We're currently seeing a spam campaign with up to 3000 (!) domains in HTML comments in the body. Has anyone else seen this? Could be an attempt to bypass spam filters through DoS as such domains may generate a very large number of DNS lookups (against DNS blacklists).
8
11
14
Replying to @martijn_grooten
Wonder if it targets regex searches by overwhelming the amount of memory dedicated to parsing the email body.

Aug 8, 2018 · 10:47 PM UTC