Re: Interesting mail sender

[daniel <danderson310 () gmail com>]

looks like spam bot spill, foreign language caused the characters
probably, what does the header info contain? do you have any more
samples?
On Thu, 2007-09-27 at 19:42 -0400, Tuc at T-B-O-H.NET wrote:
> > In the recent days our firewall block some message which have a very
> > interesting mail from address.
> >
> > The log message is looks like this:
> >
> > Invalid SMTP command; request='MAIL', param='From:<aadorris@zfJah]+o*7Z->'
> >
> > May this be an exploit or just a wrongly setup in a spammer program?
>       I've been getting alot with "To: <|tuc () tucs-beachin-obx-house com>"
> (Note the pipe...)
>
>                       Tuc
>
> -------------------------------------------------------------------------
> This list sponsored by: SPI Dynamics
>
> ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper 
> It's as simple as placing additional SQL commands into a Web Form input box 
> giving hackers complete access to all your backend systems! Firewalls and IDS 
> will not stop such attacks because SQL Injections are NOT seen as intruders. 
> Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! 
>
> https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000Cn8E
> --------------------------------------------------------------------------


-------------------------------------------------------------------------
This list sponsored by: SPI Dynamics

ALERT: .How a Hacker Launches a SQL Injection Attack!.- White Paper 
It's as simple as placing additional SQL commands into a Web Form input box 
giving hackers complete access to all your backend systems! Firewalls and IDS 
will not stop such attacks because SQL Injections are NOT seen as intruders. 
Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! 

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000Cn8E
--------------------------------------------------------------------------