lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: jeremiah at nur.net (Jeremiah Cornelius) Subject: SoBig.F strange problem Mike Vasquez wrote: >I've seen a handful with no attachment and checked my logs -- none was >stripped on my end... > > >----- Original Message ----- >From: "Steve Bremer" <steveb@...coinc.com> >To: <full-disclosure@...ts.netsys.com> > > > >>We've noticed a few problems with it as well. We've received a few e- >>mails with one of the typical Sobig subject lines, only no >>attachment. The attachment headers are in the e-mail, so our MUA >>thinks there is an attachment, but there is just no "body" to the >>attachment. >> >>Either there are a few broken variants out there sending out e-mail >>without the payload, or something in-between us and the sender is >>stripping out the attachment. It isn't our AV system, since it would >>quarantine the entire message. >> >>Has anyone else experienced this? >> >>Steve Bremer >> >> Funny, if they were stripped outbound, by the victim's gateway. Like a "Roach Motel." Is this a possibility - they don't get a sig on the attach - but strip outbound at the gateway for size?
Powered by blists - more mailing lists