Re: Backdoor not recognized by Kaspersky

[Nick FitzGerald <nick () virus-l demon co uk>]

Michael Gale <michael () bluesuperman com> wrote:

<<OK stuff snipped>>
> Also do not except mail for users that do not exist ... I know that a
> lot of Exchange servers and mis-configured front end mail servers accept
> mail for anything at there domain and usually if the mail is junk or
> from domains that do not exist.
<<snip>>
> These are some starting points, making sure that the email follows the
> RFC's also help.

Hmmm -- you realize that a lot of the behaviour you chastise in your 
first point is because the systems involved are, in fact, being 
terribly compliant mail _relays_ as defined in the RFCs??

Perhaps you should follow your own advice a tad longer before deciding 
to solve the rest of the world's problems...

However, I'm pleased you didn't jump right in and advocate SPF and its 
in-bred, red-neck cousins...


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html