On Thu, Sep 02, 1999 at 12:01:40PM -0700, Technical Incursion Countermeasures wrote: > You can do a variation on this one (well sort opf - is a logstanding prob) > > basically find two sites whose FW is conf'd to accept all mail and forward > it to the real mailserver. If this mailserver bounces invalid addresses > then you're on your way... This is not so much a problem with FW's in general. > spoof a mail from an invalid address on one end to an invalid address on > the other. and sit back.. > > the first site will accept the mail (this is the fault - it should reject > if it is to comply with the IETF standard) and pass it inward, the > mailserver then sends an error message to the "sender" and the same > process occurs at the other end... > > Rate of messages depends on bandwidth - but you can expect at least 1/sec... > > Of course you can multiply it if you send it to a list of recipients.. :} This trick can only work if the envelope from-address on a bounce is NOT empty ("<>"). Indeed, in that case a loop will occur. I think you have found a firewall-SMTP implementation that handles bounces in some really broken way. Greetz, Peter -- | 'He broke my heart, | Peter van Dijk | I broke his neck' | peterat_private | nognikz - As the sun | Hardbeat@ircnet - #cistron/#linux.nl | http://www.nognikz.mdk.nu/ | Hardbeat@undernet - #groningen/#kinkfm/#vdh |
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:40 PDT