Re: [Full-disclosure] Funny smtp helo in the logs

Valdis.Kletnieks_at_vt.edu
Date: 10/31/05

Next message: Kenneth Ng: "Re: [Full-disclosure] Funny smtp helo in the logs"

Previous message: Stefan Esser: "[Full-disclosure] Advisory 17/2005: phpBB Multiple Vulnerabilities"
In reply to: Aditya Deshmukh: "[Full-disclosure] Funny smtp helo in the logs"
Next in thread: Kenneth Ng: "Re: [Full-disclosure] Funny smtp helo in the logs"
Reply: Kenneth Ng: "Re: [Full-disclosure] Funny smtp helo in the logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: adityad2005@users.sourceforge.net
Date: Sun, 30 Oct 2005 20:20:32 -0500

On Sun, 30 Oct 2005 12:39:52 +0530, Aditya Deshmukh said:

> 124 09/10/2005 09:54:35 HELO -1209283632 ---> 250 my.smtp.domain.server

I'm not sure which is sadder, that the spamware is totally untested and buggy,
or that so many sites will accept this syntactically invalid HELO command that
the spammers weren't forced to fix their code.....

And yes, it looks like somebody did an 'sprintf("HELO %d",my_ip_addr);'
without bothering to check what that produced....

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

application/pgp-signature attachment: stored

Next message: Kenneth Ng: "Re: [Full-disclosure] Funny smtp helo in the logs"

Previous message: Stefan Esser: "[Full-disclosure] Advisory 17/2005: phpBB Multiple Vulnerabilities"
In reply to: Aditya Deshmukh: "[Full-disclosure] Funny smtp helo in the logs"
Next in thread: Kenneth Ng: "Re: [Full-disclosure] Funny smtp helo in the logs"
Reply: Kenneth Ng: "Re: [Full-disclosure] Funny smtp helo in the logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]