"Dennis Duval" <[EMAIL PROTECTED]> wrote:
>
> ...I believe they then compare the bounces ( [EMAIL PROTECTED]
> in this case), against the database of addresses that were sent to...
The method here is perfectly correct. Indeed, using VERP there is no need
for bounce parsing, so the attack can be trivially adapted to attack ALL
mailers.
> ...resulting in a list of valid email addresses of my users.
What on earth do these lists cost these days?!? This method is so
astonishingly inefficient that I can't believe there's a positive
payoff. (Especially since spam listers can sell invalid addresses if
they want--who would ever know?)
I wonder if it isn't something else--like harvesting login names for a
stupid password crack? I'd be a _little_ less flabbergasted if that
were the case.
Len.
--
Frugal Tip #49:
Try owning lots of jewelry, negotiable securities, and tax-free municipal
bonds. Many rich people are known to have them.
