Microsoft KB Archive/289521

= XIMS: VRFY Command Does Not Work in Exchange 2000 or in Exchange 2003 =

Article ID: 289521

Article Last Modified on 10/25/2007

-

APPLIES TO


 * Microsoft Exchange Server 2003 Enterprise Edition
 * Microsoft Exchange Server 2003 Standard Edition
 * Microsoft Exchange 2000 Server Standard Edition

-



This article was previously published under Q289521



SYMPTOMS
In Exchange 2000 and in Exchange 2003, when you attempt to use the vrfy command to verify a user name, you receive an incorrect response and you do not receive any user information.



CAUSE
Even though the vrfy command is listed as a valid Simple Mail Transfer Protocol (SMTP) command, the functionality is not provided in Exchange 2000 or in Exchange 2003. When you run the command, Exchange 2000 and Exchange 2003 do not initiate a directory lookup. This behavior is intended.

The vrfy command is a security leak; if a hacker uses this command, they are able to obtain a list of valid user names. They are then able to send large amounts of e-mail messages to the organization.



WORKAROUND
To configure Exchange 2000 and Exchange 2003 to respond correctly to a vrfy command, write a protocol event sink.



STATUS
This behavior is by design.



MORE INFORMATION
The vrfy command is one of the advanced SMTP command verbs (it is specified in the Request for Comments (RFC) 821). You can use the command to verify a user name. When you use the vrfy command, the string is a user name, and the response must include the mailbox of the user, and it may include the full name of a user.

In legacy versions of Exchange Server, you can add the EnableVRFY value to the following registry key to enable the functionality of the vrfy command:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIMC\Parameters

This registry key is implemented in Exchange Server 4.0 Service Pack 2 (SP2). However, in Exchange 2000 and in Exchange 2003, this registry key does not exist. Instead, the vrfy command is enabled by default.

The following excerpt from a telnet session shows how Exchange 2000 and Exchange 2003 respond to the vrfy command:

220 test.test.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.160

0 ready at Thu, 8 Feb 2001 11:34:39 +0100

ehlo

250-test.test.com Hello [ ]

250-TURN

250-ATRN

250-SIZE

250-ETRN

250-PIPELINING

250-DSN

250-ENHANCEDSTATUSCODES

250-8bitmime

250-BINARYMIME

250-CHUNKING

250-VRFY

250-X-EXPS GSSAPI NTLM LOGIN

250-X-EXPS=LOGIN

250-AUTH GSSAPI NTLM LOGIN

250-AUTH=LOGIN

250-XEXCH50

250-X-LINK2STATE

250 OK

vrfy user1

252 2.1.5 Cannot VRFY user, but will take message for user1@microsoft.com

vrfy user2

252 2.1.5 Cannot VRFY user, but will take message for user2@microsoft.com

In this scenario, user1 is a valid user and user2 is not. Therefore, this example shows that the vrfy command is not working.

When you run this command in Exchange Server 5.5, if the EnableVRFY value is set in the registry, you receive the following response:

vrfy user1

250 user1 user1@microsoft.com

vrfy user2

550 User unknown

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

155684 XFOR: IMC Support for VRFY Command

257569 XFOR: How to Turn Off ESMTP Verbs in Exchange 2000 Server

Keywords: kberrmsg kbprb KB289521

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.