[nsp-sec] Bounce message backscatter attack against abuse mailbox
Steven Spence
sspence at zianet.com
Thu Apr 24 10:37:41 EDT 2008
Larry J. Blunk wrote:
> ----------- nsp-security Confidential --------
>
>
> We had this happen a couple nights ago with one
> of our addresses (not abuse). Not clear if this was
> just to send spam from a legitimate looking address
> or some sort of attack. I ended up setting up an SPF
> record for the domain (but this was after the bounces
> had ended). Anyone know if SPF records will help
> prevent this?
>
> -Larry Blunk
> Merit
>
Possibly if the people giving you backscatter check SPF records
and use the results to do something constructive. Of course
if they had the sense to enable SPF then they should also have the
sense to check for valid recipients during the SMTP conversation...
Steven
More information about the nsp-security
mailing list