Bugtraq mailing list archives
Re: SMTP server account probing
From: gvs () RINET RU (GvS)
Date: Tue, 9 Mar 1999 20:58:25 +0300
Hi there! On Mon, 8 Mar 1999, Brett Glass wrote: BG> In this attack, an SMTP server is probed for common names, presumably BG> so that spam can the be targeted at them. The attacking machine BG> connects and issues hundreds of RCPT TO: commands, searching a long BG> list of common user names (e.g. susan) for ones that don't cause BG> errors. It then compiles a list of target addresses to spam. The most common protection method against this attack is to restrict the number of recipients per message as defined in sendmail.cf: O MaxRecipientsPerMessage=NN It doesn't protect from name probing, but protects from overhead in conjunction with O ConnectionRateThrottle and O MaxDaemonChildren options. BG> I'm surprised that I haven't seen this one on the Bugtraq list yet. I do not think it's bugtraq issue really. This attack can easily be prevented with configuration methods. SY, Seva Gluschenko, just stranger at the Road. GVS-RIPE: Cronyx Plus / RiNet network administrator. --- IRC: erra * Origin: Erra Netmale (gvs () rinet ru) [http://gvs.rinet.ru/]
Current thread:
- Re: SMTP server account probing, (continued)
- Re: SMTP server account probing Brian Behlendorf (Mar 09)
- Re: SMTP server account probing Valdis.Kletnieks () VT EDU (Mar 09)
- Re: SMTP server account probing Scott Fendley (Mar 09)
- Re: SMTP server account probing Alexander Bochmann (Mar 10)
- Re: SMTP server account probing Alan Cox (Mar 09)
- Re: SMTP server account probing Ryan Permeh (Mar 09)
- Re: SMTP server account probing Keith Woodworth (Mar 09)
- Linux Blind TCP Spoofing Security Research Labs (Mar 09)
- Re: Linux Blind TCP Spoofing John D. Hardin (Mar 09)
- Winfreeze.c for Solaris ... Max Schubert (Mar 09)
- Re: SMTP server account probing GvS (Mar 09)
- Re: SMTP server account probing David Gale (Mar 09)
- Re: SMTP server account probing James Lick (Mar 09)
- Administrivia Aleph One (Mar 10)
- Re: SMTP server account probing Stefan Monnier (Mar 09)
- Re: SMTP server account probing Jose C. Oon (Mar 09)
- Re: SMTP server account probing Tobias J. Kreidl (Mar 10)
- Re: SMTP server account probing typo () INFERNO TUSCULUM EDU (Mar 13)