[Dshield] Suejdz & Kleze anyone

John Hardin johnh at aproposretail.com
Wed Oct 23 16:22:26 GMT 2002


On Tue, 2002-10-22 at 18:35, KeithTarrant at spamcop.net wrote:
> So with Klez email actually from AOL you would see an x-apparently line
> with the actual AOL account (at least until some hacker thinks to fake
> that too).

A spammer/wormer adding a forged X-Apparently-From: header won't confuse
things much, as the mail server will still add it's own, and hopefully
the mail server is smart enough to discard any preexisting
X-Apparently-From: header. 

Also, knowing one of two possible addresses is correct is better than
having just one address that you know is forged.

It's a good feature, and one of the few things I like about AOL.

-- 
John Hardin                                   <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
-----------------------------------------------------------------------
 ...people confuse "security" and "Trustworthy Computing."
                                 - Craig Mundie, MS Senior VP and CTO
-----------------------------------------------------------------------
 4 days until Daylight Savings Time ends




More information about the list mailing list