nac-gaf spam attacks

["Steve Cooperman" <worried () gmail com>]

Good Afternoon,
I'm seeing wide-spread spam attacks across several different shared hosting
servers, operated by multiple companies. The attacks forge emails on the
fly, and follow a pattern. The spam first takes the client's domain name,
for example, plastic.com. Then adds the word "nac" to the beginning, and
"gaf" to the end, making the from email address nacplasticgaf () plastic com .
If the domain were rockin.com, the email would be nacrockingaf () rockin com .
Byob.com, nacbyobgaf () byob com, etc.

Has anyone else noticed this trend this afternoon? It seems they just
started a couple of hours ago. It doesn't seem like a security risk, just
standard forging of email headers. The main company I work for makes use of
SPF, however not every mail server on the internet makes use of it. I'm only
submitting this because it seems like a wide-spread issue this afternoon.

All the best,
Mike Bailey

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/