[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] VRFY root [rejected]

Subject: Re: [cobalt-security] VRFY root [rejected]
From: Jaana Jarve <netcat@xxxxxxxxx>
Date: Fri, 11 Apr 2003 15:44:56 +0300 (EEST)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Fri, 11 Apr 2003, Robbert Hamburg (HaVa Web- & Procesdesign) wrote:

> I just received this in my portsentry details
>
> Apr 11 11:18:26 server4 sendmail[7129]: h3B9IKc07129:
> d033.dhcp212-198-107.noos.fr [212.198.107.33]: VRFY root [rejected]
> Apr 11 11:18:31 server4 sendmail[7130]: h3B9IQc07130:
> d033.dhcp212-198-107.noos.fr [212.198.107.33]: EXPN root [rejected]
>
> Can someone shed some light on this ??

this is your sendmail log, VRFY (verify) and EXPN (expand) are SMTP
commands, and 212.198.107.33, simply put, is snooping to see if root
exists and whom his mail gets delivered to.

RFC2821 is recommended reading...

rgds,
netcat

References:
- [cobalt-security] VRFY root [rejected]
  - From: Robbert Hamburg \(HaVa Web- & Procesdesign\)

Prev by Date: [cobalt-security] VRFY root [rejected]
Next by Date: Re: [cobalt-security] VRFY root [rejected]
Previous by thread: [cobalt-security] VRFY root [rejected]
Next by thread: Re: [cobalt-security] VRFY root [rejected]

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index