Re: [Exim] vulnerabilities

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Marc Peiser
日付:  
To: John Burnham
CC: Anand Buddhdev, Steve Haslam, exim mailing list
題目: Re: [Exim] vulnerabilities
We had some guys test the security on our network and this is what they
said:

"SMTP daemons on your machine supports features (such as EHLO, RCPT, VRFY
and EXPN) which my enable hackers to gain information which could be used
to exploit other vulnerabilities."

Are they been stupid or is there some precautions I can take?

Regards, Marc


>vrfy and expn - yeah, turn them off if you want. To turn off vrfy set
>smtp_verify = false
>in your exim config file (it defaults to false these days though....).
>As for expn the config value
>smtp_expn_hosts (which is a host list type)
>is what you're looking for. This is unset by default....
>But disabling EHLO and RCPT is probably not a good idea.....
> John
>
>
>
>--
>## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>