le mail de Bugtraq, en attachement, peut vous intéresser.
--
Vincent Meoc
Administrateur système et réseau
DUKE - Digital Age Agency
T : 01 53 44 19 00
F : 01 53 44 19 21
e-mail : [EMAIL PROTECTED]
www.duke-interactive.com
--- Begin Message ---
Autoresponder program
http://meepzor.com/packages/autoresponder/
could be tricked by spamers to send unsolicited mail to victim's address if
option reply with copy of original message attached to response is enabled in
autoresponder's configuration. Program does not have any sort of restriction on
number of responses to one email address during any period of time.
In fact if reply with copy of original message is enabled, then spam message
with
From: victim's address or Reply to: victim's address sent to autoresponding
address will be delivered to victim's mail box including copy of original spam
in attachement.
Also, it is possible to trick autoresponder to abuse victim's email address by
sending large number of messages to address with autoresponder enabled on it,
since there is no limit on number of messages delivered to single mail box
during some period of time.
I could not get in contact with developer of this program despite we have sent
warning to webmaster of web site hosting web page of autoresponder.
Should You require any futher information, please do not hesitate to contact us
at:
[EMAIL PROTECTED]
Kind regards.
Alexander Moloksher.
IT Security Consultant.
COMPULABS
Melbourne, Australia.
------=_NextPart_000_000A_01C07C91.216F5360
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
___________________________________
COMPULABS WEB MAIL System,
http://www.compulabs.dhs.org
--- End Message ---
