ietf
[Top] [All Lists]

Re: [Fwd: [Asrg] Verisign: All Your Misspelling Are Belong To Us]

2003-09-16 09:21:49
James M Galvin wrote:
On Tue, 16 Sep 2003, Keith Moore wrote:

    verisign is masking the difference between a valid domain and
    NXDOMAIN for all protocols, all users, and all software.

If you read the Verisign documentation (which is quite excellent by the
way) on what they did and what they recommend you will see that they
thought about this.

In fact, the purpose of the Stubby SMTP daemon is to return a 550 for
non-existent recipient domains.

It is left as an exercise to the reader as to which is more efficient:
DNS NXDOMAIN or SMTP 550.

People, have you been reading the posts? The stubby SMTP daemon is not an SMTP server, it is simply a program that returns the following set of responses TO ANYTHING THAT IS PASSED TO IT.

----------snip---------
220 snubby2-wceast Snubby Mail Rejector Daemon v1.3 ready
blah
250 OK
blah
250 OK
blah
550 User domain does not exist.
blh
250 OK
blah
221 snubby2-wceast Snubby Mail Rejector Daemon v1.3 closing transmission channel
----------snip---------

That means that if the SMTP sender issues a RSET command after HELO, they will not get a 550 error code for the RCPT TO command, but rather for the MAIL FROM command as follows:

----------snip---------
220 snubby4-wceast Snubby Mail Rejector Daemon v1.3 ready
EHLO someone.com
250 OK
RSET
250 OK
MAIL FROM:<someone(_at_)somewhere(_dot_)com>
550 User domain does not exist.
RCPT TO:<someone(_at_)somewhere(_dot_)com>
250 OK
DATA
221 snubby4-wceast Snubby Mail Rejector Daemon v1.3 closing transmission channel
----------snip---------




<Prev in Thread] Current Thread [Next in Thread>