ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ietf-smtp] Help identifying unknown verb: FCCKV2

2012-09-28 16:27:02
from [Carl S. Gutekunst] [Permanent Link]
Does anyone here know of a legitimate MTA, proxy/filter, IDS, or similar critter that sends this verb before sending EHLO? 

   FCCKV2 zQUdwkgzYhu/noMgcNtA0wvhrV0T9SThL3koEfk=
I'm suspicious that it's a malware infection on the sender's host, but before I start making accusations I wanted to check around. Various web forums have also reported seeing this as an X-bar header line in HTTP requests, without identifying what it was. 

<csg>

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Next by Date:  Re: [ietf-smtp] Help identifying unknown verb: FCCKV2, John C Klensin
Next by Thread:  Re: [ietf-smtp] Help identifying unknown verb: FCCKV2, John C Klensin
Indexes:  [Date] [Thread] [Top] [All Lists]