Klez bypasses MX records
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Fri Oct 4 12:42:20 UTC 2002
Roger Smith <rogers at tcoe.org> wrote:
> If this is not the right place to post this, please forgive me.
> In our escapades with the Klez virus, it appears that its client connects
> directly to the destination SMTP server. Since we use MX records to redirect
> our email to our anti-virus SMTP processing server, the Klez effectively
> bypasses that server.
> Is there a way to make sure it does not bypass our MX records or rewrite the
> DNS to have it hit the AV server first?
Filters in your firewall/routers.
What domain are you talking about ? And how is it supposed to work ?
> Thanks for any help or links.
> Roger Smith
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list