struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martin Cooper" <mart...@apache.org>
Subject Re: [SPAM/Virus] Malicious mail from Struts-user users?
Date Thu, 29 Apr 2004 05:49:57 GMT

"Joe Germuska" <Joe@Germuska.com> wrote in message
news:a06100534bcb44a8bbed2@[192.168.2.81]...
> >Is anyone else getting this?
>
> Literally hundreds of times a day, from struts-user, cocoon-user,
> jakarta-general, as well as such lumnaries as Craig McClanahan and
> Martin Cooper.

Gee, I can't say that I consider myself a luminary... ;-)

Just FYI, there would be hundreds more of these every day on the mailing
lists too, if these lists were not moderated. Being the owner / moderator of
the Struts lists, I get to wade through them all and determine which
messages are valid.

The reason I bring this up is to encourage those of you who post relatively
frequently, without subscribing (you know who you are!), to please subscribe
to the lists. Doing so will result in your messages getting to the list much
more quickly, as well as reducing the number of messages I have to wade
through every day. ;-)

> Most viruses out there these days forge the sender emails and gather
> them from the same address pool where they get recipient addresses,
> so it's not surprising that they seem to come from familiar senders.
>
> Besides possibly inspecting the mail headers, there's really no way
> to trace these back to the originating machine, so all you can really
> do is have all your anti-virus software up to date (or use a Mac! :^)

Unfortunately, inspecting headers doesn't tell you all that much, since
pretty much anything in the mail protocols can be spoofed. It can help you
weed out the dumb senders, but the proportion of those is falling.
Anti-virus isn't the whole answer either.

What organisations really need, to protect their email users, is a
comprehensive "email firewall" product that combines anti-spam, anti-virus,
and other protection schemes. The only such beast I'm aware of that really
works (and it does work awesomely well) is a product of a former employer of
mine. Unfortunately, it seems unlikely that Apache would deploy this
particular solution, due purely to OS biases.

--
Martin Cooper


>
> Joe
>
> -- 
> Joe Germuska
> Joe@Germuska.com
> http://blog.germuska.com
>        "Imagine if every Thursday your shoes exploded if you tied them
> the usual way.  This happens to us all the time with computers, and
> nobody thinks of complaining."
>              -- Jef Raskin




---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message