Security Basics mailing list archives
Re: Loopholes in a proxy and smtp server
From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Sat, 16 Dec 2006 12:18:01 +0530
On 13/12/06 10:39 +0530, Niranjan Patil wrote: <snip>
Using this anyone can get address book of all valid email ids of that firm, he/she may use a simple script too. I don't think this is normal, and need to address this soon. I checked out the popular free email providers like gmail, yahoo or hotmail, they accept connections for all email ids and then sends back a mailer daemon for invalid ids.
You mean, you would rather send out blowback and spam rather than let your address book possibly get harvested. You would think there is a reason that those providers are listed in Spamcop so often. You might want to look at aol for a better example. It took them three years, but they now do recipient validation at the edge. /me waves to the folks at AOL. Devdas Bhagat --------------------------------------------------------------------------- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect ---------------------------------------------------------------------------
Current thread:
- Loopholes in a proxy and smtp server Niranjan Patil (Dec 13)
- Re: Loopholes in a proxy and smtp server Matt Coffman (Dec 13)
- RE: Loopholes in a proxy and smtp server Murda Mcloud (Dec 14)
- Re: Loopholes in a proxy and smtp server Matt Coffman (Dec 14)
- RE: Loopholes in a proxy and smtp server Murda Mcloud (Dec 14)
- RE: Loopholes in a proxy and smtp server Murda Mcloud (Dec 14)
- Re: Loopholes in a proxy and smtp server Matt Coffman (Dec 13)
- Re: Loopholes in a proxy and smtp server MaddHatter (Dec 14)
- Re: Loopholes in a proxy and smtp server Devdas Bhagat (Dec 18)