ed.truitt at etee2k.net
Thu Nov 3 10:26:35 GMT 2005
One benefit of SPF (or SenderID) is to combat spambots by forcing them to use the host's ISP's outbound SMTP server. If/when this happens, an alert (and reasonably smart) ISP will notice the spike in traffic a spam-run will generate (especially if multiple spambots go active at the same time), and cut off / quarantine the host until steps can be taken to resolve this.
Early this week, I got a call from my ISP/web host, who told me someone had exploited a vuln in a piece of code (a Nuked variant of the 'coppermine' photo gallery) and dropped a shell script on the systen which, when executed (via the web site) would spawn 40,000 PayPal phishes. Needless to say, when they saw the abnormal activity, they put a stop to it right away. So, it can be done.
-E D Truitt
Sent via my BlackBerry from Cingular Wireless
More information about the list