Full Disclosure mailing list archives

Re: VeriSign's fake SMTP server for SiteFinder


From: Dan Rowles <d.rowles () outcometechnologies com>
Date: 22 Sep 2003 21:37:33 +0100

I believe they're trying to save bandwidth and minimise (further)
annoyance.

If a mail server can't connect to a server to deliver mail, it will keep
on retrying until some timeout (which is likely to be a few days). The
effect of this would be that you wouldn't get DSN failure notifications
until the timeout period - which would tend to annoy users who had just
misspelt an e-mail address. Additionally, you'd waste bandwidth each
time the server tried to send mail (I *believe* that the retry time
doubles after each failure, so you'd get something like 1 hour, 2 hours,
4 hours, etc for each retry). Mail servers could get choked trying to
resend all these messages, etc...

By responding to port 25 queries and refusing to accept a message, they
will generate a DSN failure message straight away. This will be less
annoying for users, and co-incidentally use less of their bandwidth :)

But why they wait until the DATA command is a total mystery to me. It
seems much more logical to bounce the message after the RCPT TO:
command. 

Hope this helps,

Dan






On Mon, 2003-09-22 at 20:13, Richard M. Smith wrote:
Hello,

Does anyone know why Verisign has set up a fake SMTP server at their
SiteFinder service to bounce email messages sent to misspelled or
expired domain names?  The fake SiteFinder SMTP server gives the
impression that it is a real SMTP server and happily accepts "To" and
"From" email addresses before rejecting a misdirected email message.  

I don't quite understand what technical issues Verisign is trying to
solve here with a fake server.  Any guesses?

I've attached an early email from Verisign that gives a bit more
information about how this fake SMTP server operates but not why it is
needed.

Richard M. Smith
http://www.ComputerBytesMan.com

========================================

-----Original Message-----
From: sitefinder () verisign-grs com [mailto:sitefinder () verisign-grs com] 
Sent: Saturday, September 20, 2003 4:03 PM
To: Richard M. Smith
Subject: Re: Verisign's SiteFinder also breaks Outlook
(KMM988642V87763L0KM)

Dear Richard,

We wanted to pass along a recent update we made our email Bounce server:

One piece of feedback we received multiple times after the addition of
the wildcard A record to the .com/.net zones concerned snubby, our
SMTP mail rejection server.  This server was designed to be the most
modest of SMTP implementations and supported only the most common
sequence of SMTP commands.

In response to this feedback, we have deployed an alternate SMTP
implementation using Postfix that should address many of the concerns
we've heard.  Like snubby, this server rejects any mail sent to it (by
returning 550 in response to any number of RCPT TO commands).

We would like to state for the record that the only purpose of this
server is to reject mail immediately to avoid its remaining in MTA
queues throughout the Internet.  We are specifically not retaining,
nor do we have any intention to retain, any email addresses from these
SMTP transactions.  In fact, to achieve sufficient performance, all
logging has been disabled.

Refer to our General & Technical FAQs regarding other questions on the 
new Site Finder service. They are located at:

http://www.verisign.com/nds/naming/sitefinder/

We remain committed to ensuring that Site Finder improves Web navigation
and the user experience.

Thank you.

Best Regards,

Customer Service
VeriSign, Inc.
www.verisign.com




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Current thread: