Path: cr.yp.to!not-for-mail
From: djb@cr.yp.to (D. J. Bernstein)
Message-ID: <2000Apr223.10.59.23808@cr.yp.to>
Date: 2 Apr 2000 23:10:59 GMT
Newsgroups: comp.mail.misc,comp.mail.sendmail,comp.security.unix
Subject: *.com mail exchanger survey
Organization: IR

I looked up the mail exchangers for a 1/256 sample of all second-level
*.com domains. I found 12595 different IP addresses. Note that this is
not the same as a 1/256 sample of IP addresses.

I tried to connect to each address at the SMTP port. I obtained
connections to 11460 servers.

I then sent a series of SMTP commands to each server, and fed the
responses through a script that guesses what SMTP software is running on
each host. Some comments on the results:

   * UNIX is the most common operating system. 65% of the servers are
     running UNIX-only software; 22% are running Windows-only software;
     8% provide responses consistent with both UNIX and Windows.

   * The Sendmail company claims on its web pages that Sendmail ``powers
     over 75 percent of Internet mail servers.'' That claim is false;
     the number comes from some surveys I did a few years ago. However,
     Sendmail is still used on more than half of the servers.

   * Most of the Sendmail servers announce version numbers known to have
     security holes, in some cases remotely exploitable. Very few
     servers are running the most recent free version of Sendmail, or
     any commercial version of Sendmail. Apparently most Sendmail users
     simply take what comes with the operating system.

Here are the software tallies:

   54.5%  6247  UNIX Sendmail
    9.2%  1057  Windows Ipswitch IMail
    5.7%   650  Windows Microsoft Exchange
    5.3%   607  UNIX qmail
    4.1%   472  UNIX/Windows Software.com Post.Office
           294  not sure
           231  UNIX Exim
           168  Windows Gordano NTMail
           148  UNIX/Windows Netscape Messaging Server
           134  MacOS Eudora Internet Mail Server, formerly AIMS
           122  UNIX IBM Postfix, formerly VMailer
           119  Windows Microsoft SMTP MAIL
           106  Windows Seattle Lab SLmail
           100  Windows Rockliffe MailSite
            98  Windows Sendmail
            64  UNIX/Windows NetWin Dmail
            58  UNIX Zmailer
            57  Windows SmartMax MailMax
            50  UNIX/Windows Groupwise
            49  Windows Deerfield.com MDaemon
            48  Windows Atrium MERCUR
            42  UNIX/Windows DatCon IMS
            36  Windows Eudora Worldmail
            35  Windows Vircom VOP Mail
            31  MacOS Stalker Internet Mail Server
            31  UNIX/Windows Stalker CommuniGate
            29  UNIX InterMail
            29  UNIX smap
            29  UNIX/Windows Lotus SMTP MTA
            27  UNIX Smail
            21  UNIX/Windows Lotus Domino
            21  unknown (*****)
            20  MacOS Starnine WebSTAR Mail
            19  UNIX cmap
            16  UNIX RS
            16  UNIX/Windows Check Point firewall
            15  UNIX eSoft IPAD firewall
            15  Windows Isocor N-PLEX
            13  UNIX TNSoft Internet Anywhere
            12  MacOS QuickMail
            11  MacOS AppleShare
            11  UNIX MMDF
            11  UNIX/Windows Lyris MailShield
            11  UNIX/Windows Raptor firewall
             8  UNIX Sun Internet Mail Server
             8  VMS PMDF
             6  UNIX/Windows AltaVista firewall
             6  Windows InterScan VirusWall
             5  MacOS/Windows FirstClass
             5  Windows Mercury
             5  Windows NAI WebShield
             4  UNIX Obtuse SMTPD
             4  UNIX/Windows AltaVista Mail
             4  VMS MX
             4  Windows Floosietek FTGate
             4  Windows SYS InterChange
             3  Windows Worldgroup
             3  Windows cc:Mail
             2  UNIX/Windows GroupWise
             2  VMS Digital UCX
             2  Windows TFS Gateway
             2  Windows Tobit David
             1  AS/400 IBM SMTP
             1  CMS IBM VM SMTP
             1  Windows Nasta Gate

The patterns used by the script, expressed in awk format, are shown
below. Corrections and additions are welcome.

---Dan

/This SMTP server is a part of the InterMail E-mail system./ { print "UNIX InterMail"; next }
/Welcome to the Internet Anywhere Mail Server Version/ { print internetanywhere; next }
/ AppleShare IP Mail Server ..... SMTP Server Ready/ { print appleshare; next }
/ SMTP Service Ready .QuickMail Pro Server for Mac/ { print "MacOS QuickMail"; next }
/ AppleShare IP Mail Server ... SMTP Server Ready/ { print appleshare; next }
/ WebSTAR Mail Simple Mail Transfer Service Ready/ { print webstar; next }
/ -- Server ESMTP .Sun Internet Mail Server sims/ { print sims; next }
/MERCUR SMTP-Server .v.* for Windows NT ready at/ { print mercur; next }
/MERCUR SMTP-Server .v.* for Windows 95 ready at/ { print mercur; next }
/ Service ready by David PostMan .Tobit Software/ { print david; next }
/ ESMTP service ready .[0-9]*. using MDaemon v/ { print mdaemon; next }
/ Microsoft ESMTP MAIL Service, Version: 5.0/ { print exchange; next }
/Microsoft Exchange Internet Mail Connector/ { print exchange; next }
/MDaemon .* Help system currently inactive/ { print mdaemon; next }
/502 5.3.0 Sendmail .*HELP not implemented/ { print sendmail; next }
/ Mercury.32 [^ ]* SMTP.ESMTP server ready/ { print mercury; next }
/ WebShield SMTP V[^ ]* Network Associates/ { print "Windows NAI WebShield"; next }
/Microsoft Exchange Internet Mail Service/ { print exchange; next }
/CheckPoint FireWall-1 secure SMTP server/ { print checkpoint; next }
/ CommuniGate Pro SMTP closing connection/ { print communigate; next }
/Stalker Internet Mail Server .*is ready/ { print stalker; next }
/ ESMTP service ready .[0-9]*. MDaemon v/ { print mdaemon; next }
/  MAILsweeper ESMTP Receiver Version / { print raptor; next }
/ .MX V5.1-X V.... ESMTP server ready/ { print vmsmx; next }
/502 Sendmail .*HELP not implemented/ { print sendmail; next }
/NT Server running Internet Shopper/ { print ntmail; next }
/  MailSite ESMTP Receiver Version / { print mailsite; next }
/http:..pobox.com..djb.qmail.html/ { print qmail; next }
/send comments to qmail@pobox.com/ { print qmail; next }
/Mercury 1\... ESMTP server ready/ { print mercury; next }
/Mercury 1\... SMTP server ready/ { print mercury; next }
/VOPMail ESMTP Receiver Version / { print vopmail; next }
/VOPmail ESMTP Receiver Version / { print vopmail; next }
/PC.TCP SMTPSRV by FTP Software/ { print "X PC/TCP SMTPSRV"; next }
/VOPMail SMTP Receiver Version / { print vopmail; next }
/Running on The Major BBS with / { print "X Major BBS"; next }
/ ESMTP .IPAD 2....... ready at/ { print ipad; next }
/ InterScan VirusWall NT ESMTP / { print "Windows InterScan VirusWall"; next }
/CommuniGate SMTPGate is ready/ { print communigate; next }
/FirstClass ESMTP Mail Server / { print firstclass; next }
/bugs to The Wollongong Group/ { print "X Wollongong SMTP"; next }
/Microsoft SMTP MAIL ready at/ { print "Windows Microsoft SMTP MAIL"; next }
/Eureka! Gold Internet Server/ { print "X Eureka! Gold Internet Server"; next }
/214-This is Sendmail version/ { print sendmail; next }
/ ESMTP server .Post.Office v/ { print postoffice; next }
/Eudora Internet Mail Server/ { print eims; next }
/ ESMTP .IPAD 2.... ready at/ { print ipad; next }
/Apple Internet Mail Server/ { print eims; next }
/ GroupWise Internet Agent / { print "UNIX/Windows Groupwise"; next }
/ ESMTP .IPAD 2... ready at/ { print ipad; next }
/ ESMTP .IPAD 1... ready at/ { print ipad; next }
/sendmail-bugs@sendmail.org/ { print sendmail; next }
/Ready for business. iSMTP/ { print "X iSMTP"; next }
/post.office E-mail system/ { print postoffice; next }
/Mercury SMTP server ready/ { print mercury; next }
/CommuniGate SMTP is ready/ { print communigate; next }
/Netscape Messaging Server/ { print netscape; next }
/ESMTP Service .Worldmail / { print worldmail; next }
/ESMTP Service .WorldMail / { print worldmail; next }
/TGV.MultiNet SMTP server/ { print multinet; next }
  /cc:Mail Link to SMTP R/ { print "Windows cc:Mail"; next }
/sendmail@CS.Berkeley.EDU/ { print sendmail; next }
/ ESMTP CommuniGate Pro / { print communigate; next }
/running IBM AS.400 SMTP/ { print "AS/400 IBM SMTP"; next }
/Mail.Link  SMTP Package/ { print "X Mail*Link"; next }
/FirstClass Mail Server / { print firstclass; next }
/This is Fwmail version / { print "X Fwmail"; next }
/ .Lotus Domino Release / { print domino; next }
/ .Lotus Domino Build v / { print domino; next }
/NetManage SMTP service/ { print "X NetManage SMTP service"; next }
/MailSite SMTP Receiver/ { print mailsite; next }
/Worldgroup SMTP server/ { print worldgroup; next }
/ESMTP Service .NPlex / { print nplex; next }
/Netscape Mail Server/ { print netscape; next }
/ SMTP Server SLmail / { print slmail; next }
/ DSMTP ESMTP Server / { print dmail; next }
/ dmail@netwin.co.nz / { print dmail; next }
/ InterChange ESMTP v/ { print interchange; next }
/ FTGate server ready/ { print "Windows Floosietek FTGate"; next }
/ InterChange SMTP v/ { print interchange; next }
/EMWAC SMTP Receiver/ { print "X EMWAC SMTP Receiver"; next }
/GroupWise SMTP.MIME/ { print "UNIX/Windows GroupWise"; next }
/ .Mail-Max Version / { print mailmax; next }
/Smtp Server SLMail/ { print slmail; next }
/MetaInfo Sendmail/ { print "Windows Sendmail"; next }
/Metainfo Sendmail/ { print "Windows Sendmail"; next }
/ Sendmail for NT / { print "Windows Sendmail"; next }
/IMS SMTP Receiver/ { print ims; next }
/running MailShare/ { print eims; next }
/ListSTAR Package/ { print "X ListSTAR"; next }
/ SMTP.cmap Ready/ { print cmap; next }
/ SMTP.cmap ready/ { print cmap; next }
/ MailShield SMTP/ { print mailshield; next }
/TGV MultiNet V/ { print multinet; next }
/AltaVista Mail/ { print "UNIX/Windows AltaVista Mail"; next }
/MindWire-SMTP / { print "X MindWire-SMTP"; next }
/Lotus SMTP MTA/ { print "UNIX/Windows Lotus SMTP MTA"; next }
/MX V.\..-. VAX/ { print vmsmx; next }
/\(PMDF#..... V/ { print "VMS PMDF"; next }
/ ESMTP Postfix/ { print postfix; next }
/ ESMTP VMailer/ { print postfix; next }
/post.office v/ { print postoffice; next }
/ SMTP RS ver / { print "UNIX RS"; next }
/Connect2-SMTP/ { print "X Connect2-SMTP"; next }
/ SMTP \(PMDF / { print "VMS PMDF"; next }
/MX V.\.. VAX/ { print vmsmx; next }
/TFS Gateway / { print tfs; next }
/MX V.\.. AXP/ { print vmsmx; next }
/Zachariassen/ { print "UNIX Zmailer"; next }
/Pony Express/ { print "X Pony Express"; next }
/SMTP.OpenVMS/ { print "VMS SMTP-OpenVMS"; next }
/ Smail ready/ { print smail; next }
/ \[Postfix\]/ { print postfix; next }
/IBM VM SMTP/ { print "CMS IBM VM SMTP"; next }
/ .MDaemon v/ { print mdaemon; next }
/ IMA SMTP / { print "X IMA SMTP"; next }
/NASTA Gate/ { print nasta; next }
/ NTMail .v/ { print ntmail; next }
/SMTP.smap/ { print "UNIX smap"; next }
/Smail-3.2/ { print smail; next }
/Smail 3.1/ { print smail; next }
/smail 3.1/ { print smail; next }
/Smail3.2/ { print smail; next }
/Smail3.1/ { print smail; next }
/SLmail95/ { print slmail; next }
/SLmailNT/ { print slmail; next }
/SLMAILNT/ { print slmail; next }
/Sendmail/ { print sendmail; next }
/PMDF V/ { print "VMS PMDF"; next }
/SMTPXD/ { print "UNIX/Windows AltaVista firewall"; next }
/IMail/ { print imail; next }
/Exim/ { print "UNIX Exim"; next }
/UCX / { print ucx; next }

/forging of mail requires recognizable SMTP/ { print "UNIX Obtuse SMTPD"; next }
/250 <> is syntactically correct..214-Commands supported:..214-/ { print "UNIX Exim"; next }
/ ESMTP.*250-PIPELINING..250-SIZE.*250-ETRN..250 8BITMIME..503 Duplicate HELO.EHLO.*502 Error: command not implemented/ { print postfix; next }
/ Server SMTP .Complaints.bugs to:  .*214 Send complaints.bugs to:  .* says goodbye to / { print "UNIX MMDF"; next }

/Sorry, you are not authorized to make this connection/ { print raptor; next }
/Sorry, unable to contact destination SMTP daemon/ { print raptor; next }
/Generic SMTP handler/ { print raptor; next }
/\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*/ { print "unknown (*****)"; next }