[Mimedefang] Sender validation

Steffen Kaiser skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Fri Jun 25 06:01:35 EDT 2004


On Thu, 24 Jun 2004, Kelson Vibber wrote:

> The logic is more along the lines of:
> - Sender claims to be fakeuser at speed.net
> - Look up MX records for speed.net
> - Connect to mail.speed.net and see if it accepts mail for fakeuser at speed.net
> - From "User unknown" error, conclude that the sender is invalid and reject 
> the message
>
> In the old days, it might have been done using VRFY, but so many sites have 
> disabled it to throw a roadblock in front of dictionary attacks.

Wouldn't you qualify as an address harvester by some IDSes, because you 
just connect to the server issue the RCPT TO then drop the connection?
(I suppose you use "MAIL FROM: <>" ;-)

Anyway, what about mail servers that always accepts RCPTs and fail the 
connection during DATA phase only? Or when it tempfails you? Or there is 
no connection possible?

This method was discussed several times on this list and I got the 
impression that it was found unreliable and good in the local organization 
only.

Bye,

-- 
Steffen Kaiser



More information about the MIMEDefang mailing list