Re: [Exim] vulnerabilities

Pàgina inicial
Aquest missatge és part del següent fil:
M----+\l'arbre de fils complet ordenat per data
M....MMAnand Buddhdev en <-
M+++\Marc Peiser en ->
Delete this message
Reply to this message
Autor: John Burnham
Data:  
A: exim mailing list
Assumpte: Re: [Exim] vulnerabilities
> Hi there,
>
> I would like to disable features like EHLO, RCPT, VRFY and EXPN which
may
> enable hackers to gain information. Would you say this is a bad idea?
> If not, how do I go about doing this?
>
vrfy and expn - yeah, turn them off if you want. To turn off vrfy set
smtp_verify = false
in your exim config file (it defaults to false these days though....).
As for expn the config value
smtp_expn_hosts (which is a host list type)
is what you're looking for. This is unset by default....
But disabling EHLO and RCPT is probably not a good idea.....
John




Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-Re: [Exim] vulnerabilitiesRe: [Exim] vulnerabilities->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)