-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SpamCop (http://spamcop.net/) has a service which operates as follows:

1) You get an account (joeuserspamcop.net)

2) If someone (spammerbaddomain.com) sends you e-mail, and the
sender's e-mail address is not in your "known" profile, the e-mail is
held on the SpamCop system, and a message sent to the originator.
This message contains a URL which the originator must access.
Accessing this URL verifies to SpamCop that the sender address is a
valid e-mail address. SpamCop then "releases" the mail and marks the
sender as "known" to joeuserspamcop.net

Unfortunately, the URL generated in step (2) contains a fixed prefix followed
by an incrementing sequence number. A spammer therefore needs to send one
innocuous e-mail (to a friend at spamcop.net?) from a real e-mail address
to get the initial sequence number. He then spams everyone at spamcop.net
while his shell script calls "lynx" with repeatedly-incrementing sequence
numbers.

Fix: Spamcop should add (for example) a random 16-byte cookie to each URL to
make it harder to guess.

Status: Weakness reported to SpamCop a week ago; no response yet.

- --
David F. Skoll
Roaring Penguin Software Inc. | http://www.roaringpenguin.com
GPG fingerprint: 9314 DC81 CE49 05C5 2F64 252B 3134 AD1F 1216 8F20
GPG public key: http://www.roaringpenguin.com/dskoll-key-2001.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: pgpenvelope 2.9.0 - http://pgpenvelope.sourceforge.net/

iD8DBQE6XfVFMTStHxIWjyARAk5mAJ0SZ7Yw8LQvue+QR4KEA6SDVES4VwCfbb9V
QGhVjqDAQ5mrhbYesTFiTF8=
=L88E
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]