ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] big uptick in from addresses with single quotes in them..

2006-12-01 10:33:45
from [Michael Thomas] [Permanent Link]
Probably not exactly the right group to post to on this subject, but I've been 
noticing a huge spate of spam with from addresses (at least) of the form:

foo'bar(_at_)example(_dot_)com
or
fo'oba'r(_at_)example(_dot_)com
I'm not exactly sure why this is but I suspect it may be aimed at sql database lookups where the name isn't properly escaped. If that is in fact the reason, and that they're doing this because it gets more spam through, it's sort of frightening 
because it's a very short road to other sql exploits.

Anybody else have some insight about this?

      Mike

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Asrg] big uptick in from addresses with single quotes in them.., Michael Thomas <=
Next by Date:  Re: [Asrg] Re: This is a request for feedback from experts/regulars to help reduce spam backscatter from Sieve implementations, David Nicol
Next by Thread:  Re: [Asrg] Re: This is a request for feedback from experts/regulars to help reduce spam backscatter from Sieve implementations, David Nicol
Indexes:  [Date] [Thread] [Top] [All Lists]