Timing and protocol defects: Difference between revisions
From ASRG
Jump to navigationJump to search
No edit summary |
No edit summary |
||
(4 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
SMTP requires that clients wait for a 2xx response to the HELO or EHLO command before proceeding. One ant-spam technique, known as a ''premature pipeline check, | {{ast | ||
|date= | |||
|difficult=Low | |||
|popular=Medium | |||
|effective=High | |||
|harm=Low | |||
|where=MTA | |||
}} | |||
SMTP requires that clients wait for a 2xx response to the HELO or EHLO command before proceeding. One ant-spam technique, known as a ''premature pipeline check'' pr ''early talking', detects extra data in the input buffer prior to the server sending the HELO/EHLO response, or prior to any command if the server hasn't offered the PIPELINEING extension. | |||
Other protocol defects include: | |||
*Sending MAIL FROM without first sending HELO or EHLO | |||
*Omitting the angle brackets required in MAIL FROM and RCPT TO | |||
*Adding a space after the colon in MAIL FROM or RCPT TO | |||
*Syntactically invalid HELO/EHLO name | |||
If such data is found, the client has failed the test. The server might then reject the message, close the connection, blacklist the client, etc. |
Latest revision as of 08:08, 15 March 2008
Anti-spam technique: Timing and protocol defects | |
---|---|
Date of first use: | |
Effectiveness: | High |
Popularity: | Medium |
Difficulty of implementation: | Low |
Where implemented: | MTA |
Harm: | Low |
SMTP requires that clients wait for a 2xx response to the HELO or EHLO command before proceeding. One ant-spam technique, known as a premature pipeline check pr early talking', detects extra data in the input buffer prior to the server sending the HELO/EHLO response, or prior to any command if the server hasn't offered the PIPELINEING extension.
Other protocol defects include:
- Sending MAIL FROM without first sending HELO or EHLO
- Omitting the angle brackets required in MAIL FROM and RCPT TO
- Adding a space after the colon in MAIL FROM or RCPT TO
- Syntactically invalid HELO/EHLO name
If such data is found, the client has failed the test. The server might then reject the message, close the connection, blacklist the client, etc.