|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: NTmail and VRFY
Subject: Re: NTmail and VRFY
From: John Stanners (john.stanners
NTMAIL.CO.UK)
Date: Tue Dec 07 1999 - 03:45:31 CST
- Next message: David LeBlanc: "Re: AuditBaseObjects set reveals Event 560 Object Access Audit when Taskmanager is running"
- Previous message: Ussr Labs: "Remote DoS Attack in Serv-U FTP-Server v2.5a Vulnerability"
- In reply to: George: "NTmail and VRFY"
- Next in thread: Marc: "Re: NTmail and VRFY"
- Reply: John Stanners: "Re: NTmail and VRFY"
- Reply: Marc: "Re: NTmail and VRFY"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
At 08:41 PM 11/30/99 -0500, you wrote:
>as you can see, the mail server happily tells them not only when they hit an
>active account but it gives them the domain name making it very easy to
>write a single script that can be used against ALL NTmail 4 or 5 servers for
>email address harvesting. There is no way to turn VRFY off in NTmail.
>
I would just like to point out that George's comments only apply to Version
4 of NTMail. NTMail Version 5 which was released some time ago does allow
VRFY to be completely disabled.
- Next message: David LeBlanc: "Re: AuditBaseObjects set reveals Event 560 Object Access Audit when Taskmanager is running"
- Previous message: Ussr Labs: "Remote DoS Attack in Serv-U FTP-Server v2.5a Vulnerability"
- In reply to: George: "NTmail and VRFY"
- Next in thread: Marc: "Re: NTmail and VRFY"
- Reply: John Stanners: "Re: NTmail and VRFY"
- Reply: Marc: "Re: NTmail and VRFY"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Tue Dec 07 1999 - 14:18:21 CST