[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: get all User through smtp ?



Ben-Nes Michael wrote:

> Hi
>
> >From time to time I get junk mail thats get not only to me but to most
> of my users.
> The Q is: How the hell the sender found the emails ?
> Im using sendmail / qpopper.
>

Check if your sendmail config permits the use of EXPN and VRFY. Also,
check if your popper gives different messages in case of valid/invalid
USER commands.

Of course, this applies only to brute force attacks. I prefer to think
that
you'd have noticed if any brute force attack was taking place
against your hosts.

Otherwise, the most normal places for spammers to get their victims is
on mailing-lists (at least those bad administered, not our dear playing
ground here), newsgroups and other public venues.

--izar



=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il