|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] Strange Emails -- What are they?
From: Pam Patterson (ppatters
cbnco.com)
Date: Wed Jun 07 2006 - 13:37:52 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ademar Gonzalez wrote:
> On 6/7/06, Simon Smith <simonsnosoft.com> wrote:
>> ok, that makes sense... will greylisting counter this?
>
> don't think graylisting will have much effect, each bot sending a few
> mails.
Greylisting works by temporarily rejecting the first email from a sender
at an ip address to a recipient, and then waiting the see if the sending
mail server tries again as it should. If the server retries, the
ip:sender:recipient tuple is added to a database and not delayed ever again.
Most spam-sending programs never retry, even with a temporary error. So
greylisting would probably help in this case.
What would really help is SPF, if you can manage it. That way you can
reject mail that claims to come from your domain but does not come from
your mail servers. But this is all a bit OT, not really full disclosure.
--
Pam
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]