Re: SMTP server account probing

From: Keith Woodworth (kwoodyat_private)
Date: Tue Mar 09 1999 - 15:08:39 PST

Next message: Ryan Permeh: "Re: SMTP server account probing"

Previous message: Brian Behlendorf: "Re: SMTP server account probing"
Maybe in reply to: Brett Glass: "SMTP server account probing"
Next in thread: Ryan Permeh: "Re: SMTP server account probing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 9 Mar 1999, John E. Martin wrote:

>>>In this attack, an SMTP server is probed for common names, presumably
>>>so that spam can the be targeted at them. The attacking machine
>>>connects and issues hundreds of RCPT TO: commands, searching a long
>>>list of common user names (e.g. susan) for ones that don't cause
>>>errors. It then compiles a list of target addresses to spam.
>>
>>This is a good reason for sendmail users to add the following to their .cf
>>files:
>>
>>
>>O PrivacyOptions=goaway
>>
>>
>>This will prevent VRFY and EXPN commands from functioning at all and
>>releasing correct addresses.
>>
The goaway option will also, if I'm not mistaken, also screwup anyone who
does ETRN to collect mail. Fetchmail is one program that uses ETRN I
believe.

Keith

Next message: Ryan Permeh: "Re: SMTP server account probing"
Previous message: Brian Behlendorf: "Re: SMTP server account probing"
Maybe in reply to: Brett Glass: "SMTP server account probing"
Next in thread: Ryan Permeh: "Re: SMTP server account probing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:35 PDT