Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Backdoor not recognized by Kaspersky
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 04 Mar 2004 19:57:08 +1300

Michael Gale <michael () bluesuperman com> wrote:

<<OK stuff snipped>>
Also do not except mail for users that do not exist ... I know that a
lot of Exchange servers and mis-configured front end mail servers accept
mail for anything at there domain and usually if the mail is junk or
from domains that do not exist.
These are some starting points, making sure that the email follows the
RFC's also help.

Hmmm -- you realize that a lot of the behaviour you chastise in your 
first point is because the systems involved are, in fact, being 
terribly compliant mail _relays_ as defined in the RFCs??

Perhaps you should follow your own advice a tad longer before deciding 
to solve the rest of the world's problems...

However, I'm pleased you didn't jump right in and advocate SPF and its 
in-bred, red-neck cousins...


Nick FitzGerald

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]