[exim-dev] [Bug 2188] Moving recipient check last to mitigat…

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 2188] Moving recipient check last to mitigate brute-force address scan
https://bugs.exim.org/show_bug.cgi?id=2188

--- Comment #2 from Omega Software <development@???> ---
(In reply to Jeremy Harris from comment #1)
> They detected a valid recipient by spotting an SPF check being done?
>
> Otherwise I'm not understanding. You show four rejections, no acceptances.


Yes. They tried hundreds of addresses. When they get "Unroutable address" it
means the address doesn't exist. When they get failure from another check (in
this case SPF, but in the sample config it would be DNSBL) it means the address
is valid.

If recipient verification were performed last, this kind of scan wouldn't be
possible unless they succeed at passing the other checks, which is kind of hard
for them as precisely the goal of those checks is to detect them.

--
You are receiving this mail because:
You are on the CC list for the bug.