Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Backdoor not recognized by Kaspersky
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 04 Mar 2004 19:57:08 +1300

Michael Gale <michael () bluesuperman com> wrote:

<<OK stuff snipped>>
Also do not except mail for users that do not exist ... I know that a
lot of Exchange servers and mis-configured front end mail servers accept
mail for anything at there domain and usually if the mail is junk or
from domains that do not exist.
<<snip>>
These are some starting points, making sure that the email follows the
RFC's also help.

Hmmm -- you realize that a lot of the behaviour you chastise in your 
first point is because the systems involved are, in fact, being 
terribly compliant mail _relays_ as defined in the RFCs??

Perhaps you should follow your own advice a tad longer before deciding 
to solve the rest of the world's problems...

However, I'm pleased you didn't jump right in and advocate SPF and its 
in-bred, red-neck cousins...


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]