Re: TCPIP V5.4, SMTP & non-existant users

From: Steven M. Schweda (sms_at_antinode.org)
Date: 10/10/05 

Date: Mon, 10 Oct 2005 10:47:55 -0500 (CDT)

From: JORDAN <rjordan@mindspring.com>

> I assume you restarted the SMTP services after modifying the config
> file? I know its working at our customer sites because I was having to
> clean out the mail files every day or two (and I had to write a
> reversion utility too), but after turning on that option the problems
> cleared up almost completely.

   I always restart SMTP after changing SMTP.CONFIG. I even have a
SMTP_RESTART.COM for the purpose.

> Try sending mail from an external source to bogus email addresses on
> your node and see what happens. This is what I get [...]

   I think that you'll enjoy this. First try:

RCPT TO: 1234567890@antinode.org
550 < 1234567890@antinode.org> ... Addressee undeliverable

So it _does_ work. But why am I getting all the junk bounces? Well,
let's try a more realistic test (bad address extraction typical of some
of the junk mail distributors):

RCPT TO: antinode.orgsms@antinode.org
250 < antinode.orgsms@antinode.org>... Recipient OK

Or, one of the Korean drug dealer's (many forged) addresses:

RCPT TO: farwredjulianna@antinode.org
250 < farwredjulianna@antinode.org>... Recipient OK

So it really _doesn't_ work. Hmmm.

RCPT TO: grrrrrrrrrrr@antinode.org
550 < grrrrrrrrrrr@antinode.org> ... Addressee undeliverable

RCPT TO: grrrrrrrrrrrr@antinode.org
250 < grrrrrrrrrrrr@antinode.org>... Recipient OK

And now it becomes clear. Invalid names no longer than 12 characters
are undeliverable. Invalid names longer than 12 characters are OK.

   I'm sure glad that someone added this helpful feature. Now, if only
we could get the junk e-mailers to cooperate by using suitably short
randomly generated names ...

   If the longest valid name is 12 characters long, why would we think
that a longer name is "OK"? ARRGH! Who tests this stuff?

   If someone whips out a quick fix for this, I'd be happy to give it a
try. Just as a reminder:

alp $ tcpip show version

  HP TCP/IP Services for OpenVMS Alpha Version V5.4 - ECO 5
  on a COMPAQ Professional Workstation XP1000 running OpenVMS V7.3-2

------------------------------------------------------------------------

   Steven M. Schweda (+1) 651-699-9818
   382 South Warwick Street sms@antinode-org
   Saint Paul MN 55105-2547

Relevant Pages

  • Re: Invalid RCPT TO: list
    ... formatted recipient list, so I think you are confusing two logs. ... You said you saw outbound logs with correct RCPT TO commands; ... I am saying that an MTA may indeed "massage" misformatted inbound ...
    (microsoft.public.inetserver.iis.smtp_nntp)
  • Re: [Full-disclosure] Re: User Enumeration Flaw
    ... Most MTAs implement tarpitting of some sort, to limit VRFY or RCPT commands from a perticular IP to a certian threshold, before they start slowing them down. ... There are also ways to silently drop a session for a recipient that isn't in an external database -- and while this breaks the RFC, ... Connection closed by foreign host. ... What would happen if Al-Qaeda could figure out that there was a president in the whitehouse? ...
    (Full-Disclosure)
  • Re: Invalid RCPT TO: list
    ... RCPT TO: ... being delivered to the final recipient (which was your original ... does the MTA at Server3 see? ... failed/successful delivery to each recipient is separately tracked. ...
    (microsoft.public.inetserver.iis.smtp_nntp)
  • Re: [Full-disclosure] What makes Yahoo! a good merger candidate?
    ... I'm doing them a favor by reporting but all I got is this lousy ... 501 Syntax error in parameters or arguments ... RCPT TO: ... 250 recipient ok ...
    (Full-Disclosure)
  • Re: TCPIP V5.4, SMTP & non-existant users
    ... > RCPT TO: 1234567890@antinode.org ... Invalid names longer than 12 characters are OK. ... The VMSMAIL_PROFILE.DATA has its primary key length of 31 bytes, ...
    (comp.os.vms)