| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Sep 2003 13:58:12 +0200 (CEST) From: Marco Ivaldi <raptor@...eadbeef.info> To: Henning Rust <Henning.Rust@...d.uni-hannover.de> Cc: "BUGTRAQ@...URITYFOCUS. COM" <BUGTRAQ@...urityfocus.com> Subject: Re: Privacy leak in VeriSign's SiteFinder service #2 > Up to now, e-mails addressed to misspelled mail domains will not be sent > to Verisign's Fake-SMTP-service as MX records are used for mail-domain > resolving. Verisign did not set up wildcard MX records. That's not entirely correct. Since every host in non-existant domain now resolves to 64.94.110.11 (DNS record type A), all email traffic with misspelled recipient domain is actually forwarded to Verisign's sitefinder, without the need for a specific MX record: root@...doo:~# host jasfkjhaf.com jasfkjhaf.com A 64.94.110.11 E.g., try sending a test email to whatever@...-existant, you'll get something like that: <test@...fkjhaf.com>: 64.94.110.11 does not like recipient. Remote host said: 550 <unknown[X.X.X.X]>: Client host rejected: The domain you are trying to send mail to does not exist. Giving up on 64.94.110.11. :raptor -- Marco Ivaldi Antifork Research, Inc. http://0xdeadbeef.info/ 3B05 C9C5 A2DE C3D7 4233 0394 EF85 2008 DBFD B707
Powered by blists - more mailing lists