[SpamCop-List] Re: (Very Very OT) Tracing Terrorist E-Mail

[Redstone]

"Philippe Verdy" <verdy_p at wanadoo.fr> wrote in
news:c2v72t$rd3$1 at news.spamcop.net: 



> So now suppose a terrorist wants to send an email, all it has to
> do is to seek for a list of unsecured hosts currently contaminated
> with a open-relay/open-proxy. And then check that this host is
> already anonymizing its connected source (the terrorist may need
> to send first a test email to himself to ensure that the relayed
> email does not track the source.) 
> 

Haven't seen an open-proxy that ever tracks the source.


> When a list of "good" open-relays or open-proxies is determined,
> it becomes very easy to relay an anymized email through these
> proxies, located in countries whose ISP is not supposed to perform
> good checking of the open-proxy/open-relay status of the hosts
> they connect to the Internet. 
> 

Like Comcast..



> 
> Also, the virus authors tend to discuss after their "exploit" with
> their friends on some "hackerz" networks, so they leave lots of
> fingerprints which will help determine the real sender.
> 

You mean they stupidly discuss. (Not knowing when one of their 
"buds" might rat them out.)


> On the opposite tracking a terrorist sending an email will be
> likely much more difficult as they will first seek to secure a
> unqiue sending point to revendicate their act. And they will be
> silent and will then drop all further traces of the abused
> networks and hosts through which they revendicated their act.
> 
> A single email will be sent to some newspaper email address that
> currently does not reject emails from open-relays/open-proxies or
> dialup accesses. 
> 
> 

Like the one regarding the Spain incident.