Video Screencast Help
Security Response

Missing Email Headers? Find Them in the Body.

Created: 18 Dec 2008 15:37:59 GMT • Updated: 23 Jan 2014 18:38:30 GMT
Mayur Kulkarni's picture
0 0 Votes
Login to vote

Spammers always try to come up with new tricks to bypass antispam filters. This time, they have shown an ability to partly (or sometimes completely) hide essential headers, ruling filters on headers out of picture. Except for the "Received" lines, we do not find any headers in the message.

 

Analyzing the samples, we see very few SMTP commands before the actual message. We think that spammers may be using a slamming technique where all of the SMTP commands necessary to transmit an email message to another mail server are fired without waiting for the normal SMTP responses from the remote machine. Most of the time the remote server will end up accepting the message, although this clearly disobeys SMTP behavior as per various Internet standards. Slamming is primarily done to send unsolicited emails as rapidly as possible or, in this case possibly to hide all of the headers.

 

 

Symantec is keeping a close watch on this trend and ensuring that your inbox is free of such spam. Users are advised to use caution opening messages without subject lines, especially from unknown senders.