Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_1

Bugtraq archives for 1st quarter (Jan-Mar) 1999: Re: SMTP server account probing

Re: SMTP server account probing

Brett Glass (brettLARIAT.ORG)
Tue, 9 Mar 1999 13:51:28 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Security Research Labs: "Linux Blind TCP Spoofing"
Previous message: Anonymous: "Re: buffer overflow in /usr/bin/cancel"
In reply to: John E. Martin: "Re: SMTP server account probing"
Next in thread: Nick Andrew: "Re: SMTP server account probing"

At 09:36 AM 3/9/99 -0800, John E. Martin wrote:

>While the 'goaway' option may not prevent the program from continuing to
>verify addresses, it will keep your users address from being picked up by
>the program.
>
>Perhaps someone with better sendmail experience could come up with an idea
>to automatically disconnect connections that are issuing more than 25 VRFY
>statements at a time?

Unfortunately, the program was designed to defeat the "goaway" option by
using RCPT TO: commands instead of VRFY commands. What's needed is
the ability to kill the connection after more than two or three recipient
names have generated errors.

--Brett

Next message: Security Research Labs: "Linux Blind TCP Spoofing"
Previous message: Anonymous: "Re: buffer overflow in /usr/bin/cancel"
In reply to: John E. Martin: "Re: SMTP server account probing"
Next in thread: Nick Andrew: "Re: SMTP server account probing"