lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040620164023.GP8963@freesbee.wheel.dk>
From: ssch at wheel.dk (Steffen Schumacher)
Subject: Spam Solution

On 18.06.2004 08:21:45 +0000, Paul Rolland wrote:
> Hello,
> 
> > It seems to me that if we make all MTA's register somehow 
> > (both SMTP and 
> > POST), this would eliminate the hijacked machine as spambot 
> > phenomenon. We 
> > already have MX records for SMTP, but a lot of providers use 
> > different 
> > machines to receive (via SMTP) and send mail (POST). So, 
> > maybe a new DNS 
> > record is introduced for POST. Your machine(s) could do both 
> > or not. When 
> > your server goes to accept a message, it looks to see if the 
> > IP of the 
> > sending machine is listed in this new DNS record. If not, 
> > return a 5XX error.
> 
> Hell, this just means that before spamming, people will also have
> to break DNS ... or am I missing something ?
>


Screw DNS.. this fixes part of the problem, but what prevents spambots
to simply use the configured smtp server for the infected pc?
How would you in the server end differntiate between a spambot sending
spam and the uninfected user? You would have to look at the content.
Now THIS is a scary thought.. How complex wouldn't you have to build
your mail-factory?

Not doesn't this seem just a bit easier then breaking some dns stuff?

 
> > Didn't I read something somewhere about the possibility of this?
> 
> The whole thread titled "Akamai"... :-(
>

I don's really see the relevans.. You missed the alternative way - 
sending spam in the way regular mail-clients do.

/Steffen

 
> Regards,
> Paul
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ