[Asrg] Replay attack

[Rich Kulawiec]

On Tue, Jan 13, 2009 at 08:46:39PM -0500, Chris Lewis wrote:
> It won't verify, because it's signing the To, I have a copy with a
> different To, with the same signature.

Yep, same here.  My copy appears to have been deliberately backscattered
of an Exchange server (dsmail01.deansteel.com) -- unless, of course,
that server's been botted, in which case no backscatter necessary.
Most interesting; do either of you think this is a test run for
something more subtle?

---Rsk