[Bug 6577] New: IPv6 encapsulated IPv4 sender not detected correctly

bugzilla-daemon Mon, 25 Apr 2011 18:17:56 -0700

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6577


           Summary: IPv6 encapsulated IPv4 sender not detected correctly
           Product: Spamassassin
           Version: SVN Trunk (Latest Devel Version)
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: major
          Priority: P2
         Component: Plugins
        AssignedTo: [email protected]
        ReportedBy: [email protected]


Got a 419 scam spam with an IPv6 encapsulated IPv4 address that was not
detected correctly:

Received: from userPC ([::ffff:82.128.107.32])
 (AUTH: LOGIN [email protected], TLS: TLSv1/SSLv3,256bits,AES256-SHA)
 by mail.xxxxxxx.com with ESMTPSA; Mon, 25 Apr 2011 16:nn:00 -0500
 id 0000000000aaaaa.00000000bbbbb.00000ccccc

"I believe that this is a new method to obfuscate an IPv4 address from
harvesters and DNSbl's by hiding it in a IPv4 over IPv6 tunnel address so that
it doesn't get processed." says a friend.

I might call this v4 obfuscation via v6.

-- 
Configure bugmail: 
https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

[Bug 6577] New: IPv6 encapsulated IPv4 sender not detected correctly

Reply via email to