[PLUG] Spammer techniques question (fwd)
Russell Evans
revans at e-z.net
Thu Aug 1 21:23:58 UTC 2002
Try the VRFY command on your mail server, Below; ATT disable VRFY, but e-z.net
didn't
$ telnet mail.attbi.com 25
Trying 204.127.202.7...
Connected to mail.attbi.com.
Escape character is '^]'.
220 sccrmhc02.attbi.com ESMTP server (InterMail vM.4.01.03.27
201-229-121-127-20010626) ready Thu, 1 Aug 2002 21:12:05 +0000
VFRY revans
500 Command unknown: 'VFRY'
VRFY revans
502 Command is locally disabled
^]
telnet> q
Connection closed.
$ telnet mail.e-z.net 25
Trying 192.243.32.12...
Connected to mail.e-z.net.
Escape character is '^]'.
220-zoo.e-z.net ESMTP USNET ESMTP Thu, 1 Aug 2002 14:14:35 -0700 (PDT)
220- MDM iNet, L.L.C. does not authorize the use of its computers
220- or networks to accept, transmit, or distribute unsolicited
220 bulk e-mail (UCE, SPAM) sent from the Internet.
VRFY revans
250 2.1.5 <revans at zoo.e-z.net>
^]
telnet> q
Thank you
Russell
On Thu, 1 Aug 2002 13:10:06 -0700 (PDT), Rich Shepard said:
> I cannot answer this question, sent by a friend of mine. Anyone here know
> the answer?
>
> Thanks,
>
> Rich
>
> ---------- Forwarded message ----------
> Do you or any of your fellow PLUGgers know how a spammer could harvest
> e-mail addressees right off my server? I have a couple addresses I set up a
> while ago but have never used or published, yet some spammers seem to have
> discovered them. Can they actually read the /etc/passwd file to get lists of
> users? How else (assuming I haven't been totally hacked) could they get this
> info? Or are these just lucky guesses? How can I tell them there's no one
> really there and that they are wasting their valuable time?
>
>
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
>
More information about the PLUG
mailing list