISPs, uses a documented standard protocol KK> so that there can be a lot of independent implementations that KK> are nonetheless interoperable, and that are part of the system KK> management software any ISP uses, indepenent of what particular KK> brand or vendor provided equipment. I do not propose automatic KK> shutdown of remote IPs, that would open to many opportunities KK> for DDoS. I agree, and I would not want to see automatic shutdown either - but there could be mechanism to SLOW down the connection and start monitoring it. Slowing down the upload speed or rate of email delivery would not severely impact the ordinary user - but would give an automated system room to analyze data and react. As far as the virus is concerned, it is upload from infected machines and not download that is the problem, so the automated system really doesn't have to do anything that impacts the users ability to receive information. KK> But a mechanism that allows me to file a complain against an IP, KK> automatically selecting the correct upstream provider and KK> propagating my complaint into equipment that automatically KK> identifies the offending component at that ISPs network, informs KK> the relevant parties at that site and enables them to look into KK> the problem without longish internal procedures would be a great KK> help for all parties involved. I would like to see that, and even more - an automated system similar to spamcop that is going to trigger appropriate action in response to volume of complaints. That is, a single complaint might not do anything, but if a large amount of reports are generated, then the system could automatically shut down some of the offending IP's, at least for a short interval. So the automated system could be doing something like automatically shutting down a given IP for 10 minutes - during that 10 minutes the IP is shifted to a special automated monitoring unit - the IP is then restored, but if restoration immediately produces a flood of virus-laden email or packets, then it is shut down again. In the meantime the ISP can be using an automated system to also attempt to contact the user -- when I say automated, I mean that they could easily use automatic phone dialers and a recorded message to notify a user that there is a security problem on their line. Anyway, I'm not very adept at understanding all the technical details, but I know that there could definitely be a better system in place than there is now. -Abigail ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
