[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: spam on CIS: sendmail exploit used commercially ?
I don't know what kind of script would fool sendmail into accepting such
a flagrant spoofing but I want to know it just in case it happens to me.
I did look up (and find) the IP of the sender in the headers. Not that it
helped me much. What I don't get is how do you send email to SMTP and get
the From: header to show To: when you *HAVE* to use the MAIL FROM:<..>
SMTP command ?!
BTW, some people still run sendmail and are happy with it. On Linux. In
Israel. And that's a topic for the Israeli linux group imho. Correct me
if I'm wrong, please.
BTW2, I can't help myself and have to remark on the messages some people
(involuntarily) post here, with headers containing such horrors as:
...
[this message is in the "windows-1255" character set]
...
(clipped from a previous message in linux-il)
+ some characters that can't be read in the message.
If this passes without flames then I promise to post at least on message
per month in Hungarian, coded with 1024-PGP and decorated with faulty
JavaScript embedded in bad HTML. (no need to comment on this one, thanks)
regards,
Peter