Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

bouncing SoBig.F mail (was: RE: SoBig.F strange problem)
From: "Alan Rouse" <ARouse () n2bb com>
Date: Wed, 20 Aug 2003 12:06:29 -0400
Doesn't this just result in sending spam to innocent parties?  Remember,
the addresses are spoofed.  Seems to me it just doubles the amount of
bogus mail flying around as a result of SoBig.F.  I've been seeing this
kind of messages, and I don't need the additional spam!  

IMO it is much better just to drop the message and forget it.

-----Original Message-----
From: Stephen Clowater [mailto:steve () stevesworld hopto org] 
Sent: Wednesday, August 20, 2003 10:26 AM
To: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] SoBig.F strange problem


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I started getting 1000-2000 an hour yesterday, I just went to all the
border routers and put a filter on 25 to drop those connections and send
a notice to the From feild of the smtp query, and a QUIT to the
mailserver it was connecting to.

I'd recomend doing this, its easy to do in freeBSD, all my borders are
freeBSD so I havent tried it on anything else yet :)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • bouncing SoBig.F mail (was: RE: SoBig.F strange problem) Alan Rouse (Aug 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]