Re: I found this today and iam reporting it to you first!!! (fwd)

From: Alan Brown (alanat_private)
Date: Tue Sep 07 1999 - 13:07:28 PDT

Next message: Renaud Deraison: "ProFTP-1.2.0pre4 buffer overflow -- once more"

Previous message: Adam Morrison: "Re: MW"
Next in thread: Bill Royds: "Re: I found this today and iam reporting it to you first!!! (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 4 Sep 1999, Wietse Venema wrote:

> Whatever reasoning the poster used, it is invalid with any reasonable
> mail system, because it is the mail system that chooses the bounce
> message originator address; the bounce message originator address
> is not under control by the attacker.
>
> In other words, the suggested loop does not exist.

I can personally vouch for most cc:mail installations being so braindead
that they will bounce indefinitely. One such machine returned 5800
bounce messages from a single complaint sent to postmaster@rDNS about
relayed spam - with each additional message being 2kb larger than the
previous one.

Put 2 of those back-to-back and see what happens.

AB

Next message: Renaud Deraison: "ProFTP-1.2.0pre4 buffer overflow -- once more"
Previous message: Adam Morrison: "Re: MW"
Next in thread: Bill Royds: "Re: I found this today and iam reporting it to you first!!! (fwd)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:02:24 PDT