mailing list archives
RE: Backdoor not recognized by Kaspersky
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 04 Mar 2004 16:00:33 +1300
Ron DuFresne <dufresne () winternet com> wrote:
how about the smtp server simply rejecting mail from spoofed hosts ?
as all the viruses generate spoofed hosts and it is very easy for any
smtp server to do a dns lookup on the sending server, if the hostname
/ ip address do not match reject the message.
Finally some sanity marks this thread!
Care to define the "nearly foolproof" "spoofed hosts detection"
algorithm that will not have an unbearably high false-positive
Full-Disclosure - We believe in it.
RE: Backdoor not recognized by Kaspersky Jos Osborne (Mar 03)
RE: Backdoor not recognized by Kaspersky Schmehl, Paul L (Mar 03)