Re: [NTISP] SMTP Abuse Alert - And the workaround for it.

Paul Kincaid-Smith ( Paul.Kincaid-Smith@software.com )
Fri, 12 Mar 1999 11:12:27 -0800

The backlash against this tool was so great it was taken off the market.
Now if only they could get back the copies already sold...

ISPS UNITE TO FEND OFF SPAM TOOL - Wired 3/11/99
<http://www.wired.com/news/news/technology/story/18383.html>

Some software is too effective for its own good. Take one tool used
by spammers to penetrate regional networks.

After receiving angry protests by Internet service providers, a
software publisher has discontinued a potent tool that collects the
email-address lists maintained by regional ISPs.

At 07:08 PM 3/10/99 -0500, you wrote:
>Well this has become a major problem. Companies abusing SMTP to scan for
>E-Mail addresses. Check on the link below to see if your Mail Server has
>been hardcoded into this SMTP E-Mail verify Scanner. If it has, I would
>strongly suggest switching to Mailsite 3.2.0 or equivelent with all the
>security features to verify mail servers.
>
>We have locked it down enabling all anti-spam features and we even found
>hundreds of domains with Poorly implemented DNS Records. There are
>basically no reverse lookups for a lot of doamins we got requests from.
>each day I produce about 10mb of logs of failed mail deliveries due to the
>Reverse DNS Lookup of the sending mailserver.
>
>
>Rudy Komsic - President
>Cyberglobe Communications Inc.
>
>
>> -----Original Message-----
>> From: Bugtraq List [mailto:BUGTRAQ@NETSPACE.ORG] On Behalf Of Frank
>> Miller
>> Sent: March 10, 1999 2:25 PM
>> To: BUGTRAQ@NETSPACE.ORG
>> Subject: SMTP Abuse - Extracted domains from glpro.exe application
>>
>>
>> Per request, the following URL lists domains hardcoded into the glpro.exe
>> application (version 3.3 trail).
>>
>ftp://ftp.apaynet.com/pub/glpro/glpro.txt
>
>In summary, the glpro.exe application performs, as discussed, a dictionary
>based 'attack' upon MTA's (RCPT/MAIL) in order to obtain a list of addresses
>for UCE's. Approximately 4000 + domains (including isi.edu!!) was noted.
>
>Take care,
>
>Frank Miller
>
>
>For more information about this list, including removal,
>see this url: http://www.iea-software.com/maillist.html
>

-- Paul Kincaid-Smith                       Phone:  (805) 523-7760Software.com, Inc.                       Fax:    (805) 523-880113044 Silver Creek St.                   E-Mail: paul.kincaid@software.comMoorpark, CA 93021                       WWW:    http://www.software.com

Software.com, Inc. -- The Internet Infrastructure Company (tm)

For more information about this list, including removal,see this url: http://www.iea-software.com/maillist.html