funsec mailing list archives
Re: A different type of Spam
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 12 Feb 2009 12:13:45 +1300
Toralv Dirro wrote:
I just received an email, that puzzled me for a while: A Spam Quarantine Digest from a product we don't use and from postmaster@ a different domain. There was a mail quarantined that was indeed sent to me and was indeed spam. On closer investigation it seems that the Spam was sent from their internal network, detected by the product that is set to detect Spam in outgoing email (which does make sense to detect zombies in the network) and then Quarantine Digests were sent out to external receipients (which does make no sense at all).
This is ancient -- I've been seeing it for years (well, not so much of late, as I think folk have worked out to NOT configure outgoing spam filtering this way, but...). Oh, and some of the earliest was from products affiliated with your employer! 8-) ("Darn users...") Misconfigured, I'm sure! And to be pernickety (What? Me? Surely not... 8-) ) this is more a different type of blowback (which, of course, invites the debate "Is blowback just a form of spam?"...).
Well, now countless receipients worldwide received the Quarantine Digest, and sooner rather than later the database of the spam filter will be full :)
Network Darwinism in action... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- No Fun at FAA . . . Gary Warner (Feb 11)
- A different type of Spam Toralv_Dirro (Feb 11)
- Re: A different type of Spam Nick FitzGerald (Feb 11)
- A different type of Spam Toralv_Dirro (Feb 11)