Mark Komarinski <[EMAIL PROTECTED]> writes: > a sending account before allowing the communication to continue? I > know a lot of mail systems disable VRFY, since it allows a spammer > to find out who is there, but that's pretty much dead anyway since a
VRFY can be abused for more than just spam. For instance, it can provide hints as to what login names exist, to facilitate break-ins. >> deliver something to me, why can't the MTA hit the MX for mail.com > and VRFY that the account is valid? If it's valid, it comes The effect of this would be to deny mail from any system that tries to be secure from break-ins. It's almost like telling your family and friends that you refuse to ring their doorbells unless they post a sign on it that says something like "The key is under the doormat". "After all, a burglar could always pick the lock". -- John Abreau / Executive Director, Boston Linux & Unix ICQ 28611923 / AIM abreauj / JABBER [EMAIL PROTECTED] / YAHOO abreauj Email [EMAIL PROTECTED] / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9 PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
msg13477/pgp00000.pgp
Description: PGP signature
