Hi,
l don't know if this is an appropriate list, or if I'm about to present an
old/un-viable idea. for both of these points i apologize in advance.
As a gmail user, i am almost imune to spam/phishing mails. however,
everytime someone in my addressbook infects their computer with malware, i
receive spam, as it comes from an authorized account which i 'trust', and
are obviously sent to all contacts available to the compromised account.
Most of the mails i receive in this way come from unsavvy relatives -
contacts i dont want to simply delete.
Thinking about the process used to succesfully send these mails, i arrived
at the following what if:
What if, before the sender's email account had been compromised, they had
added "any alias" help(_at_)emailcompromised(_dot_)foo to their contact list.
had they
done so as soon as their account was abused, the following could
automatically be determined :
- an email accout which has been compromise
- the content and headers of a spam message
- a spam/phishing site
- the ip of a malware-infected machine.
For each of these points, action could be taken, in addition to updating
spam detection mechanisms, stopping scam-sites before they afect many users,
or even auto-blocking affected email accounts.
Before wasting effort where others have gone before, is there any milage in
this idea?
Regards,
Andy Dawson
(Web Developer)
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg