OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: [Full-disclosure] What makes Yahoo! a good merger candidate?

From: Paul Schmehl (paulsutdallas.edu)
Date: Wed Feb 06 2008 - 11:40:06 CST

--On Wednesday, February 06, 2008 12:25:19 -0500 Harry Hoffman
<hhoffmanip-solutions.net> wrote:

> You just need to take it a step further :-)
>
> ...
> rcpt to: <nosuchuser12323123123123132124432342yahoo.com>
> 250 recipient <nosuchuser12323123123123132124432342yahoo.com> ok
> data
> 354 go ahead
> Testing
> .
>
> 554 delivery error: dd This user doesn't have a yahoo.com account
> (nosuchuser12323123123123132124432342yahoo.com) [0] -
> mta367.mail.mud.yahoo.com
> 421 Service not available, closing transmission channel.
> Connection closed by foreign host.
>
>
> Valdis.Kletnieksvt.edu wrote:
>> On Wed, 06 Feb 2008 10:44:10 CST, Paul Schmehl said:
>>
>>> RCPT TO: <abuseyahoo.com>
>>> 250 recipient <abuseyahoo.com> ok
>>
>> % telnet f.mx.mail.yahoo.com 25
>> ...
>> rcpt to: <ctl-alt-cokebottleyahoo.com>
>> 250 recipient <ctl-alt-cokebottleyahoo.com> ok
>>
>> Yee. Hah. They 250 for a probably-nonexistent account (unless that
>> one actually *does* exist? :)
>>

They're also the first mail server I've ever connected to that won't accept
userdomain.tld and insists on <userdomain.tld> instead. So, I'm not
surprised to find that they 250 everything you type in.

I guess RFCs are even more meaningless now than they always have been. :-(

BTW, privately I was informed that the *real* address is securityyahoo-inc.com.

Who knew.

--
Paul Schmehl (paulsutdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/