'Administrivia: Faulty censorware and faulty anti-virus software'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       webappsec
Subject:    Administrivia: Faulty censorware and faulty anti-virus software
From:       Andrew van der Stock <vanderaj () greebo ! net>
Date:       2006-01-19 7:56:31
Message-ID: 5CE4DB01-E840-480A-85E1-C47302328E63 () greebo ! net
[Download RAW message or body]

Hi there,

If you site is running censorware, extremely poor anti-spam, or badly  
configured anti-virus software, you will be removed from the  
webappsec mail list without any warning. In the past few days, I've  
received bounces to the mail list address which should never exist:

a) A possible CSRF attack site masquerading as a support ticketing  
gateway

b) Someone in Brazil with crap anti-spam software requiring us to  
click a link. No thanks, buddy.

c) In the last day or two, some site from Uruguay running censorware  
which is banning all our posts... but telling the mail list instead  
of the poor sap behind the censorware gateway. If I was the poor sap,  
I'd take the thought police out the back and introduce them to my  
nice shiny rubber hose and copies of the Yellow pages

d) and lastly, a beautifully formatted ... something ... written  
entirely in Korean which I cannot decipher

The rules for SMTP gateway configuration are simple:

* SMTP software acting on your behalf should send reports to you or  
your site's thought police, no one else
* Do not allow mail software to e-mail this or any other list

We have a lot of subscribers, and there's absolutely no reason for  
all of us to be affected by your site's decision to run appalling,  
badly written, badly configured "software".

Andrew

ps. In some good news, we were not too heavily afflicted by vacation  
messages during the busy Lemon Cup Cake Holiday season. Thank you for  
that. :)

-------------------------------------------------------------------------
This List Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. See for yourself. 
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic