Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SMTP server account probing

From: brian () HYPERREAL ORG (Brian Behlendorf)
Date: Tue, 9 Mar 1999 17:04:30 -0800

On Tue, 9 Mar 1999, Brett Glass wrote:

At 09:36 AM 3/9/99 -0800, John E. Martin wrote:


While the 'goaway' option may not prevent the program from continuing to
verify addresses, it will keep your users address from being picked up by
the program.

Perhaps someone with better sendmail experience could come up with an idea
to automatically disconnect connections that are issuing more than 25 VRFY
statements at a time?


Unfortunately, the program was designed to defeat the "goaway" option by
using RCPT TO: commands instead of VRFY commands. What's needed is
the ability to kill the connection after more than two or three recipient
names have generated errors.


I would recommend against doing this.  There are many legitimate large
mailing lists out there that are very likely to use multiple RCPT headers
in a single transaction to save bandwidth, and the odds of getting more
than two or three bounces from closed accounts are fairly good, so this
would break valid SMTP conversations.  Besides, the address harvesters
will simply reopen a second connection.

        Brian
Previous By Date Next
Previous By Thread Next

Current thread: