[svlug] botnets

[David Rosenstrauch]

Joe Buck wrote:
> Example: it used to be that ordinary users routed their mail through
> their ISP, while spammers and spambots did SMTP connections directly to
> their victims, or via open relay sites.  So we got black-hole lists and
> told everyone they had to route mail through their ISPs or with
> authenticated SMTP connections.  Now the spambots typically route their
> mail through the ISP's SMTP connection just like the machine owner's
> regular mail.  You can't block this without blocking the user's ability
> to send mail.

Just wondering:  would you have any URL's that mention this trend?  I
ask because from what I can see most of the spam I get still seems to
come directly from dynamic IP's belonging to various ISP's - and not
from their mail servers.  Are you seeing otherwise?

Thanks,

DR