[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Is the .to (Tonga) domain completely rogue and should be removed?
- To: [email protected]
- Subject: Re: Is the .to (Tonga) domain completely rogue and should be removed?
- From: Anonymous <[email protected]>
- Date: Sat, 3 Oct 1998 20:41:20 +0200
- Comments: This message did not originate from the Sender address above.It was remailed automatically by anonymizing remailer software.Please report problems or inappropriate use to theremailer administrator at <[email protected]>.
- Sender: [email protected]
Read RFC 1123, section 5.2.3.
5.2.3 VRFY and EXPN Commands: RFC-821 Section 3.3
A receiver-SMTP MUST implement VRFY and SHOULD implement EXPN
(this requirement overrides RFC-821). However, there MAY be
configuration information to disable VRFY and EXPN in a
particular installation; this might even allow EXPN to be
disabled for selected lists.
A new reply code is defined for the VRFY command:
252 Cannot VRFY user (e.g., info is not local), but will
take message for this user and attempt delivery.
DISCUSSION:
SMTP users and administrators make regular use of these
commands for diagnosing mail delivery problems. With the
increasing use of multi-level mailing list expansion
(sometimes more than two levels), EXPN has been
increasingly important for diagnosing inadvertent mail
loops. On the other hand, some feel that EXPN represents
a significant privacy, and perhaps even a security,
exposure.
VRFY is hardly an "incorrect SMTP command."
>Your reasoning as to why its responses to incorrect SMTP
>commands constitutes evidence that the .TO domain is "negligent",
>"mismanaged" and "an attractive resource for criminal activities"
>is ironically incorrect. In fact, having an *unsecured* port 25 open to mail
>relaying would be negligent.
>Best regards,
>- Eric Gullichsen
> Tonic Corporation
> Kingdom of Tonga Network Information Center
> http://www.tonic.to
> Email: [email protected]