Full Disclosure mailing list archives
Re: Strange Emails -- What are they?
From: Pam Patterson <ppatters () cbnco com>
Date: Wed, 07 Jun 2006 14:37:52 -0400
Ademar Gonzalez wrote:
On 6/7/06, Simon Smith <simon () snosoft com> wrote:ok, that makes sense... will greylisting counter this?don't think graylisting will have much effect, each bot sending a few mails.
Greylisting works by temporarily rejecting the first email from a sender at an ip address to a recipient, and then waiting the see if the sending mail server tries again as it should. If the server retries, the ip:sender:recipient tuple is added to a database and not delayed ever again.
Most spam-sending programs never retry, even with a temporary error. So greylisting would probably help in this case.
What would really help is SPF, if you can manage it. That way you can reject mail that claims to come from your domain but does not come from your mail servers. But this is all a bit OT, not really full disclosure.
-- Pam _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Strange Emails -- What are they? Simon Smith (Jun 07)
- Re: Strange Emails -- What are they? Michael Holstein (Jun 07)
- Re: Strange Emails -- What are they? Simon Smith (Jun 07)
- RE: Strange Emails -- What are they? Geo. (Jun 07)
- Re: Strange Emails -- What are they? Simon Smith (Jun 07)
- Re: Strange Emails -- What are they? Ademar Gonzalez (Jun 07)
- Re: Strange Emails -- What are they? Pam Patterson (Jun 07)
- Re: Strange Emails -- What are they? Ademar Gonzalez (Jun 07)
- Re: Strange Emails -- What are they? Michael Holstein (Jun 07)
- Re: Strange Emails -- What are they? Simon Smith (Jun 07)
- RE: Strange Emails -- What are they? Geo. (Jun 07)
- Re: Strange Emails -- What are they? Michael Holstein (Jun 07)
- Re: Strange Emails -- What are they? Michael Holstein (Jun 07)