Re: [Full-disclosure] What makes Yahoo! a good merger candidate?

--On Wednesday, February 06, 2008 11:58:31 +0100 Vincent van Scherpenseel
<mailinglists@xxxxxxxxxxx> wrote:

So, what do you do when you want to report something like this? In fact
I'm doing them a favor by reporting but all I got is this lousy
response. I'll have to think twice about reporting something like this
next time...

Does anyone know an Yahoo! security contact that actually does his job?


You do this the old fashioned way.

# dig -t MX yahoo.com

; <<>> DiG 9.3.3 <<>> -t MX yahoo.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10018
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 7, ADDITIONAL: 14

;; QUESTION SECTION:
;yahoo.com. IN MX

;; ANSWER SECTION:
yahoo.com. 1058 IN MX 1 g.mx.mail.yahoo.com.
yahoo.com. 1058 IN MX 1 a.mx.mail.yahoo.com.
yahoo.com. 1058 IN MX 1 b.mx.mail.yahoo.com.
yahoo.com. 1058 IN MX 1 c.mx.mail.yahoo.com.
yahoo.com. 1058 IN MX 1 d.mx.mail.yahoo.com.
yahoo.com. 1058 IN MX 1 e.mx.mail.yahoo.com.
yahoo.com. 1058 IN MX 1 f.mx.mail.yahoo.com.

# telnet f.mx.mail.yahoo.com 25
Trying 209.191.88.247...
Connected to f.mx.mail.yahoo.com.
Escape character is '^]'.
220 mta378.mail.mud.yahoo.com ESMTP YSmtp service ready
EHLO hostname.utdallas.edu
250-mta378.mail.mud.yahoo.com
250-8BITMIME
250-SIZE 31981568
250 PIPELINING
MAIL FROM: testing@xxxxxxxxxxxx
501 Syntax error in parameters or arguments
MAIL FROM: <testing@xxxxxxxxxxxx>
250 sender <testing@xxxxxxxxxxxx> ok
RCPT TO: abuse@xxxxxxxxx
501 Syntax error in parameters or arguments
RCPT TO: <abuse@xxxxxxxxx>
250 recipient <abuse@xxxxxxxxx> ok
RCPT TO: <security@xxxxxxxxx>
250 recipient <security@xxxxxxxxx> ok
RCPT TO: <support@xxxxxxxxx>
250 recipient <support@xxxxxxxxx> ok
RCPT TO: <mail-abuse@xxxxxxxxx>
250 recipient <mail-abuse@xxxxxxxxx> ok
quit
221 mta378.mail.mud.yahoo.com
Connection closed by foreign host.

Pick your poison.

--
Paul Schmehl (pauls@xxxxxxxxxxxx)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: TCPIP V5.4, SMTP & non-existant users
    ... > clean out the mail files every day or two (and I had to write a ... RCPT TO: antinode.orgsms@antinode.org ... Recipient OK ... Invalid names longer than 12 characters are OK. ...
    (comp.os.vms)
  • Re: Invalid RCPT TO: list
    ... formatted recipient list, so I think you are confusing two logs. ... You said you saw outbound logs with correct RCPT TO commands; ... I am saying that an MTA may indeed "massage" misformatted inbound ...
    (microsoft.public.inetserver.iis.smtp_nntp)
  • Re: Invalid RCPT TO: list
    ... RCPT TO: ... being delivered to the final recipient (which was your original ... does the MTA at Server3 see? ... failed/successful delivery to each recipient is separately tracked. ...
    (microsoft.public.inetserver.iis.smtp_nntp)
  • Re: [Full-disclosure] Re: User Enumeration Flaw
    ... Most MTAs implement tarpitting of some sort, to limit VRFY or RCPT commands from a perticular IP to a certian threshold, before they start slowing them down. ... There are also ways to silently drop a session for a recipient that isn't in an external database -- and while this breaks the RFC, ... Connection closed by foreign host. ... What would happen if Al-Qaeda could figure out that there was a president in the whitehouse? ...
    (Full-Disclosure)
  • Re: Multiple email addresses not working
    ... To reproduce this; ... Select a recipient that you know has multiple email addresses associated with it (make sure your address book preview is active on the mini address book that pops up when adding a recipient( ... I'm reporting this to Microsoft. ... Entourage Help Blog ...
    (microsoft.public.mac.office.entourage)