Just read through a lengthy discussion on another list about this very feature which was just implimented on the other MTA I use as a spam prevention. Some points broght up are that it can never be trusted as a true yes or no, both have false positive potential, and that repeated sessions of this type from your MTA may end up being treated as a low impact dictionary attack against the remote MTA, casusing your server to be blacklisted. If you saw multiple dataless sessions from a remote MTA to invalid and valid accounts, what would you think they were doing?
Thanks, Chuck Frolick ArgoNet, Inc. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leonardo Cabral Sent: Tuesday, May 27, 2003 9:55 AM To: [EMAIL PROTECTED] Subject: [xmail] Re: Faked MAIL FROM Davide Libenzi wrote: > > XMail will try to get MX for bbb.comand it'll fail the message will be > rejected (obviously if bbb.com is not local). Then XMail will connect > to port 25 of the MX record and : > > HELO xxx > MAIL FROM:<> > RCPT TO:<[EMAIL PROTECTED]> > QUIT > > If the response of the RCP is a failure, the account aaa does not > exist on the bbb.com domain and hence it is faked. > > > > - Davide Well, Davide, I'm not sure if it's a good idea to implement this because many server can be configured to never say that a user does not exist, and others like antivir mail gate always accepts mails for a domain as they are just "wrappers" for that domain. As you know the VRFY command is optional in many servers (with optional I mean that if it's implemented it can also be deactivated by configuration) for security reasons. Well, saying that a mailbox exists or not after receiving the "RCPT TO:" parameter has the same effect of using VRFY. There will be even problems with domains with misconfigured MX records. So, it maybe will be a waste of time implementing and using this function. Don't you agree? Leonardo Cabral - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
