Title: NTMail VRFY Vulnerability
Severity: MODERATE
Description:
The VRFY command in ESMTP servers is an easy way for spammers to collect email adresses. Connecting to an ESMTP server and issuing a VRFY command with an email address will return a result of either 250 (address exists) or 557 (address does not exist). By sending multiple VRFY requests with arbitrary strings it is possible to generate a list of email addresses that are valid on the server, to be used for spam or as a basis for brute-force password attacks later.
NTMail has an option to disable the VRFY command, but it does not in fact do anything. even if set to 'disable' the server will still processs and respond to VRFY requests.
Affected Products:
- Gordano NTMail 4.0.0
- Gordano NTMail 4.2.0
- Gordano NTMail 4.3.0
References:
- Gordano: NTMail Home Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
