Timing and protocol defects: Difference between revisions
From ASRG
Jump to navigationJump to search
No edit summary |
mNo edit summary |
||
| Line 8: | Line 8: | ||
}} | }} | ||
SMTP requires that clients wait for a 2xx response to the HELO or EHLO command before proceeding. One ant-spam technique, known as a ''premature pipeline check'', detects extra data in the input buffer prior to the server sending the HELO/EHLO response. | SMTP requires that clients wait for a 2xx response to the HELO or EHLO command before proceeding. One ant-spam technique, known as a ''premature pipeline check'' pr ''early talking', detects extra data in the input buffer prior to the server sending the HELO/EHLO response, or prior to any command if the server hasn't offered the PIPELINEING extension. | ||
Other protocol defects include sending MAIL FROM with no HELO or EHLO, or omitting the angle brackets required in MAIL FROM and RCPT TO. | |||
If such data is found, the client has failed the test. The server might then reject the message, close the connection, blacklist the client, etc. | |||
Revision as of 23:55, 14 March 2008
| Anti-spam technique: Timing and protocol defects | |
|---|---|
| Date of first use: | |
| Effectiveness: | High |
| Popularity: | Medium |
| Difficulty of implementation: | Low |
| Where implemented: | MTA |
| Harm: | Low |
SMTP requires that clients wait for a 2xx response to the HELO or EHLO command before proceeding. One ant-spam technique, known as a premature pipeline check pr early talking', detects extra data in the input buffer prior to the server sending the HELO/EHLO response, or prior to any command if the server hasn't offered the PIPELINEING extension.
Other protocol defects include sending MAIL FROM with no HELO or EHLO, or omitting the angle brackets required in MAIL FROM and RCPT TO.
If such data is found, the client has failed the test. The server might then reject the message, close the connection, blacklist the client, etc.
