incorrect spam setups cause spool messes on forwarders
Richard at mandarin.com
Tue Dec 2 14:57:16 UTC 2003
On Tue, 02 Dec 2003 14:37 UTC Suresh Ramasubramanian
<suresh at outblaze.com> wrote:
| Nobody except spammers / dictionary attackers seem to VRFY these days
| for this sort of stuff. In fact grepping your logs for VRFY is often
| a reliable sign of a dictionary attack on your machines.
VRFY is an (unavoidable) part of the checking routine built into the
popular "Sam Spade for Windows" client, for manual verification of any
suspect addresses found to have sent suspicious mail. So just looking
for VRFY can give you some, er, false positives there ;-)
and, as has been said, most sites don't allow it for obvious reasons.
What is perhaps surprising, is the number of sites that disallow VRFY
but leave EXPN fully operational ...
| Thank God for small mercies, I guess.
Implementing DELAY_CHECKS (which is normal anyway these days) will of
course make a complete mockery of the process Verizon have implemented.
More information about the NANOG