IETF Logo Mail Archive

RE: [Asrg] C/R Interworking Framework

"Eric Dean" <eric@purespeed.com> Wed, 04 June 2003 21:15 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA13017 for <asrg-archive@odin.ietf.org>; Wed, 4 Jun 2003 17:15:32 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h54LF7v22036 for asrg-archive@odin.ietf.org; Wed, 4 Jun 2003 17:15:07 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h54LF7B22033 for <asrg-web-archive@optimus.ietf.org>; Wed, 4 Jun 2003 17:15:07 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA13001; Wed, 4 Jun 2003 17:15:01 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19NfZJ-0000Vm-00; Wed, 04 Jun 2003 17:13:13 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19NfZI-0000Vj-00; Wed, 04 Jun 2003 17:13:12 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h54LD7B21955; Wed, 4 Jun 2003 17:13:07 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h54LCIB21884 for <asrg@optimus.ietf.org>; Wed, 4 Jun 2003 17:12:18 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA12931 for <asrg@ietf.org>; Wed, 4 Jun 2003 17:12:13 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19NfWa-0000Ui-00 for asrg@ietf.org; Wed, 04 Jun 2003 17:10:24 -0400
Received: from [66.77.68.8] (helo=mailgate.purespeed.com) by ietf-mx with esmtp (Exim 4.12) id 19NfWZ-0000Ud-00 for asrg@ietf.org; Wed, 04 Jun 2003 17:10:23 -0400
Received: from purespeed.com (mail.purespeed.com [66.77.69.8]) by mailgate.purespeed.com (Postfix Relay Hub) with ESMTP id 93AD713B8A; Wed, 4 Jun 2003 17:14:28 -0400 (EDT)
Received: from HOMEY [68.100.19.195] by purespeed.com (SMTPD32-7.13) id A021522400D0; Wed, 04 Jun 2003 17:09:53 -0400
From: Eric Dean <eric@purespeed.com>
To: Yakov Shafranovich <research@solidmatrix.com>, John Fenley <pontifier@hotmail.com>, asrg@ietf.org
Subject: RE: [Asrg] C/R Interworking Framework
Message-ID: <MBEKIIAKLDHKMLNFJODBEEEKFHAA.eric@purespeed.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
In-Reply-To: <5.2.0.9.2.20030604140206.00bb6b48@std5.imagineis.com>
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Content-Transfer-Encoding: 7bit
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Wed, 04 Jun 2003 17:12:21 -0400
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

> RFC 2505, section 2.11:
>
> "Both SMTP VRFY and EXPN provide means for a potential spammer to test
> whether the addresses on his list are valid (VRFY) and even get more
> addresses (EXPN). Therefore, the MTA SHOULD control who is is allowed to
> issue these commands. This may be "on/off" or it may use access lists
> similar to those mentioned previously."
>
> The main problem with VRFY is that it allows the spammer to
> verify addresses.
>

I rarely see SMTP VRFY attacks..it's just as easy to do RCPT TO than SMTP
VRFY...in fact, spammers don't care if the address is valid anyway since
they often uses bogus sender addresses.

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email