Bugtraq: Re: Is predictable spam filtering a vulnerability? (silently dropping messages)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Is predictable spam filtering a vulnerability? (silently dropping messages)

From: der Mouse <mouse () Rodents Montreal QC CA>
Date: Fri, 25 Jun 2004 15:49:27 -0400 (EDT)

A 5xx failure code is a lot more friendly than actually generating a
DSN.

Well, you're causing the sending/relaying host to generate the DSN.


Only if the sending host is running a real MTA.  If it's ratware
talking to you, it won't do anything of the sort.  _That_ is the real
gain of an SMTP-layer rejection over accept-and-bounce: it doesn't
generate DSNs when talking to ratware.

Quite possibly back to some sod who has been joe-jobbed.


But in that respect it's no worse than generating a DSN yourself.
Better sometimes and no worse the other times - sounds like a win.

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               mouse () rodents montreal qc ca
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

By Date By Thread

Current thread:

Re: Is predictable spam filtering a vulnerability?, (continued)
- Re: Is predictable spam filtering a vulnerability? Ilya Sher (Jun 18)
- Re: Is predictable spam filtering a vulnerability? Gadi Evron (Jun 19)
- Re: Is predictable spam filtering a vulnerability? krispykringle (Jun 21)
- RE: Is predictable spam filtering a vulnerability? Romulo M. Cholewa (Jun 19)