LevelBlue + SentinelOne: Global Partnership to Deliver AI-Powered Managed Security Operations and Incident Response. Learn More

Government
Contact Us
Login

USM Anywhere Login

Fusion Platform Login

Support Downloads/Forums Login

MailMarshal Cloud Login
Incident Response

Experiencing a security breach?

Access immediate incident response support, available 24/7

Get Immediate Assistance

Recommended Actions

Incident Response

Incident Response

Experiencing a security breach?

Access immediate incident response support, available 24/7

Get Immediate Assistance

Recommended Actions
Submit RFP
Government
Contact Us
Login

login

USM Anywhere Login

Fusion Platform Login

Support Downloads/Forums Login

MailMarshal Cloud Login

LevelBlue + SentinelOne: Global Partnership to Deliver AI-Powered Managed Security Operations and Incident Response. Learn More

Cyber Advisory

Managed Cloud Security

Data Security

Managed Detection & Response

Email Security

Managed Network Security

Exposure Management

Security Operations Platforms

Incident Readiness & Response

SpiderLabs Threat Intelligence

View All Services

BY INDUSTRY

BY REGULATION

BY TOPIC

Offensive Security

Solutions to maximize your security ROI

Operational Technology

End-to-end OT security

Microsoft Security

Unlock the full power of Microsoft Security

Securing the IoT Landscape

Test, monitor and secure network objects

About Us

We reduce cyber risk and build resilience

Awards and Accolades

The most recognized cybersecurity leader

LevelBlue SpiderLabs

Elite global threat experts and intelligence

PGA of America Partnership

Cybersecurity at the championship level

Secure What's Next

Future-proof your organization

LevelBlue Security Operations Platforms

Unprecedented security visibility and control

Security Colony

Cybersecurity threat protection resources

SentinelOne

Advancing integrated, intelligence‑driven security operations

Microsoft

Unlock the full power of Microsoft Security

Technology Alliance Partners

Key alliances who align and support our ecosystem of security offerings

Partner Portal

Register

Login

BLOGS

UPCOMING

MEDIA & ASSETS

NOTICES

HELP

Loading...

Loading...

LevelBlue Knowledge Base

KB Home Search Latest Additions Most Popular

Knowledgebase

Home » Knowledgebase » MailMarshal (SEG) » INFO: Is MailMarshal vulnerable to attacks using VRFY, EXPN, or...

INFO: Is MailMarshal vulnerable to attacks using VRFY, EXPN, or other SMTP commands?

Expand / Collapse

Show/Hide Article Tools

This article applies to:

MailMarshal (SEG)

Question:

How does SEG/MailMarshal reply to the SMTP VRFY or EXPN commands?
Does MailMarshal take any action on repeated bad SMTP commands?

Information:

MailMarshal always responds to VRFY with the ambiguous SMTP response "252 user appears to be valid". Outside applications cannot harvest address information using this command.
MailMarshal does not support EXPN.
MailMarshal has a default mechanism to recognize and restrict excessive repeated requests or nonsense commands. Customers can contact Technical Support for details if required.

Notes:

See also the DHA and DoS attack prevention features documented in the MailMarshal User Guide.

To contact LevelBlue about this article or to request support:

Create a case through the Fusion portal (U.S. Government customers, use the TGS Fusion portal).
Call us on a local phone number.

Rate this Article:

Add Your Comments

Comment submission is disabled for anonymous users.
Please send feedback to Trustwave Technical Support or the Webmaster.

Execution: 0.094. 10 queries. Compression Disabled.

Powered by InstantKB.NET