Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Dealing with abuse - guidelines?
- Tim Anderson
July 15, 2004, 6:08 pm
rate this thread
sent with my email address as a fake return address. I've identified the
machine responsible, and contacted the ISP (a major UK ISP). Here's what
"...I've contacted the user about this (we do need to give them a warning
first of all instead of blocking their mail straight away, and give them
some time to clear their machines). However, if the problem is still ongoing
tomorrow morning, we will take action."
My question: is this best practice? When I had a similar problem a month or
so ago, the ISP blocked the machine immediately, then sorted the problem
with the user. That makes better sense to me (of course). But are there any
guidelines as to what is appropriate?
Re: Dealing with abuse - guidelines?
Every ISP is different and handles it in different ways. I know of one
ISP that had a group-home with a NAT and there were about 6 machines
infected with a virus that had it's own SMTP engine - it was sending 1
email every 4 seconds from each machine (I could watch it). They gave
them a weekend to fix it (only took about 20 minutes to fix it once I
got there). Road Runner will actually send postal mail letters (in some
areas) and wait for a reply :)
(Remove 999 to reply to me)
- » Spy on Homer jerking off Marge Simpson's private parts
- — Previous thread in » General Computer Security