On Thu, Sep 02, 1999 at 12:01:40PM -0700, Technical Incursion Countermeasures wrote:
> You can do a variation on this one (well sort opf - is a logstanding prob)
>
> basically find two sites whose FW is conf'd to accept all mail and forward
> it to the real mailserver. If this mailserver bounces invalid addresses
> then you're on your way...
This is not so much a problem with FW's in general.
> spoof a mail from an invalid address on one end to an invalid address on
> the other. and sit back..
>
> the first site will accept the mail (this is the fault - it should reject
> if it is to comply with the IETF standard) and pass it inward, the
> mailserver then sends an error message to the "sender" and the same
> process occurs at the other end...
>
> Rate of messages depends on bandwidth - but you can expect at least 1/sec...
>
> Of course you can multiply it if you send it to a list of recipients.. :}
This trick can only work if the envelope from-address on a bounce is NOT
empty ("<>"). Indeed, in that case a loop will occur.
I think you have found a firewall-SMTP implementation that handles bounces
in some really broken way.
Greetz, Peter
--
| 'He broke my heart, | Peter van Dijk |
I broke his neck' | peterat_private |
nognikz - As the sun | Hardbeat@ircnet - #cistron/#linux.nl |
http://www.nognikz.mdk.nu/ | Hardbeat@undernet - #groningen/#kinkfm/#vdh |
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:40 PDT