Security Basics mailing list archives
Re: Domain HiJacking by SPAMMERS
From: Alejandro Flores <alejandro.flores () triforsec com br>
Date: Fri, 30 Jan 2004 08:47:26 -0300
Hello there, The basic problem, is that anyone can 'forge' an e-mail. Not all servers will ask you for authentication. This is an old trick used by spammers. They forge the sender 'cause if the mail gets bounced, it will go to someone else. Another thing is that many smtp servers check if the sender domain exists (MAIL FROM: someone () somecompany com). So, they use anyone's domain in order to get their mail (SPAM) routed. Regards, Alejandro Flores
I would be interested too, since we got a client who got "attacked" in such a way yesterday. We received an estimated 30,000 bounced emails alone from the fake reply to email address in a matter of hours. The data center received hundreds of ill-informed abuse reports. We took a sample and they trace to US and Europe, from a large variety of ISPs, leading us to believe it's probably compromised machines. I would thus be interested too to hear about how this can be resolved. We don't wish to terminate the client, or ask him to move, but this causes us tremendous resources to deal with. At the same time, we don't want ill-informed reports to cause us to be blacklisted by ISPs or Spam lists. Any suggestions will be appreciated. Thanks.
--TriForSec http://www.triforsec.com.br/
--------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- Domain HiJacking by SPAMMERS saliskor (Jan 29)
- Re: Domain HiJacking by SPAMMERS Lars Johannesen (Jan 29)
- Re: Domain HiJacking by SPAMMERS Ho Chaw Ming (Jan 29)
- Re: Domain HiJacking by SPAMMERS sil (Jan 30)
- Re: Domain HiJacking by SPAMMERS Alejandro Flores (Jan 30)
- Re: Domain HiJacking by SPAMMERS Ho Chaw Ming (Jan 30)
- RE: Domain HiJacking by SPAMMERS David Gillett (Jan 29)
- Re: Domain HiJacking by SPAMMERS Bryan S. Sampsel (Jan 30)
- Re: Domain HiJacking by SPAMMERS Jude Naidoo (Jan 30)
- Re: Domain HiJacking by SPAMMERS Ho Chaw Ming (Jan 30)
- Re: Domain HiJacking by SPAMMERS Ed Weinberg (Jan 30)
- Re: Domain HiJacking by SPAMMERS Jude Naidoo (Jan 30)
- Re: Domain HiJacking by SPAMMERS Michele Orsenigo (Jan 30)
- <Possible follow-ups>
- RE: Domain HiJacking by SPAMMERS Shawn Jackson (Jan 30)
- RE: Domain HiJacking by SPAMMERS Bruyere, Michel (Jan 30)
- Re: Domain HiJacking by SPAMMERS Matt Atkins (Jan 30)
(Thread continues...)