From owner-freebsd-security Fri Aug 13 10:31: 1 1999 Delivered-To: freebsd-security@freebsd.org Received: from frmug.org (frmug-gw.frmug.org [193.56.58.252]) by hub.freebsd.org (Postfix) with ESMTP id A61C714BF7 for ; Fri, 13 Aug 1999 10:30:57 -0700 (PDT) (envelope-from roberto@keltia.freenix.fr) Received: (from uucp@localhost) by frmug.org (8.9.1/frmug-2.3/nospam) with UUCP id TAA26658 for security@freebsd.org; Fri, 13 Aug 1999 19:30:50 +0200 (CEST) (envelope-from roberto@keltia.freenix.fr) Received: by keltia.freenix.fr (Postfix, from userid 101) id 2E823870B; Fri, 13 Aug 1999 19:11:48 +0200 (CEST) Date: Fri, 13 Aug 1999 19:11:48 +0200 From: Ollivier Robert To: security@freebsd.org Subject: Re: Another SMTP name-guessing attack Message-ID: <19990813191148.A78023@keltia.freenix.fr> Mail-Followup-To: security@freebsd.org References: <4.2.0.58.19990812185216.043c1160@localhost> <4.2.0.58.19990812185216.043c1160@localhost> <19990813143148.A73411@keltia.freenix.fr> <4.2.0.58.19990813091645.048468a0@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii User-Agent: Mutt/0.95.5i In-Reply-To: <4.2.0.58.19990813091645.048468a0@localhost>; from Brett Glass on Fri, Aug 13, 1999 at 09:57:03AM -0600 X-Operating-System: FreeBSD 4.0-CURRENT/ELF ctm#5543 AMD-K6 MMX @ 200 MHz Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org According to Brett Glass: > We do use the RBL. But as far as I can tell, the DUL system doesn't reject > the mail until after the whole message is sent; it doesn't stop Sendmail from > listening to the dial-in node beforehand. So, I am not sure that it would > defeat this attack. Yes it does. This is the same as RBL except only dialup pool addresses are kept into it. They'll be rejected at connect time if you use sendmail. Postfix would delay the reject up to RCPT TO: time because some broken clients don't expect the dialog to be cut at connect time and re-connect immediately. -- Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 4.0-CURRENT #73: Sat Jul 31 15:36:05 CEST 1999 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message