Hear-hear: most of our customer's e-mail problems are resolved when we turn off in the in and outbound scanning offered by their favorite AV vendor. =) I bet we've had more support calls about e-mail scanning than the number of viruses that feature has ever trapped for them. And another anecdote: we experienced a rash of malware-infected subscribers spewing out spam last weekend. Most of them had some kind of AV, but of course that AV didn't prevent them from getting infected. Many of them update their definitions and scanned and thought they were clean, but because the virus/Trojan was so new, they started spewing spam again. In this case, their AV software gave them a false sense of assurance. Frank -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Mark Radabaugh Sent: 2008-02-13 17:35 To: nanog list Subject: Re: IBM report reviews Internet crime JC Dill wrote:
I'm really surprised that ISPs haven't banded together to sue Microsoft for negligently selling and distributing an insecure OS that is an Attractive Nuisance - causing the ISPs (who don't own the OS infected computers) harm from the network traffic the infected OSs send, and causing them untold support dollars to handle the problem.
If every big ISP joined a class action lawsuit to force Microsoft to pay up for the time ISPs spend fixing viruses on Windows computer, Microsoft would get a LOT more proactive about solving this problem directly. The consumers have no redress against MS because of the EULA, but this doesn't extend to other computer owners (e.g. ISPs) who didn't agree to the EULA on the infected machine but who are impacted by the infection.
jc
I think I would rather see a class action against Symantec for the hundreds of hours ISP's waste fixing customers mail server settings that Symantec sees fit to screw up with every update. We can always tell when they have pushed a major update - hundreds of calls from mail users who can no longer send mail. It's 2008. How bloody hard is it to notice that the mail server SMTP port is 587 and authentication is turned on? Why do they mess with it? -- Mark Radabaugh Amplex 419.837.5015 x21 mark@amplex.net