[34131] in bugtraq
spamblocker turns into mail denial of service
daemon@ATHENA.MIT.EDU (Dana Hudes)
Mon Mar 15 13:54:37 2004
Date: Mon, 15 Mar 2004 11:21:32 -0500 (EST)
From: Dana Hudes <dhudes@tcp-ip.info>
To: bugtraq <bugtraq@securityfocus.com>
Cc: hostmaster@monkeys.com
In-Reply-To: <000701c40a5f$d12d14e0$cb4db350@fucku>
Message-ID: <Pine.LNX.4.58.0403151116450.3641@screamer.tcp-ip.info>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
At some point in the last 24 hours the dns-based blackhole list
proxies.relays.monkies.com turned into a deny-all-mail: the A record
for the blackhole list is now 127.0.0.2 which means all mail is rejected.
Anyone who knows anyone who was using this should immediately remove
it. I do not know why the folks at infinite monkeys would do this nasty
thing, perhaps it was done by a spammer hacking in.
Certainly it points out that all such services should be using DNSSEC
and that perhaps that's not enough if the name server is hacked.
