Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 22 Apr 2003 08:29:31 -0400
From:      Bill Moran <wmoran@potentialtech.com>
To:        Stephen Hovey <shovey@buffnet.net>
Cc:        questions@freebsd.org
Subject:   Re: Spammers harvesting addresses
Message-ID:  <3EA535AB.5060104@potentialtech.com>
In-Reply-To: <Pine.BSF.4.05.10304220745020.29612-100000@buffnet11.buffnet.net>
References:  <Pine.BSF.4.05.10304220745020.29612-100000@buffnet11.buffnet.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Stephen Hovey wrote:
> OTHER than a unsecured fingerd, how else might spammers be harvest email
> addresses?  Every so often Ill end up with spam in an account created for
> some specific purpose, which never sends email, and which is a nonsense
> made up userid (thus hard to think of as being spammed on a lucky guess)

Isn't there an EXPN command that lists available users on an SMTP server,
that's usually disabled by default just for this reason?  Memory could be
bad on this one but it's something to look into.

Also, why would you be so suprised if spammers just tried every possible
combination of letters?  Hell, they're probably using someone else's
server (that they've cracked) so why should they worry about lots of
non-deliverables?

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EA535AB.5060104>