Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Discovering users by RCPT TO

from [Baltasar Cevc] Network Security [Permanent Link]
Subject: Re: Discovering users by RCPT TO
Date: Sun, 16 Jan 2005 18:26:31 +0100 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bassett, Mark wrote:
| A better way of doing an "authorized user list", is to accept mail for
| every address at your domain, but toss it into the bit bucket if it's
| not a valid recipient.  The major difference being that you accept the
| message regardless, it just never gets delivered.  Lots of anti-spam
| products provide this ability.  Ciphertrust Ironmail, and Clearswift
| MimeSweeper are both anti-spam vendors that do this that I can think of
| offhand.

However, using that feature will have a rather nasty side effect of not
letting legitimate users know that their mail has not been delivered.
And at least here in Germany, knowingly not delivering mail is illegal;
although these mails cannot be delivered, I suppose you may be liable
to let the sender know (at least if it is a human ;-)

Baltasar
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB6qPHp2YsmzTbIwYRAiDYAJ99CmbUzHwpr+gKeHocTY7h+hVMOwCfeMQL
m2gy8vWwTq8OXC4OR05ZAss=
=oBNA
-----END PGP SIGNATURE-----

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Creating a Custom Trojan after Social Engineering, Todd Towles
Next by Date:  Re: Routers, Switches, and Firewall testing, GomoR
Previous by Thread:  RE: Discovering users by RCPT TO, Bassett, Mark
Next by Thread:  Re: Discovering users by RCPT TO, Tobias Glemser
Indexes:  [Date] [Thread] [Top] [All Lists]