Bugtraq mailing list archives
Re: SMTP server account probing
From: kwoody () citytel net (Keith Woodworth)
Date: Tue, 9 Mar 1999 15:08:39 -0800
On Tue, 9 Mar 1999, John E. Martin wrote:
In this attack, an SMTP server is probed for common names, presumably so that spam can the be targeted at them. The attacking machine connects and issues hundreds of RCPT TO: commands, searching a long list of common user names (e.g. susan) for ones that don't cause errors. It then compiles a list of target addresses to spam.This is a good reason for sendmail users to add the following to their .cf files: O PrivacyOptions=goaway This will prevent VRFY and EXPN commands from functioning at all and releasing correct addresses.
The goaway option will also, if I'm not mistaken, also screwup anyone who does ETRN to collect mail. Fetchmail is one program that uses ETRN I believe. Keith
Current thread:
- Re: SMTP server account probing, (continued)
- Re: SMTP server account probing Frank Miller (Mar 09)
- Re: SMTP server account probing John E. Martin (Mar 09)
- Re: SMTP server account probing Brett Glass (Mar 09)
- Re: SMTP server account probing Nick Andrew (Mar 09)
- Re: SMTP server account probing Brian Behlendorf (Mar 09)
- Re: SMTP server account probing Valdis.Kletnieks () VT EDU (Mar 09)
- Re: SMTP server account probing Scott Fendley (Mar 09)
- Re: SMTP server account probing Alexander Bochmann (Mar 10)
- Re: SMTP server account probing Alan Cox (Mar 09)
- Re: SMTP server account probing Brett Glass (Mar 09)
- Re: SMTP server account probing Ryan Permeh (Mar 09)
- Re: SMTP server account probing Keith Woodworth (Mar 09)
- Linux Blind TCP Spoofing Security Research Labs (Mar 09)
- Re: Linux Blind TCP Spoofing John D. Hardin (Mar 09)
- Winfreeze.c for Solaris ... Max Schubert (Mar 09)
- Re: SMTP server account probing GvS (Mar 09)
- Re: SMTP server account probing David Gale (Mar 09)
- Re: SMTP server account probing James Lick (Mar 09)
- Administrivia Aleph One (Mar 10)
- Re: SMTP server account probing Stefan Monnier (Mar 09)
- Re: SMTP server account probing Jose C. Oon (Mar 09)
- Re: SMTP server account probing Tobias J. Kreidl (Mar 10)