Re: [sniffer]Possible Paypal Phishing

2006-05-24 Thread John T (Lists)
Disregard my last post. John T eServices For You Seek, and ye shall find! -Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew Sent: Wednesday, May 24, 2006 9:38 AM To: Message Sniffer Community Subject: Re: [sniffer]Possible

Re: [sniffer]Possible Paypal Phishing

2006-05-24 Thread Jay Sudowski - Handy Networks LLC
-Original Message- From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew Sent: Wednesday, May 24, 2006 12:38 PM To: Message Sniffer Community Subject: Re: [sniffer]Possible Paypal Phishing It's really from PostDirect.com aka YesMail.com ... You can tell that it's

Re: [sniffer]Possible Paypal Phishing

2006-05-24 Thread John T (Lists)
: Re: [sniffer]Possible Paypal Phishing The owner of a domain need not authorize a reverse DNS PTR record in any way, shape or form. If the netblock was owned, or the netblock owner had delegated rDNS to a malicious customer, they could easily set rDNS to whatever they wanted. Aol.com

Re: [sniffer]Possible Paypal Phishing

2006-05-24 Thread John T (Lists)
:38 AM To: Message Sniffer Community Subject: Re: [sniffer]Possible Paypal Phishing It's really from PostDirect.com aka YesMail.com ... You can tell that it's authorized because the reverse DNS which ends in PayPal.com (ok, that does set off alarm bells when it's someone else's netblock

Re: [sniffer]Possible Paypal Phishing

2006-05-24 Thread Colbeck, Andrew
: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of John T (Lists) Sent: Wednesday, May 24, 2006 9:45 AM To: Message Sniffer Community Subject: Re: [sniffer]Possible Paypal Phishing But how is PayPal's DNS involved in this as at what point are the Paypal DNS servers queried