Creative Spammers finding out valid accounts on my mail server!

[Gerard]

In article <uirn3hm5j1im3b na corp.supernews.com>,
 ajackson na webmagic.com (Adam Jackson) wrote:

> Hi everybody,
> I run a mail server that handles mail for multiple domains. Somehow, a spammer
> is obtaining a list of valid mail accounts on my sendmail server and
> addressing his spam messages to only those accounts. Many of these accounts
> mail accounts have never been used by a person and are not posted around the
> internet anywhere, which leads me to believe there is a way for an outsider to
> query my mail server for a list of valid mail accounts.
> Has anyone heard of this?
> 
> Thank you in advance!
> Adam
> 
> 

Turn off your 'vrfy' and 'expn' function in sendmail.
turn off 'finger' on the system

In sendmail vrfy doesn't tend to log anything. A spammer can use a bot 
to generate email addresses and send them to your server with a vrfy 
commmand. You server then politely replies with "ok" or "no user". 
Gather up all the OKs and you can then send a ton of mail without 
generating any errors or bounces.

Such a bot can use first names and common last names alone, in 
conjunction with each other, or ap/prepended with a single letter. I've 
run such a bot on several servers with open 'vrfy' commands and can 
garner from 1000 to 9000 email addresses in just a few hours. I then 
send the list to postmaster and explain they may want to disable that 
feature.
-- 
What color is clear?