Timing and protocol defects

From ASRG
Revision as of 09:08, 15 March 2008 by Randy (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Anti-spam technique: Timing and protocol defects
Date of first use:
Effectiveness: High
Popularity: Medium
Difficulty of implementation: Low
Where implemented: MTA
Harm: Low


SMTP requires that clients wait for a 2xx response to the HELO or EHLO command before proceeding. One ant-spam technique, known as a premature pipeline check pr early talking', detects extra data in the input buffer prior to the server sending the HELO/EHLO response, or prior to any command if the server hasn't offered the PIPELINEING extension.

Other protocol defects include:

  • Sending MAIL FROM without first sending HELO or EHLO
  • Omitting the angle brackets required in MAIL FROM and RCPT TO
  • Adding a space after the colon in MAIL FROM or RCPT TO
  • Syntactically invalid HELO/EHLO name

If such data is found, the client has failed the test. The server might then reject the message, close the connection, blacklist the client, etc.

Retrieved from "https://wiki.asrg.sp.am/index.php?title=Timing_and_protocol_defects&oldid=1477"