Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Fighting useless notification mails
From: Marc Ruef <marc.ruef () computec ch>
Date: Tue, 30 Mar 2004 12:44:05 +0200

Dear list,

Viruses and worms that spread as mail attachments are filling our inboxes day for day. Most of this nastly little monsters are able to generate random or faked from addresses.

I receive dozents of automaticly generated notification mails that presume I sent a not allowed attachment. I am pretty shure that this is not true. Many different facts are able to verify this statement (e.g. sending time, SMTP routing, source IP address).

In some cases it may be useful to notify a sender that his host is spreading malicous code. But I would like to see that antivirus vendors enhance their databases and save standardized the information if a mail worm is able to generate random or faked source addresses. If this may be given, antivirus solutions should _not_ send a notification to the presumed sender anyway, because it makes absolutely no sense. So it may be possible to break down the whole useless notification spam that doubles the annoying virus mail traffic.

Yours, Marc

--
Attack Tool Kit - Enhance your pen-tests
http://www.computec.ch/projekte/atk/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]