I also find a sendmail host that replies 502 and not 550: 220 cob342.netlimited.net ESMTP Sendmail 8.10.2/8.10.2; Sat, 9 Feb 2002 03:59:12 -0800 250 cob342.netlimited.net Hello mail.fdma.com [216.241.67.73], pleased to meet you 502 5.7.0 Sorry, we do not allow this operation quit manbe this patch should reflect the beginning '5' and not look for 550? maybe 550 and 502? Michael Scheidell SECNAP Network Security, LLC (561) 368-9561 scheidellat_private http://www.secnap.net ----- Original Message ----- From: "Noam Rathaus" <noamrat_private> To: "Nessus Plugins Writers" <plugins-writersat_private> Sent: Sunday, February 03, 2002 5:07 PM Subject: sendmail_expn Patch > Hi, > > Some host respond with a "250 User ok" for any given user, this patch will > try and detect it. > > Index: sendmail_expn.nasl > =================================================================== > RCS file: /usr/local/cvs/nessus-plugins/scripts/sendmail_expn.nasl,v > retrieving revision 1.21 > diff -r1.21 sendmail_expn.nasl > 115d114 > < > 117,118c116,120 > < > < if(ereg(string:r, pattern:"^(250|550).*$")) > --- > > s = string("EXPN random_user", rand(), "\r\n"); > > send(socket:soc, data:s); > > r2 = recv(socket:soc, length:1024); > > > > if((ereg(string:r, pattern:"^(250|550).*$")) && !(ereg(string:r2, > pattern:"^(250|550).*$"))) > 132c134,139 > < if(ereg(string:r, pattern:"^(250|550).*$")) > --- > > > > s = string("VRFY random_user", rand(), "\r\n"); > > send(socket:soc, data:s); > > r2 = recv_line(socket:soc, length:1024); > > > > if((ereg(string:r, pattern:"^(250|550).*$")) && !(ereg(string:r2, > pattern:"^(250|550).*$"))) > 139a147 > > > > Thanks > Noam Rathaus > http://www.BeyondSecurity.com > http://www.SecuriTeam.com > >
This archive was generated by hypermail 2b30 : Sat Feb 09 2002 - 05:44:10 PST