Rick McMillin writes:
> Does anyone know of any good reasons as to why QMail is better
> suited to handle this attack?
Certainly something like this could happen. And yes, it would be a
serious PITA because spammers rarely use a valid envelope sender, so
the mail would all double-bounce. However, the whole point behind
this program is for a spammer to use the information provided by
rcpt-to to *avoid* having to send mail to every word in their
dictionary. Since qmail doesn't provide any information, the first
qmail site a spammer picks on will suck down all of their emailing
capability, and they won't be successful in spamming, to the extent
that spamming achieves any success.
> >In both cases on your server, if you're attacked, it will respond with a
> >positive (or semi-positive in the case of vrfy) answer for EVERY word in
> >their dictionary. Let's say they have a 500,000 word dictionary (I have no
> >idea what size they use). Shortly after the harvesting attack, you're going
> >to get 500,000 spams flooding into your mailserver (or more likely 5000
> >messages with 100 BCC: recipients each?).
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
