RE: virus mail ignores MX?
From: Keith T. Morgan (keith.morgan_at_terradon.com)
Date: 06/21/04
- Previous message: Joerg Over Dexia: "Re: antivirus for linux"
- Maybe in reply to: Monty Ree: "virus mail ignores MX?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 21 Jun 2004 11:03:24 -0400 To: <security-basics@securityfocus.com>
More than 70% of our spam that is blocked is blocked at the secondary
MX. I agree and fully believe that spammers seem to be targeting
secondary MX's directly, and most likely for the reasons listed below.
We've seen instances where the same spam message is delivered to both
mail exchangers. This is likely spammers hoping that one has less
anti-spam filtering than the other.
>
> Hence even if the RFC had specified a MUST, a virus writer
> could make an intelligent guess that a backup MX server is
> probably not as well protected as the primary server and
> hence better his/her chances by violating the RFC, and using
> the backup server. Any protection against such an attack
> would involve too much state tracking and is probably not
> worth the effort. Its much better to protect all servers equally.
>
**************************************************************************************************
The contents of this email and any attachments are confidential.
It is intended for the named recipient(s) only.
If you have received this email in error please notify the system manager or the
sender immediately and do not disclose the contents to anyone or make copies.
** this message has been scanned for viruses, vandals and malicious content **
**************************************************************************************************
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
- Previous message: Joerg Over Dexia: "Re: antivirus for linux"
- Maybe in reply to: Monty Ree: "virus mail ignores MX?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
