Doesn't this just result in sending spam to innocent parties? Remember,
the addresses are spoofed. Seems to me it just doubles the amount of
bogus mail flying around as a result of SoBig.F. I've been seeing this
kind of messages, and I don't need the additional spam!
IMO it is much better just to drop the message and forget it.
-----Original Message-----
From: Stephen Clowater [mailto:steve_at_stevesworld.hopto.org]
Sent: Wednesday, August 20, 2003 10:26 AM
To: full-disclosure_at_lists.netsys.com
Subject: Re: [Full-disclosure] SoBig.F strange problem
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I started getting 1000-2000 an hour yesterday, I just went to all the
border routers and put a filter on 25 to drop those connections and send
a notice to the From feild of the smtp query, and a QUIT to the
mailserver it was connecting to.
I'd recomend doing this, its easy to do in freeBSD, all my borders are
freeBSD so I havent tried it on anything else yet :)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Aug 20 2003
Intro
