[Top] [All Lists]

Re: GTUBE/Re: Quizzic: Spam equivalent to EICAR test virus proposal.

2003-07-03 14:49:51

[Matthew Elvey (FM)]:

  Kjetil Torgrim Homme wrote:
  > might as well leave SMTP out of it.  connect to a port, enter a
  > recipient address,

  Whatever is easier to implement and use.  A web form would work too.
  But I think SMTP is probably best.

I'm just worried about the service being abused by spammers.

  For example, say you want to test a system that scans for spam on
  the way OUT.

interesting point.

  You'd set your client's (outoging) smtp server to or whatever.  If there's an SMTP proxy run
  by your system or ISP, this gives it a chance to be shown to work.

running transparent SMTP proxies is not very common, is it?  in any
case, you could use _any_ other e-mail address on the Internet to test

  I also think it's simplest to implement with existing software.

this is where I disagree strongly :-)

  > and the server will connect to the MX of the source IP.  (make
  > sure the reverse and forward lookup match.)

  Can you explain this more? I'm not clear on what you're trying to do
  here or why.

say I connect from  reverse lookup gives  the MX for vingodur is  so the reply
will be sent to pat.  since pat is relay proof, I must provide a valid
address at the University of Oslo for the e-mail to be accepted.

now, if I want to fool the quizzic server into harrassing you, I'd
change the reverse lookup of to,
whose MX is, and so you'll receive the
message.  it is therefore essential that a forward lookup of is done to see if the IP address(es) match.

  Is this test something that would make Quizzic hard for
  joe user to use?

only if Joe User's network administrator is incompetent. :-)

Kjetil T.                       |  read and make up your own mind

<Prev in Thread] Current Thread [Next in Thread>