Tue, 24 Aug 2010
Spammers and their inventiveness
This fragment of code was extracted from a direct-to-MX PHP spam cannon installed on a customer server. Yes, it contains a real DNS stub resolver written in PHP (which abuses the promiscuous cache of a local large ISP).
function dns_get_list($dns,$domains,$type=1) { $sockets=array(); foreach ($domains as $d=>$domain) { $dns_packet = chr(0).chr($d). chr(1).chr(0). chr(0).chr(1). chr(0).chr(0). chr(0).chr(0). chr(0).chr(0); $dns_packet_len=12; list($qname_len,$qname)=make_QNAME($domain); $dns_packet .= $qname. chr(0).chr($type). chr(0).chr(1); $dns_packet_len+=$qname_len+4; $sockets[$d]=fsockopen("udp://$dns", 53); fwrite($sockets[$d],$dns_packet,$dns_packet_len); } foreach ($domains as $d=>$domain) socket_set_timeout($sockets[$d],3); $result=array(); foreach ($domains as $d=>$domain) { [...]