Bugtraq mailing list archives
Re: SMTP server account probing
From: brett () LARIAT ORG (Brett Glass)
Date: Tue, 9 Mar 1999 13:51:28 -0700
At 09:36 AM 3/9/99 -0800, John E. Martin wrote:
While the 'goaway' option may not prevent the program from continuing to verify addresses, it will keep your users address from being picked up by the program. Perhaps someone with better sendmail experience could come up with an idea to automatically disconnect connections that are issuing more than 25 VRFY statements at a time?
Unfortunately, the program was designed to defeat the "goaway" option by using RCPT TO: commands instead of VRFY commands. What's needed is the ability to kill the connection after more than two or three recipient names have generated errors. --Brett
Current thread:
- SMTP server account probing Brett Glass (Mar 08)
- Re: SMTP server account probing Frank Miller (Mar 09)
- Re: SMTP server account probing John E. Martin (Mar 09)
- Re: SMTP server account probing Brett Glass (Mar 09)
- Re: SMTP server account probing Nick Andrew (Mar 09)
- Re: SMTP server account probing Brian Behlendorf (Mar 09)
- Re: SMTP server account probing Valdis.Kletnieks () VT EDU (Mar 09)
- Re: SMTP server account probing Scott Fendley (Mar 09)
- Re: SMTP server account probing Alexander Bochmann (Mar 10)
- Re: SMTP server account probing Alan Cox (Mar 09)
- Re: SMTP server account probing Brett Glass (Mar 09)
- Re: SMTP server account probing Ryan Permeh (Mar 09)
- Re: SMTP server account probing Keith Woodworth (Mar 09)
- Linux Blind TCP Spoofing Security Research Labs (Mar 09)
- Re: Linux Blind TCP Spoofing John D. Hardin (Mar 09)