this post was submitted on 22 Jun 2024
25 points (87.9% liked)

Linux

5237 readers
236 users here now

A community for everything relating to the linux operating system

Also check out !linux_memes@programming.dev

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 1 year ago
MODERATORS
 

I know this is basically a spam tool.

I think to know that you can query some info from a mailserver to test if an address exists.

I would like to find hidden addresses of some companies, for example I want to test if info@companyname.com exists.

Anyone know how to do that?


Update

I learned quite a bit

  • Mailserver block the requests that are used to get a list of inboxes ("accounts")
  • many servers will block mailservers that are not on an allowlist
  • many servers will block servers, if mails were sent to nonexistent addresses a couple of times
  • the message "recipient not known" will not appear often, as servers may "black hole" a senders mail and cut off the connection without sending the status message back
you are viewing a single comment's thread
view the rest of the comments
[โ€“] Max_P@lemmy.max-p.me 9 points 4 months ago (1 children)

On top of everything the others have said, another way this isn't possible reliably is servers that just accept all email and forward it to a catchall address.

Some also have trap addresses where sending email to it will result in putting that address directly into the spam filter and everything coming from it feeds into training the spam filter. I'm an individual, not a company, so all the common IT, HR, support, press, sales, whatever addresses are traps.

When websites force me to enter an email, I enter one of the traps so everything they send me and everyone they share that email with gets the banhammer instantly, and I can track which asshole website did that to me as well.

[โ€“] boredsquirrel@slrpnk.net 1 points 4 months ago

Very smart. Learned something.

Many many company mains are standard, which is interesting as they will get tons of spam.

But makes sense that this is not a good way, that the tools for scanning for available addresses are blocked and that there are even honeypots.