Zafi.b

How is SPF faring against the Zafi.b virus. This Hungarian originated virus
initiates a Dictionary attack on domain names that if finds on the infected
machine. It does not use DNS to find the MX records, but instead guesses
the host name (such as 'mail' or 'mx'), prepends it to the domain name, and
then proceeds with it's dirty work using Hungarian sounding names.

This virus uses the proper MAIL FROM: domain name for the sending IP range,
but if the SPF records are set up properly (as is ours), the IP used should
not be authorized.

J.A. Coutts

<Prev in Thread]	Current Thread	[Next in Thread>
Zafi.b, administrator <= Re: Zafi.b, Lars Dybdahl Re: Zafi.b, Fridrik Skulason RE: Zafi.b, spf Re: Zafi.b, Fridrik Skulason RE: Zafi.b, spf Re: Zafi.b, Jeffrey Goldberg Re: Zafi.b, Koen Martens Re: Zafi.b, Lars Dybdahl OT: Hungarian and SPF meanings [was: Zafi.b], Jeffrey Goldberg Re: Zafi.b, Karl Prince

Previous by Date:	Re: Bootstrapping trust model, Frank Ellermann
Next by Date:	Google's GMail publishes SPF, James Couzens
Previous by Thread:	IETF Jabber session on XML today, wayne
Next by Thread:	Re: Zafi.b, Lars Dybdahl
Indexes:	[Date] [Thread] [Top] [All Lists]