Message-
> From: Message Sniffer Community
> [mailto:[EMAIL PROTECTED] On Behalf Of John T (Lists)
> Sent: Wednesday, May 24, 2006 9:45 AM
> To: Message Sniffer Community
> Subject: Re: [sniffer]Possible Paypal Phishing
>
> But how is PayPal's DNS involved in this as at what p
gt; Sent: Wednesday, May 24, 2006 9:38 AM
> To: Message Sniffer Community
> Subject: Re: [sniffer]Possible Paypal Phishing
>
> It's really from PostDirect.com aka YesMail.com ...
>
> You can tell that it's authorized because the reverse DNS which ends in
> PayPal.com (
> customer, they could easily set rDNS to whatever they wanted.
> Aol.com, paypal.com, ebay.com, chase.com ...
>
> -Jay
> -Original Message-
> From: Message Sniffer Community
> [mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew
> Sent: Wednesday, May
o: Message Sniffer Community
Subject: Re: [sniffer]Possible Paypal Phishing
That is what has me worried.
John T
eServices For You
"Seek, and ye shall find!"
> -Original Message-
> From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf
Of Jay
> Sudowsk
Message Sniffer Community
> Subject: Re: [sniffer]Possible Paypal Phishing
>
> The owner of a domain need not authorize a reverse DNS PTR record in any
> way, shape or form. If the netblock was owned, or the netblock owner
> had delegated rDNS to a malicious customer, they could e
-Original Message-
From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On
Behalf Of Colbeck, Andrew
Sent: Wednesday, May 24, 2006 12:38 PM
To: Message Sniffer Community
Subject: Re: [sniffer]Possible Paypal Phishing
It's really from PostDirect.com aka YesMail.com ...
You can tell that
y
> Subject: Re: [sniffer]Possible Paypal Phishing
>
> It's really from PostDirect.com aka YesMail.com ...
>
> You can tell that it's authorized because the reverse DNS which ends in
> PayPal.com (ok, that does set off alarm bells when it's someone else's
>
It's really from PostDirect.com aka YesMail.com ...
You can tell that it's authorized because the reverse DNS which ends in
PayPal.com (ok, that does set off alarm bells when it's someone else's
netblock) matches the forward lookup of the resulting address at PayPal.
Therefore, PayPal is delibera