On Tue, 2011-01-11 at 22:07 +0100, Mark Martinec wrote:
> > Consider for a moment how hard it would be for an average spammer to
> > spoof rDNS
>
> This has nothing to do with DNS. The trusted/internal/msa networks
> only checks an IP address as it stands in an Received header field,
> it does not check nor depend on its rDNS or forward DNS.
The whitelist_from_rcvd option, which ultimately triggered this thread,
does though. As I understood that post, Kris was outlining what needs to
be done by an attacker in order to abuse this whitelisting variant.
Plus, of course, the knowledge of the exact option being used by the
victim...
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
