Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Privacy leak in VeriSign's SiteFinder service #2
From: Marco Ivaldi <raptor () 0xdeadbeef info>
Date: Wed, 24 Sep 2003 21:00:52 +0200 (CEST)

On Wed, 24 Sep 2003, Mark Coleman wrote:

TELNET YYAAHHOO.COM 25

220 sitefinder.verisign.com VeriSign mail rejector (Postfix)
mail from:source () yahoo com
250 Ok
rcpt to:user () yyaahhoo com
550 <unknown[198.252.172.254]>: Client host rejected: The domain you are
trying
to send mail to does not exist.

They could (AND SHOULD) REJECT from the initial connection, but instead
ALLOW the TO and FROM fields of the SMTP negotiation to happen.

Moreover, they're still working on this SMTP server. Just one week ago,
they were running another Postfix-like MTA, with completely different
behaviour:

root () anarch0:~# telnet kjashfjhshghgfddg.com 25
Trying 64.94.110.11...
Connected to kjashfjhshghgfddg.com.
Escape character is '^]'.
220 snubby1-wcwest Snubby Mail Rejector Daemon v1.3 ready
helo foo
250 OK
mail from:test () test com
250 OK
rcpt to:nospam () 0xdeadbeef info
250 OK
data
221 snubby1-wcwest Snubby Mail Rejector Daemon v1.3 closing transmission
channelConnection closed by foreign host.

What if Verisign is planning to open more similar TCP/IP services on that
host? What if they're going to further modify the existing ones, to better
invade individuals' privacy?

:raptor
-- 
Marco Ivaldi
Antifork Research, Inc.   http://0xdeadbeef.info/
3B05 C9C5 A2DE C3D7 4233  0394 EF85 2008 DBFD B707


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]