Claus Assmann writes:
On Fri, Oct 22, 2004, Arnt Gulbrandsen wrote:
Step 1. I'd send five messages to nosuchuser(_at_)do(_dot_)ma(_dot_)in and wait for
the bounces. For each of them, I'd compute the delay from my
sending time (using my clock) to the receiving MTA's receive time.
Next, I'd average the five values.
Where do you get the time of the server? Many MTAs don't accept mail
for unknown recipients, so it's your MTA that generates the bounce.
I don't suppose it matters, since even in the best case, there's very
little entropy in the time-date value, so id has to be better.
But since you ask: Usually I can get time and timezone from the SMTP
server's banner. I can also often guess based on its geographical
location (which I can guess from IP address). This won't get me the
delay, but if all I want is to spam n million recipients, assuming
[1,15> is pretty good. Few MTAs are faster, few are slower.
Arnt