A few senders are responsible for most of your dangerous email. That’s the conclusion of an analysis of mail traffic on the trimMail Inbox network.
The study found that just 20% of the perps dumping malicious scripts or viruses generate 45% to 64% of all the malware received. Makes your firewall-trigger finger itch, doesn’t it?
While network administrators of content filtering appliances like trimMail Inbox often respond by simply blocking the top 20% of senders, we’d suggest a bit more caution.
Before blocking an IP, run an external traceroute and whois with the free online tools. Once you’ve separated innocent dimbulbs from the evil doers, block IPs as your mood dictates.
Then prepare to tell the Boss her home computer’s morphed into a spam-blasting zombie… Gently, gently.
1 comment
Comments feed for this article
August 9th, 2005 at 1:48 pm
BobBooBear
I have been adding ‘deny from IPs’ at the rate of 2-3 a day.
If they are a proxy, they deserve to be blocked for allowing spammers to use them.
Blocking spammers like this still puts a strain on my firewalls, and it’s a problem that is set to increase, especially if ignored.