Intrusion Prevention

vrfy_cmd

Description

It indicates a VRFY command is sent, a possible scanning attack via VRFY to obtain user information.

Affected Products

Any unprotected SMTP server is vulnerable to the attack.

Impact

Attackers may gain user information to prepare for further attacks.

Recommended Actions

Carefully examine the source of the cause, and determine if the system is under attack.