On 11/30/2009 7:36 PM, Benny Pedersen wrote:
and what happend is spammers just send to random email addresses and
discover user not found ?, nothing mta can do about this
Well, in that case (a dictionary attack spam run where they just try all
the common names), it would light up red flags in the anti-spam system
and possibly get them blacklisted. At least, that's how it worked prior
to massive botnets that act in a coordinated fashion so that each bot'd
machine only hits a mail server a few times instead of dozens/hundreds.
But at least it raised the difficulty level so that they have to do a
distributed and coordinated botnet now...
(I still see regular dictionary style attack runs on our mail system.)
postfix reject_unverified_sender does a vrfy ?, if remote have vrfy
disabled it try even harder to use rcpt to
i am unsure if postfix really does it or not
Yes, I made the bad assumption that Postfix tries the VRFY command.
Wolfgang has it right.
http://www.postfix.org/ADDRESS_VERIFICATION_README.html
I've never used the feature as the first paragraph states:
"The sender/recipient address verification feature described in this
document is suitable only for low-traffic sites. It performs poorly
under high load; excessive sender address verification activity may even
cause your site to be blacklisted by some providers."
And reading through the rest of it seems more like "here's a very sharp
tool that will probably hurt you if you don't take these half-dozen
steps before using it".
