[Full-disclosure] nac-gaf spam attacks
Steve Cooperman
worried at gmail.com
Sun Mar 18 20:56:44 GMT 2007
Good Afternoon,
I'm seeing wide-spread spam attacks across several different shared hosting
servers, operated by multiple companies. The attacks forge emails on the
fly, and follow a pattern. The spam first takes the client's domain name,
for example, plastic.com. Then adds the word "nac" to the beginning, and
"gaf" to the end, making the from email address nacplasticgaf at plastic.com .
If the domain were rockin.com, the email would be nacrockingaf at rockin.com .
Byob.com, nacbyobgaf at byob.com, etc.
Has anyone else noticed this trend this afternoon? It seems they just
started a couple of hours ago. It doesn't seem like a security risk, just
standard forging of email headers. The main company I work for makes use of
SPF, however not every mail server on the internet makes use of it. I'm only
submitting this because it seems like a wide-spread issue this afternoon.
All the best,
Mike Bailey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070318/bad87890/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.