Microsoft KB Archive/289521

From BetaArchive Wiki
< Microsoft KB Archive
Revision as of 17:32, 18 July 2020 by 3155ffGd (talk | contribs) (importing KB archive)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Knowledge Base


Article ID: 289521

Article Last Modified on 10/25/2007


APPLIES TO

  • Microsoft Exchange Server 2003 Enterprise Edition
  • Microsoft Exchange Server 2003 Standard Edition
  • Microsoft Exchange 2000 Server Standard Edition


This article was previously published under Q289521

SYMPTOMS

In Exchange 2000 and in Exchange 2003, when you attempt to use the vrfy command to verify a user name, you receive an incorrect response and you do not receive any user information.

CAUSE

Even though the vrfy command is listed as a valid Simple Mail Transfer Protocol (SMTP) command, the functionality is not provided in Exchange 2000 or in Exchange 2003. When you run the command, Exchange 2000 and Exchange 2003 do not initiate a directory lookup. This behavior is intended.

The vrfy command is a security leak; if a hacker uses this command, they are able to obtain a list of valid user names. They are then able to send large amounts of e-mail messages to the organization.

WORKAROUND

To configure Exchange 2000 and Exchange 2003 to respond correctly to a vrfy command, write a protocol event sink.

STATUS

This behavior is by design.

MORE INFORMATION

The vrfy command is one of the advanced SMTP command verbs (it is specified in the Request for Comments (RFC) 821). You can use the command to verify a user name. When you use the vrfy command, the string is a user name, and the response must include the mailbox of the user, and it may include the full name of a user.

In legacy versions of Exchange Server, you can add the EnableVRFY value to the following registry key to enable the functionality of the vrfy command:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIMC\Parameters


This registry key is implemented in Exchange Server 4.0 Service Pack 2 (SP2). However, in Exchange 2000 and in Exchange 2003, this registry key does not exist. Instead, the vrfy command is enabled by default.

The following excerpt from a telnet session shows how Exchange 2000 and Exchange 2003 respond to the vrfy command:

220 test.test.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.160
0 ready at Thu, 8 Feb 2001 11:34:39 +0100
ehlo
250-test.test.com Hello [xxx.xxx.xxx.xxx]
250-TURN
250-ATRN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-X-EXPS GSSAPI NTLM LOGIN
250-X-EXPS=LOGIN
250-AUTH GSSAPI NTLM LOGIN
250-AUTH=LOGIN
250-XEXCH50
250-X-LINK2STATE
250 OK
vrfy user1
252 2.1.5 Cannot VRFY user, but will take message for user1@microsoft.com
vrfy user2
252 2.1.5 Cannot VRFY user, but will take message for user2@microsoft.com


In this scenario, user1 is a valid user and user2 is not. Therefore, this example shows that the vrfy command is not working.

When you run this command in Exchange Server 5.5, if the EnableVRFY value is set in the registry, you receive the following response:

vrfy user1
250 user1 user1@microsoft.com
vrfy user2
550 User unknown


For additional information, click the article number below to view the article in the Microsoft Knowledge Base:

155684 XFOR: IMC Support for VRFY Command


257569 XFOR: How to Turn Off ESMTP Verbs in Exchange 2000 Server


Keywords: kberrmsg kbprb KB289521



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/289521&oldid=158133
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki