North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Verisign changes violates RFC2821, and spam implications
- From: Andy Smith
- Date: Wed Sep 17 06:09:44 2003
On Wed, Sep 17, 2003 at 04:40:29AM -0500, Stewart, William C (Bill), RTSLS wrote:
> It's even more fun with dictionary attacks, where the spammer targets aaaaaa@bogusdomain.com
> through zzzzzzzzz@bogusdomain.com - A DNS rejection would cause a direct attacker
> or (more likely) a relay attacker to give up quickly, and a 554 might do that also,
> while rejecting all 26**8 recipients one at a time is probably just the kind of behaviour
> that spamware is happy to talk to all day. Now all Verisign needs to add is a teergrube function
> to generate its responses very slowly after the first couple of them and they'll stay tied up for months,
> especially since many of them won't notice that bogusdomain1.com through bogusdomain32767.com
> are all going to the same IP address, since that's not uncommon virtual hosting behaviour.
I think it is hoping rather too much to expect spamware authors to
be unable to modify their scripts to detect the verisign IP.
|
