On Thu, 24 Jun 2004, Kelson Vibber wrote:
The logic is more along the lines of:
- Sender claims to be [EMAIL PROTECTED]
- Look up MX records for speed.net
- Connect to mail.speed.net and see if it accepts mail for [EMAIL PROTECTED]
- From "User unknown" error, conclude that the sender is invalid and reject the message
In the old days, it might have been done using VRFY, but so many sites have disabled it to throw a roadblock in front of dictionary attacks.
Wouldn't you qualify as an address harvester by some IDSes, because you just connect to the server issue the RCPT TO then drop the connection?
(I suppose you use "MAIL FROM: <>" ;-)
Anyway, what about mail servers that always accepts RCPTs and fail the connection during DATA phase only? Or when it tempfails you? Or there is no connection possible?
This method was discussed several times on this list and I got the impression that it was found unreliable and good in the local organization only.
Bye,
-- Steffen Kaiser _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
