lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1064263053.15278.64.camel@localhost.localdomain>
From: d.rowles at outcometechnologies.com (Dan Rowles)
Subject: VeriSign's fake SMTP server for SiteFinder

I believe they're trying to save bandwidth and minimise (further)
annoyance.

If a mail server can't connect to a server to deliver mail, it will keep
on retrying until some timeout (which is likely to be a few days). The
effect of this would be that you wouldn't get DSN failure notifications
until the timeout period - which would tend to annoy users who had just
misspelt an e-mail address. Additionally, you'd waste bandwidth each
time the server tried to send mail (I *believe* that the retry time
doubles after each failure, so you'd get something like 1 hour, 2 hours,
4 hours, etc for each retry). Mail servers could get choked trying to
resend all these messages, etc...

By responding to port 25 queries and refusing to accept a message, they
will generate a DSN failure message straight away. This will be less
annoying for users, and co-incidentally use less of their bandwidth :)

But why they wait until the DATA command is a total mystery to me. It
seems much more logical to bounce the message after the RCPT TO:
command. 

Hope this helps,

Dan






On Mon, 2003-09-22 at 20:13, Richard M. Smith wrote:
> Hello,
> 
> Does anyone know why Verisign has set up a fake SMTP server at their
> SiteFinder service to bounce email messages sent to misspelled or
> expired domain names?  The fake SiteFinder SMTP server gives the
> impression that it is a real SMTP server and happily accepts "To" and
> "From" email addresses before rejecting a misdirected email message.  
> 
> I don't quite understand what technical issues Verisign is trying to
> solve here with a fake server.  Any guesses?
> 
> I've attached an early email from Verisign that gives a bit more
> information about how this fake SMTP server operates but not why it is
> needed.
> 
> Richard M. Smith
> http://www.ComputerBytesMan.com
> 
> ========================================
> 
> -----Original Message-----
> From: sitefinder@...isign-grs.com [mailto:sitefinder@...isign-grs.com] 
> Sent: Saturday, September 20, 2003 4:03 PM
> To: Richard M. Smith
> Subject: Re: Verisign's SiteFinder also breaks Outlook
> (KMM988642V87763L0KM)
> 
> Dear Richard,
> 
> We wanted to pass along a recent update we made our email Bounce server:
> 
> One piece of feedback we received multiple times after the addition of
> the wildcard A record to the .com/.net zones concerned snubby, our
> SMTP mail rejection server.  This server was designed to be the most
> modest of SMTP implementations and supported only the most common
> sequence of SMTP commands.
> 
> In response to this feedback, we have deployed an alternate SMTP
> implementation using Postfix that should address many of the concerns
> we've heard.  Like snubby, this server rejects any mail sent to it (by
> returning 550 in response to any number of RCPT TO commands).
> 
> We would like to state for the record that the only purpose of this
> server is to reject mail immediately to avoid its remaining in MTA
> queues throughout the Internet.  We are specifically not retaining,
> nor do we have any intention to retain, any email addresses from these
> SMTP transactions.  In fact, to achieve sufficient performance, all
> logging has been disabled.
> 
> Refer to our General & Technical FAQs regarding other questions on the 
> new Site Finder service. They are located at:
> 
> http://www.verisign.com/nds/naming/sitefinder/
> 
> We remain committed to ensuring that Site Finder improves Web navigation
> and the user experience.
> 
> Thank you.
> 
> Best Regards,
> 
> Customer Service
> VeriSign, Inc.
> www.verisign.com
> 
> 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ