| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Sonny.Discini at montgomerycountymd.gov (Discini, Sonny) Subject: weird worm ? " don't think so. The examples I've seen here have been nothing but a string of nonsense words, with no link or web bug. A probe has to have some way of reporting success/failure, and I don't know many systems that bounce spam filter failures." Actually, by default, Symantec's SPAM filter will send a reply to the sender if an e-mail triggers a rule. This would be the success/failure reporting that you have mentioned. -----Original Message----- From: roy@...t-central.com [mailto:roy@...t-central.com] Sent: Tuesday, December 30, 2003 2:36 PM To: full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] weird worm ? On Tuesday 30 December 2003 01:33 pm, Discini, Sonny wrote: > Yes, I have seen similar e-mails and yes, this appears to be word list > probes to see what will and will not pass through your filter. I don't think so. The examples I've seen here have been nothing but a string of nonsense words, with no link or web bug. A probe has to have some way of reporting success/failure, and I don't know many systems that bounce spam filter failures. They're much more likely to be attempts to poison Bayesian filters. > This also explains why the e-mail is coming from random sources. If it > came from a real address, they know that any reasonable admin would > add the domain to their block list. That much makes sense. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists