On Fri, 29 Aug 2003 19:30:44 CDT, David Frascone [EMAIL PROTECTED] said:
'course, I probably get 25 e-mails a day telling me that I sent someone
Sobig, which would be pretty impressive, since I run Suse :)
I should be so lucky. I'm averaging almost that many AV-scanner alerts bouncing
to me
Can't we just hack the mailman configs to dump mails with X-sender value
of outlook or outlook express? That would solve the problem, no;)
Scott
On Fri, 29 Aug 2003 [EMAIL PROTECTED] wrote:
On Fri, 29 Aug 2003 19:30:44 CDT, David Frascone [EMAIL PROTECTED] said:
'course, I probably get
On Thu, 28 Aug 2003 22:14:26 EDT, shogunx said:
Can't we just hack the mailman configs to dump mails with X-sender value
of outlook or outlook express? That would solve the problem, no;)
Well, the only problem with that idea is that we explicitly do *NOT* have a
Your clue must be -THIS- tall
I still say we should have put this in the security considerations in RFC1341:
It's pretty difficult to miss the ones that are already there - which certainly
would have been sufficient to stop Sobig had they been heeded.
Can't we just hack the mailman configs to dump mails with X-sender
value
of outlook or outlook express? That would solve the problem, no;)
Well, the only problem with that idea is that we explicitly do *NOT*
have a Your clue must be -THIS- tall to ride the IETF list
policy... ;)
The Sobig
User can do click on
attachments with many mailers, not just Outlook and OE.
Note that any mailer that does this violates the MIME specifications,
which specifically warn against the presentation of content-types not
known to be safe, against a mail reader implementing the ability to present
On Fri, 29 Aug 2003, Christian Huitema wrote:
Can't we just hack the mailman configs to dump mails with X-sender
value
of outlook or outlook express? That would solve the problem, no;)
Well, the only problem with that idea is that we explicitly do *NOT*
have a Your clue must be -THIS-
Keith;
MIME developers are.
MIME is too much e-mail centric.
Whether one use content-type or file name is irrelevant to mail
security, just as whether one use uuencode or base64 is
irrelevant, on both of which MIME developers wasted a lot of time.
It also
produced mail readers that didn't
On vrijdag, aug 29, 2003, at 23:06 Europe/Amsterdam, Keith Moore wrote:
It's not uncommon to see a FQDN point to several IP addresses so that
the service identified by the FQDN can be provided either by
(a) multiple hosts, or
(b) a host with multiple addresses.
No. A client can't tell whether
On Fri, Aug 29, 2003 at 07:23:29PM -0400, [EMAIL PROTECTED] wrote:
On Sat, 30 Aug 2003 00:10:50 +0200, A. Kremer [EMAIL PROTECTED] said:
---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.512 / Virus Database: 309 -
To be more precise: the idea is to have transport sessions move from
one address to another when there is a rehoming event. Obviously there
will be changes to the process of publishing additional addresses.
I'm also interested in ways of doing this. I just don't think it's
appropriate to
On Sat, 30 Aug 2003 15:26:38 +0859, Masataka Ohta said:
MIME is too much e-mail centric.
For an E-mail centric protocol, it's worked pretty well on port 80
On most OSes, including but not limited to UNIX, that's the way to
designate content types of files.
But it's not *universally*
Can't we just hack the mailman configs to dump mails with X-sender
value
of outlook or outlook express? That would solve the problem, no;)
Well, the only problem with that idea is that we explicitly do
*NOT*
have a Your clue must be -THIS- tall to ride the IETF list
policy... ;)
Christian Huitema wrote:
By the way, the worm does not only include its own SMTP service. It
seems to also include its own DNS code, probably in order to get the MX
records of its targets. This DNS agent is parameterized to start any
look-up at the A-root, with the side effect of overloading this
By the way, the worm does not only include its own SMTP service. It
seems to also include its own DNS code, probably in order to get the
MX
records of its targets. This DNS agent is parameterized to start any
look-up at the A-root, with the side effect of overloading this root
server.
Does
From: Christian Huitema [EMAIL PROTECTED]
...
Yes. Maybe not a full MTA, but definitely enough to format messages and
execute SMTP. ...
What do you mean by execute SMTP? Does it interpret and respond to
SMTP response codes to its SMTP commands or just open a TCP connection
and send a
Didn't J Postel run a test similar to that once G...
On a side note, how would you go about testing something like this ?
What would be considered pass/fail metrics - well written applications
vs. people doing silly and stupid things (ie. Would it be consisdered a
failrue that sobig fails
Didn't J Postel run a test similar to that once G...
On a side note, how would you go about testing something like this ?
Obviously, cutting of the A root would have some pretty drastic
consequences. On the other hand, there are many computers that have no
business contacting directly the
The better question for the IETF is whether we should do something to
SMTP to make it less easy to send spoofed mail.
what, so one couldn't telnet in and send arbitrary mail? include a
reversedns lookup in SMTP? good luck on widespread implementation.
-- Christian Huitema
sleekfreak
On zaterdag, aug 30, 2003, at 21:28 Europe/Amsterdam, Christian Huitema
wrote:
Obviously, cutting of the A root would have some pretty drastic
consequences.
If that is the case then some people have been reading the relevant
RFCs with their eyes closed. The only consequence should some sporadic
On Sat, 30 Aug 2003, Christian Huitema wrote:
[snip]
Obviously, cutting of the A root would have some pretty drastic
consequences. On the other hand, there are many computers that have no
business contacting directly the root servers. For example, in many
enterprises and campuses, computers
On Fri, 29 Aug 2003, David Frascone wrote:
With the current virii usually forging the from field with random
addresses from its victim's address book, I turned off my virus
scanner's warning to the senders . . I only send a polite note to the
intended recipient.
Don't do that. That is
On Sat, 30 Aug 2003, Dean Anderson wrote:
How beautiful to be immune behind an open-source kernel;) The rest of the
world worries. I eat a sandwich.
Scott
On Fri, 29 Aug 2003, David Frascone wrote:
With the current virii usually forging the from field with random
addresses from its
On Fri, 29 Aug 2003, shogunx wrote:
The better question for the IETF is whether we should do something to
SMTP to make it less easy to send spoofed mail.
what, so one couldn't telnet in and send arbitrary mail? include a
reversedns lookup in SMTP? good luck on widespread implementation.
Open source kernels aren't immune. They just aren't at focus this time.
Have fun with the sandwich. ;-)
--Dean
On Fri, 29 Aug 2003, shogunx wrote:
On Sat, 30 Aug 2003, Dean Anderson wrote:
How beautiful to be immune behind an open-source kernel;) The rest of the
world
On Wednesday, August 27, 2003, at 01:25 PM, Iljitsch van Beijnum wrote:
On woensdag, aug 27, 2003, at 18:48 Europe/Amsterdam, Tony Hain wrote:
but if that only applied to apps using a new stabilization layer,
there wouldn't be as much complaint because those would see a clear
benefit.
So when
26 matches
Mail list logo
