Spam to this list

Alun auj at
Tue Apr 19 08:02:54 GMT 2005

Shachar Shemesh <rsync at> said, in message
426425C3.20407 at

> Reject codes were very common once. Then they were recommended
> against.  They were recommended against for a reason, that reason
> being that they  expose the user base to password and other guessing.

Who recommended this?!

What on earth makes you think that a 5xx return code lets you
determine either usernames or passwords while a generated bounce
doesn't? On all the mail administrators' mailing lists I'm on, people
always recommend using 5xx in preference to sending a bounce, for all
the obvious reasons. If SpamCop is now listing people who send
collateral spam, I think that's no bad thing.  It'll certainly cut
down the number of Joe Jobs I end up on the receiving end of...

I know a determined attacker could conceivably probe the existance of
addresses using a dictionary attack and looking at the *text*
following the 5xx response, but this is hard work for the attacker and
very easy to prevent at the server (for example, after 5 invalid RCPT
TO: addresses in a single message, will respond "Too many
invalid addresses" unconditionally. Throw in a teergrube and they can
spend weeks doing what a google search could achieve in seconds).


Alun Jones                       auj at
Systems Support,                 (01970) 62 2494
Information Services,
University of Wales, Aberystwyth

More information about the rsync mailing list