Sue your ISP for DoS attack (was Re: [linux-elitists] dealing with Swen)

Karsten M. Self kmself@ix.netcom.com
Thu Sep 25 15:40:49 PDT 2003


on Tue, Sep 23, 2003 at 07:13:26PM +0100, Geoff Lane (zzassgl@buffy.sighup.org.uk) wrote:
> 
> As far as I can tell, in dealing with the Swen storm, the general
> recommendation of the list is to just accept and /dev/null the worm emails
> via .procmail or some other local filter.
> 
> The reasons are
> 
> 	* responding in any manner just multiples emails without any
> 	corresponding reduction in the trash emails.
> 
> 	* using the sendmail access.db (or equivalent in other MTAs) to 550
> 	incoming Swen email is not helpful if your machine uses a peer mail
> 	router as the down line machine will just generate a "cannot
> 	deliver" message and direct it to the apparent sender (I'm guessing
> 	that a store&forward model is used by the MTA in this instance.)
> 
> Correct?  
> 
> Much as I hate to do it, if accepting and /dev/null'ing 200Mb of trash email
> a day helps, that's what I'll do (I'm on a wires only, unmetered ASDL line
> so it's not much of a hardship. But I really want to LART _somebody_.)
> 
> (Time for a class action against Microsoft for supplying gratuitously
> insecure operating systems and applications without a modicum of ring
> fencing to prevent involuntary, antisocial behaviour when connected to a
> network.)

Yes.  Emphatically yes, but I'd like to make a second suggestion.

However, since receiving *900* spams, Swen posts, and associated viral
crud (this is what's in my Spam folder, I haven't analyzed the contents
yet though eyeball says it's mostly Swen), between 0500 and 1530 today,
more than a week after this crap started, and after I've *already*
posted to my ISP a request that this crap be blocked.  That's 125 MiB of
mail.  Dialup eamil is *dead*.  Not server based.  Dialup pop cannot
handle this crap.

I'm seriously considering suing my own ISP for a DoS attack.  They can
pick this crap out and dump it.  Why don't they?

Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
  Backgrounder on the Caldera/SCO vs. IBM and Linux dispute.
      http://sco.iwethey.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030925/13e02e9b/attachment.pgp 


More information about the linux-elitists mailing list