Paolo Supino wrote:
I appriciate your straight and forward replies :-) but the world isn't
black and white and sometime you have to create work arounds to overcome
other people's crap (well most of the time).
No, in this case it is black and white. There is NO WAY to reliably fix
this probl
On 2007/04/14 11:37, Paolo Supino wrote:
> From the technical aspect, I agree with you. But non technical people
> don't see (or understand) that :-( I wish I had time to sit down and
> find out how to exploit the webapp.
if you don't have time to work this out, you don't have time to get
your
On Sat, Apr 14, 2007 at 05:58:52PM +0200, Henning Brauer wrote:
> * Paolo Supino <[EMAIL PROTECTED]> [2007-04-14 17:53]:
> > From the technical aspect, I agree with you. But non technical people
> > don't see (or understand) that :-( I wish I had time to sit down and
> > find out how to exploit
Hi Vijay
In one of my replies I did write that I was checking what it means to
manage a white list (I didn't use the term white list though) to block
outgoing spam but since the new firewall isn't in place yet (and it will
be a couple of weeks before I can install it) I thought of doing it
Hi Henning
I appriciate your straight and forward replies :-) but the world
isn't black and white and sometime you have to create work arounds to
overcome other people's crap (well most of the time). Unfortunately
cutting the cable isn't an acceptable solution (I'll get fired and
someone el
On 4/14/07, Henning Brauer <[EMAIL PROTECTED]> wrote:
* Paolo Supino <[EMAIL PROTECTED]> [2007-04-14 16:43]:
> 1. Fixing the code is impossible :-( I already tried it, the developers
> keep saying that they're code is sound and safe. I've shown logs and
> statistics to the bosses of the company t
On Saturday 14 April 2007 10:06, Paolo Supino wrote:
> Hi Joachim
>
>I know that right now I'm mostly going at it in the wrong way but
> I have to fix it quickly and without changing the infrastructure. I'm
> not a windows or layer 7 person but rather a layer 1 to layer 4 in my
> background, so
* Paolo Supino <[EMAIL PROTECTED]> [2007-04-14 17:53]:
> From the technical aspect, I agree with you. But non technical people
> don't see (or understand) that :-( I wish I had time to sit down and
> find out how to exploit the webapp. I tried to bring in a company to do
> penetration testing,
Hi Henning
From the technical aspect, I agree with you. But non technical people
don't see (or understand) that :-( I wish I had time to sit down and
find out how to exploit the webapp. I tried to bring in a company to do
penetration testing, but I was refused the budget for it.
I can't fi
On Sat, Apr 14, 2007 at 11:06:43AM -0400, Paolo Supino wrote:
> Hi Joachim
>
> I know that right now I'm mostly going at it in the wrong way but I
> have to fix it quickly and without changing the infrastructure. I'm not
> a windows or layer 7 person but rather a layer 1 to layer 4 in my
> ba
* Paolo Supino <[EMAIL PROTECTED]> [2007-04-14 17:16]:
> I know that right now I'm mostly going at it in the wrong way but I
> have to fix it quickly and without changing the infrastructure. I'm not
> a windows or layer 7 person but rather a layer 1 to layer 4 in my
> background, so I'm trying
Hi Joachim
I know that right now I'm mostly going at it in the wrong way but I
have to fix it quickly and without changing the infrastructure. I'm not
a windows or layer 7 person but rather a layer 1 to layer 4 in my
background, so I'm trying to find a solution in those layers. I work in
an
* Paolo Supino <[EMAIL PROTECTED]> [2007-04-14 16:43]:
> 1. Fixing the code is impossible :-( I already tried it, the developers
> keep saying that they're code is sound and safe. I've shown logs and
> statistics to the bosses of the company that owns the webapp, but the
> only response I got wa
* Paolo Supino <[EMAIL PROTECTED]> [2007-04-14 08:43]:
> Hi Kyle
>
> 1. Fixing the code is impossible :-( I already tried it, the developers
> keep saying that they're code is sound and safe. I've shown logs and
> statistics to the bosses of the company that owns the webapp, but the
> only resp
Hi Kyle
1. Fixing the code is impossible :-( I already tried it, the developers
keep saying that they're code is sound and safe. I've shown logs and
statistics to the bosses of the company that owns the webapp, but the
only response I got was: "fix it" (they aren't making the connection
betwe
> You are going about this all wrong. First step is finding a suitable
> blunt instrument and getting the developers to fix it. The second step
> is configuring rate limiting, along the lines of '1000 mails/hour';
> this will allow a large batch of e-mail to get through immediately, but
> stop spam
On Fri, Apr 13, 2007 at 10:17:51PM -0400, Paolo Supino wrote:
> Hi Bob
>
> The webapp does talk to a real mail server: on localhost (IIS6 SMTP
> service). When a spammers abuses the webapp the email is actually sent
> via the local mail server and not directly from the webapp to all the
> mai
On Fri, 13 Apr 2007, Paolo Supino wrote:
The webapp does talk to a real mail server: on localhost (IIS6 SMTP
service). When a spammers abuses the webapp the email is actually sent via
the local mail server and not directly from the webapp to all the mail
servers on the Internet. Rate limiting
Paolo Supino wrote:
> Hi Bob
>
> The webapp does talk to a real mail server: on localhost (IIS6 SMTP
> service). When a spammers abuses the webapp the email is actually sent
> via the local mail server and not directly from the webapp to all the
> mail servers on the Internet. Rate limiting isn't
Hi Bob
The webapp does talk to a real mail server: on localhost (IIS6 SMTP
service). When a spammers abuses the webapp the email is actually sent
via the local mail server and not directly from the webapp to all the
mail servers on the Internet. Rate limiting isn't an option because
emails
hogwash might help. I havent used it in a fair while though.
http://www.securityfocus.com/infocus/1208
On 13/04/07, Paolo Supino <[EMAIL PROTECTED]> wrote:
>
> Hi
>
>I have the following problem: I host a group of windows servers that
> run a webapp using IIS6 ASP technology. The webapp was w
* Paolo Supino <[EMAIL PROTECTED]> [2007-04-12 22:12]:
> Hi
>
> I have the following problem: I host a group of windows servers that
> run a webapp using IIS6 ASP technology. The webapp was written and is
> maintained by a small private company that develops custom webapps for
> companies. On
Hi
I have the following problem: I host a group of windows servers that
run a webapp using IIS6 ASP technology. The webapp was written and is
maintained by a small private company that develops custom webapps for
companies. One of the services the webapp does is send out emails
(nothing ama
23 matches
Mail list logo
