[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Backdoor not recognized by Kaspersky



Ron DuFresne <dufresne@xxxxxxxxxxxxx> wrote:

> > how about the smtp server simply rejecting mail from spoofed hosts ?
> > as all the viruses generate spoofed hosts and it is very easy for any
> > smtp server to do a dns lookup on the sending server, if the hostname
> > / ip address do not match reject the message.
> 
> Finally some sanity marks this thread!

"sanity"??

Care to define the "nearly foolproof" "spoofed hosts detection" 
algorithm that will not have an unbearably high false-positive 
rejection rate??


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html