|
|
More Confirmation
Sendmail and postfix are mail routing programs,Yes. they take an incoming mail and send it somewhere else.Yes, but that's not all they do. You can send mail without using sendmail or postfix.Locally, yes, but not across the internet on a stock OS X installation. Try it; it will fail. If it doesn't, it's because you've enabled sendmail or postfix. For example, through "do shell script" you could use the mail commandNot through a stock installation. or you could use the telnet commandBy telnetting to an outgoing mail server, sure--but that requires knowledge of a compromised mail server at the time the author is writing the script or it requires him to set up such a server--and the latter activity is likely to lead authorities to him. So even though sendmail and postfix might not be activated you don't need them to send e-mail through the command-line.Yes, you do, on a stock OS X installation. It would indeed be easy to make a self-replicating trojan out of AppleScript.Then make a proof-of-concept. Intego will be happy to publicize it. I look forward to seeing the stories... (By the way, it couldn't be "self-replicating." AppleScript requires the user to run it; "self-replicating," in the world of viruses, etc., is confined to programs that can be activated without user intervention--simply by opening an e-mail, visiting a webpage, etc.)
From my email...
The following was sent in by an unregistered user; I thought it interesting enough to post. Everything below the hyphens is the user's text, not mine (previous replies noted by single and double bars -- |, ||).
-rob. ------------------- || You can send mail without using sendmail or postfix. | Locally, yes, but not across the internet on a stock OS X installation. Try it; it will fail. If it doesn't, it's because you've enabled sendmail or postfix. There are many mail agents out there. Most Windows mass mailing worms include their own smtp agent. For a simple mass mailer, they are trivial to write || For example, through "do shell script" you could use the mail command | Not through a stock installation. || or you could use the telnet command | By telnetting to an outgoing mail server, sure--but that requires knowledge of a compromised mail server at the time the author is writing the script or it requires him to set up such a server--and the latter activity is likely to lead authorities to him. Actually, all you need is the address of the user's smtp server which can be found in this file: ~/Library/Preferences/com.apple.mail.plist You'd probably want to use the XML parser to extract smtp server names correctly. Of course, since a worm isn't too concerned with efficiency, trying to nslookup all strings (i.e. those things within tags) would eventually work too. So what's the answer? Don't run anything from unknown or untrusted sources! |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.14 seconds |
|