Full Disclosure mailing list archives
nac-gaf spam attacks
From: "Steve Cooperman" <worried () gmail com>
Date: Sun, 18 Mar 2007 16:56:44 -0400
Good Afternoon, I'm seeing wide-spread spam attacks across several different shared hosting servers, operated by multiple companies. The attacks forge emails on the fly, and follow a pattern. The spam first takes the client's domain name, for example, plastic.com. Then adds the word "nac" to the beginning, and "gaf" to the end, making the from email address nacplasticgaf () plastic com . If the domain were rockin.com, the email would be nacrockingaf () rockin com . Byob.com, nacbyobgaf () byob com, etc. Has anyone else noticed this trend this afternoon? It seems they just started a couple of hours ago. It doesn't seem like a security risk, just standard forging of email headers. The main company I work for makes use of SPF, however not every mail server on the internet makes use of it. I'm only submitting this because it seems like a wide-spread issue this afternoon. All the best, Mike Bailey
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- nac-gaf spam attacks Steve Cooperman (Mar 18)