Re: [Exim] vulnerabilities

Góra strony
Delete this message
Reply to this message
Autor: Marc Peiser
Data:  
Dla: John Burnham
CC: Anand Buddhdev, Steve Haslam, exim mailing list
Temat: Re: [Exim] vulnerabilities
We had some guys test the security on our network and this is what they
said:

"SMTP daemons on your machine supports features (such as EHLO, RCPT, VRFY
and EXPN) which my enable hackers to gain information which could be used
to exploit other vulnerabilities."

Are they been stupid or is there some precautions I can take?

Regards, Marc


>vrfy and expn - yeah, turn them off if you want. To turn off vrfy set
>smtp_verify = false
>in your exim config file (it defaults to false these days though....).
>As for expn the config value
>smtp_expn_hosts (which is a host list type)
>is what you're looking for. This is unset by default....
>But disabling EHLO and RCPT is probably not a good idea.....
> John
>
>
>
>--
>## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>