lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040303235810.GE2014@suespammers.org>
From: rodrigob at suespammers.org (Rodrigo Barbosa)
Subject: Backdoor not recognized by Kaspersky

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Mar 03, 2004 at 04:51:40PM -0600, Ron DuFresne wrote:
> > how about the smtp server simply rejecting mail from spoofed hosts ? as all the viruses generate spoofed hosts and it is very easy for any smtp server to do a dns lookup on the sending server, if the hostname / ip address do not match reject the message.
> >
> 
> Finally some sanity marks this thread!

And now is my turn to untimely jump into the discussion.

My feeling about this is that the MDA should not be responsible to
reject the messages. At least, not always, the exception being networks
where the security rules demand these messages to be automaticaly rejected.

My idea is that the MDA simply tag the messages, and that the MUA, either
localy or using some POP-like protocol, read the flag and, following
users configurations, either dump or accept the message.

This point comes to my mind after having serious problems with
ISPs rejecting emails that were destined to me, but were not
spam. Currently, I'm having serious problems receiving e-mails
from a business partner at Korea, cause the ISP simply decided to
drop all e-mails from that company's netblock.

Mandatory restrictions and controls can easily became a problem
as big as virus and spam (moneywise). The end point should be
allowed some degree of control over that is received or not.

We must keep in mind that even big companies can have DNS errors,
and missconfigured mail server, and simply blocking that e-mail
by default can cause severe losses, both of time and money.

- -- 
Rodrigo Barbosa <rodrigob@...spammers.org>
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFARnESpdyWzQ5b5ckRAnGqAKCmahEMf5ycqjzI3twFHhq2Axfb3ACgmp0c
WXWyLSZwQgXqR33Wwi5z5+k=
=VYWp
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists