| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: d.rowles at outcometechnologies.com (Dan Rowles) Subject: VeriSign's fake SMTP server for SiteFinder I believe they're trying to save bandwidth and minimise (further) annoyance. If a mail server can't connect to a server to deliver mail, it will keep on retrying until some timeout (which is likely to be a few days). The effect of this would be that you wouldn't get DSN failure notifications until the timeout period - which would tend to annoy users who had just misspelt an e-mail address. Additionally, you'd waste bandwidth each time the server tried to send mail (I *believe* that the retry time doubles after each failure, so you'd get something like 1 hour, 2 hours, 4 hours, etc for each retry). Mail servers could get choked trying to resend all these messages, etc... By responding to port 25 queries and refusing to accept a message, they will generate a DSN failure message straight away. This will be less annoying for users, and co-incidentally use less of their bandwidth :) But why they wait until the DATA command is a total mystery to me. It seems much more logical to bounce the message after the RCPT TO: command. Hope this helps, Dan On Mon, 2003-09-22 at 20:13, Richard M. Smith wrote: > Hello, > > Does anyone know why Verisign has set up a fake SMTP server at their > SiteFinder service to bounce email messages sent to misspelled or > expired domain names? The fake SiteFinder SMTP server gives the > impression that it is a real SMTP server and happily accepts "To" and > "From" email addresses before rejecting a misdirected email message. > > I don't quite understand what technical issues Verisign is trying to > solve here with a fake server. Any guesses? > > I've attached an early email from Verisign that gives a bit more > information about how this fake SMTP server operates but not why it is > needed. > > Richard M. Smith > http://www.ComputerBytesMan.com > > ======================================== > > -----Original Message----- > From: sitefinder@...isign-grs.com [mailto:sitefinder@...isign-grs.com] > Sent: Saturday, September 20, 2003 4:03 PM > To: Richard M. Smith > Subject: Re: Verisign's SiteFinder also breaks Outlook > (KMM988642V87763L0KM) > > Dear Richard, > > We wanted to pass along a recent update we made our email Bounce server: > > One piece of feedback we received multiple times after the addition of > the wildcard A record to the .com/.net zones concerned snubby, our > SMTP mail rejection server. This server was designed to be the most > modest of SMTP implementations and supported only the most common > sequence of SMTP commands. > > In response to this feedback, we have deployed an alternate SMTP > implementation using Postfix that should address many of the concerns > we've heard. Like snubby, this server rejects any mail sent to it (by > returning 550 in response to any number of RCPT TO commands). > > We would like to state for the record that the only purpose of this > server is to reject mail immediately to avoid its remaining in MTA > queues throughout the Internet. We are specifically not retaining, > nor do we have any intention to retain, any email addresses from these > SMTP transactions. In fact, to achieve sufficient performance, all > logging has been disabled. > > Refer to our General & Technical FAQs regarding other questions on the > new Site Finder service. They are located at: > > http://www.verisign.com/nds/naming/sitefinder/ > > We remain committed to ensuring that Site Finder improves Web navigation > and the user experience. > > Thank you. > > Best Regards, > > Customer Service > VeriSign, Inc. > www.verisign.com > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists