lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040303225832.GB7256@josefina.dcit.cz> From: martin.macok at underground.cz (Martin Mačok) Subject: SMTP rejecting wrong HELO/EHLO domains will save the world (was: Backdoor in passworded ZIP not recognized by Kaspersky) On Wed, Mar 03, 2004 at 11:36:09PM +0530, Aditya, ALD [Aditya Lalit Deshmukh] wrote: > how about the smtp server simply rejecting mail from spoofed hosts > ? as all the viruses generate spoofed hosts and it is very easy for > any smtp server to do a dns lookup on the sending server, if the > hostname / ip address do not match reject the message. I guess you are talking about comparing HELO/EHLO domain with reverse/forward DNS record for the IP of the host. (?) Yes, this would definitely stop almost all SPAM/viruses instantly when "turned on". It just have two little problems - it would also definitely stop almost all email messages - and - there would be also no problem for SPAM/viruses to use real domain in EHLO verb tommorow. Martin Ma?ok
Powered by blists - more mailing lists