RE: [registrars] VIRUS WARNING

["Bryan Evans" <bevans@interaccess.com>]

Judging from a quick look at the message headers, Register.com has
a security hole in their mailservers, allowing email forwarding.
I'm betting that someone is forging email headers & firing the mail
through Register.com's own mailservers so that the messages are
accepted by the DNSO Registrars List.  I do not believe anyone at
Register.com is doing this, it appears to be a hacker coming from
outside, but they're covering their tracks.

Allowing email forwarding on mailservers is a really bad idea.  It
not only allows hackers to do things like this, but also invites email
spammers to relay messages through another organization's mailservers.
It's also one of the fastest ways to get blacklisted by major ISP's,
which effectively would take your firm off of the Internet.

I'd recommend we all check our mailservers to ensure we're not
vulnerable to this sort of attack.  It's a serious security problem,
and we've obviously been targeted as a group.

-Bryan

-----Original Message-----
From: owner-registrars@dnso.org [mailto:owner-registrars@dnso.org]On
Behalf Of Michael D. Palage
Sent: Friday, January 19, 2001 4:22 PM
To: registrars@dnso.org
Subject: [registrars] VIRUS WARNING
Importance: High


Please do not open any email attachments from Elana Broitman in the next
couple of hours, it most likely has a virus attached to it.

Mike