[Mimedefang] dictionary attacks looking for a valid user

David F. Skoll dfs at roaringpenguin.com
Thu Dec 15 18:19:57 EST 2005


Ian Mitchell wrote:

> 1. Tail maillog
> 2. grep "user unknown"
> 3. sed relay server
> 4. insert into database "relay server" (which just happens to be spoofed
> to include a "; drop database mysql" encoded in some obscure form)

Any time you use outside data, you have to sanitize it.  You'd use
normal careful programming techniques to avoid SQL injection; it's not
that hard.

Regards,

David.


More information about the MIMEDefang mailing list