Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Loopholes in a proxy and smtp server

from [Devdas Bhagat] Network Security [Permanent Link]
Subject: Re: Loopholes in a proxy and smtp server
Date: Sat, 16 Dec 2006 12:18:01 +0530 
On 13/12/06 10:39 +0530, Niranjan Patil wrote:
<snip>


Using this anyone can get address book of all valid email ids of that
firm, he/she may use a simple script too. I don't think this is
normal, and need to address this soon. I checked out the popular free
email providers like gmail, yahoo or hotmail, they accept connections
for all email ids and then sends back a mailer daemon for invalid ids.


You mean, you would rather send out blowback and spam rather than let
your address book possibly get harvested. You would think there is a
reason that those providers are listed in Spamcop so often.

You might want to look at aol for a better example. It took them three
years, but they now do recipient validation at the edge.
/me waves to the folks at AOL.

Devdas Bhagat

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: advice for CEH certification, digigeek2004
Next by Date:  Re: spam-filtering policy, Devdas Bhagat
Previous by Thread:  Re: Loopholes in a proxy and smtp server, MaddHatter
Next by Thread:  spam-filtering policy, cc
Indexes:  [Date] [Thread] [Top] [All Lists]