A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual.
The trick relies on a quirk in RFC791 a standard that describes the Internet Protocol (IP).
Among the various technical details, RFC791 is also the standard that describes how IP addresses look. We mostly know them in their most prevalent form of dotted-decimal address (for example, 192.168.0.1).
However, IP addresses can also be written in three other formats:
- Octal - 0300.0250.0000.0001 (by converting each decimal number to the octal base)
- Hexadecimal - 0xc0a80001 (by convert each decimal number to hexadecimal)
- Integer/DWORD - 3232235521 (by converting the hexadecimal IP to integer)
Well, one spammer group has apparently picked up on the trick.
