It was pointed out here that SMTP VRFY unchecked preempted spammers from a "dictionary attack" on your accounts. VRFY function : "I want you to verify that <username> is on your SMTP server". ie, VRFY has nothing to do with security. If checked, and the spammers is lucky in his harvesting, your server tells him 'yes, that user is here'. If unchecked, the spammer gets no response. Len ============== >Make sure Disable SMTP VRFY is NOT checked. I believe the authentication >uses VRFY to check to see if the user is homed on the server. Someone >correct me if I'm wrong. > >Anyone have any comments about enabling SMTP VRFY? Are there any serious >security concerns? Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list.
- RE: [IMail Forum] SMTP32.EXE Phil Daws
- Re: [IMail Forum] SMTP32.EXE Steven Plautz
- RE: [IMail Forum] SMTP32.EXE Daniel Donnelly
- RE: [IMail Forum] SMTP32.EXE Phil Daws
- Re: [IMail Forum] SMTP32.EXE Brian Polon
- RE: [IMail Forum] SMTP32.EXE Cal Frye
- RE: [IMail Forum] SMTP32.EXE Gary Mauer
- Re: [IMail Forum] SMTP32.EXE Daniel Donnelly
- Re: [IMail Forum] SMTP32.EXE Brian Polon
- RE: [IMail Forum] SMTP32.EXE Joel Morgan
- Re: [IMail Forum] SMTP32.EXE Len Conrad
- Re: [IMail Forum] SMTP32.EXE Daniel Donnelly
- [IMail Forum] SMTP32.EXE Jason Harris
- [IMail Forum] How do I use an IP address for official... Scott Martin
- Re: [IMail Forum] How do I use an IP address for ... Daniel Donnelly
- Re: [IMail Forum] SMTP32.EXE Daniel Donnelly
- [IMail Forum] smtp32.exe imail
- [IMail Forum] Anti spam with imail 8.02 Peter Lowish
- RE: [IMail Forum] Anti spam with imail 8.02 Mike Barber
- Re: [IMail Forum] Anti spam with imail 8.02 Joshua Levitsky
- [IMail Forum] Using the API Nicholas Owens
