|
Posted by Leythos on July 15, 2004, 2:49 pm
If you were Registered and logged in, you could reply and use other advanced thread options
says...
> I'm receiving about 2000 messages per hour, which are bounces of viruses
> sent with my email address as a fake return address. I've identified the
> machine responsible, and contacted the ISP (a major UK ISP). Here's what
> they say:
>
> "...I've contacted the user about this (we do need to give them a warning
> first of all instead of blocking their mail straight away, and give them
> some time to clear their machines). However, if the problem is still ongoing
> tomorrow morning, we will take action."
>
> My question: is this best practice? When I had a similar problem a month or
> so ago, the ISP blocked the machine immediately, then sorted the problem
> with the user. That makes better sense to me (of course). But are there any
> guidelines as to what is appropriate?
Every ISP is different and handles it in different ways. I know of one
ISP that had a group-home with a NAT and there were about 6 machines
infected with a virus that had it's own SMTP engine - it was sending 1
email every 4 seconds from each machine (I could watch it). They gave
them a weekend to fix it (only took about 20 minutes to fix it once I
got there). Road Runner will actually send postal mail letters (in some
areas) and wait for a reply :)
--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
| 
XML site map