[Dshield] Big Jump in Open Relay Mailers

Jon R. Kibler Jon.Kibler at aset.com
Mon Feb 2 20:55:16 GMT 2004

Pete Cap wrote:
> I believe that this is highly likely but that it may be premature to assume that all the new traffic is from MyDoom-created relays.

I can say with relative certainty that MyDoom is NOT installing a new MTA -- at least not the open relays we have seen.

The real question is whether it, or something else, is changing a secure mailer into an open relay. Or, if there is some new way to exploit MTAs normally considered secure, but have some minor defect in their configuration.

Jon Kibler

Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.

More information about the list mailing list