Firewalls: Re: None

Firewalls
(December 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: None
From:	Dan Simoes <dans @ ans . net>
Date:	Fri, 6 Dec 1996 15:06:22 -0500 (EST)
To:	wombat @ mcfeely . bsfs . org (Rabid Wombat)
Cc:	toon @ cem-bb . e-mail . com, firewalls @ GreatCircle . COM
In-reply-to:	<Pine . BSF . 3 . 91 . 961206123549 . 5157A-100000 @ mcfeely . bsfs . org> from "Rabid Wombat" at Dec 6, 96 12:42:17 pm

> Verify: determines if the username you've spcified exists
> Expand: determines which usernames will recivie the mial sent to the 
> address specified - for example, the account "root" might expand to 
> usernames "bob" and "alice" if they are the sysadmins, and don't want to 
> log in as "root" to check for root mail.

Also, the expn command can be used to expand the addresses contained
in a mailing list, including a majordomo list if you know how
those are typically set up, even if you have defined the list
as a "private" list (meaning only list members get to see who else
is on the list).

EXPN also will show you where mail filters and forwarders are in
place, exposing possible holes.

Leaving VRFY on allows legitimate users to verify that an address
is a valid one, but EXPN gives you much, much more information.
I generally turn off EXPN on all machines and leave VRFY on.

| Dan |
-- 
Dan Simoes			          dans @
 ans .
 net
ANS 				http://coimbra.ans.net/dans.html
100 Clearbrook Road  			(914) 789-5378 (voice)
Elmsford, NY 10523			(914) 789-5310 (fax)

References:

Re: None
From: Rabid Wombat <wombat @ mcfeely . bsfs . org>

Indexed By Date	Previous:	Re: your mail From: "R. E. Paret" <rparet @ trumpet . aix . calpoly . edu>
Indexed By Date	Next:	take off me from the list From: Emes <pisarski @ lodz . pdi . net>
Indexed By Thread	Previous:	Re: None From: Rabid Wombat <wombat @ mcfeely . bsfs . org>
Indexed By Thread	Next:	Re: None From: "Joseph W. Stroup" <nettech @ crl . com>