[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Backdoor not recognized by Kaspersky

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 04 Mar 2004 19:57:08 +1300

Michael Gale <michael@xxxxxxxxxxxxxxxx> wrote:

<<OK stuff snipped>>
> Also do not except mail for users that do not exist ... I know that a
> lot of Exchange servers and mis-configured front end mail servers accept
> mail for anything at there domain and usually if the mail is junk or
> from domains that do not exist.
<<snip>>
> These are some starting points, making sure that the email follows the
> RFC's also help.

Hmmm -- you realize that a lot of the behaviour you chastise in your 
first point is because the systems involved are, in fact, being 
terribly compliant mail _relays_ as defined in the RFCs??

Perhaps you should follow your own advice a tad longer before deciding 
to solve the rest of the world's problems...

However, I'm pleased you didn't jump right in and advocate SPF and its 
in-bred, red-neck cousins...

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] SMTP open relays and RFC (was: Backdoor not recognized by Kaspersky)
  - From: Martin Mačok

References:
- Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
  - From: Rodrigo Barbosa
- Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
  - From: Michael Gale

Prev by Date: [Full-Disclosure] OpenLinux: cups denial of service vulnerability
Next by Date: Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
Previous by thread: Re: [Full-Disclosure] Backdoor not recognized by Kaspersky
Next by thread: [Full-Disclosure] SMTP open relays and RFC (was: Backdoor not recognized by Kaspersky)
Index(es):
- Date
- Thread