On Fri, 7 May 2004, Mark Suter wrote: > Automaticaly generated emails such as return receipts, delivery notices, > read receipts and out of office replies provide a wealth of information > to a potential attacker, for example,
> * operating systems and versions > * email server software and versions > * email client software and versions > * email architecture Most of this info can be gleaned by other means, so dropping return receipts to avoid revealing this is a bit pointless, IMO. Furthermore, you should assume that an attacker has full knowledge of your network anyway. > Also consider dropping outbound NDN notices, Please don't do that. NDN's were invented for a reason: To make e-mail reliable. If you drop NDN's, you chip away at e-mail's reliability, which is worse for people's confidence in e-mail than spam. Regards, David. _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
