Re: [Exim] vulnerabilities

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Anand Buddhdev
Datum:  
To: Marc Peiser
CC: exim mailing list
Betreff: Re: [Exim] vulnerabilities
On Fri, Jan 28, 2000 at 05:15:43PM +0000, Marc Peiser wrote:

> We had some guys test the security on our network and this is what they
> said:
>
> "SMTP daemons on your machine supports features (such as EHLO, RCPT, VRFY
> and EXPN) which my enable hackers to gain information which could be used
> to exploit other vulnerabilities."


VRFY and EXPN can give out email address information, so yes, it is a
good idea to disable them.

> Are they been stupid or is there some precautions I can take?


EHLO is the extended HELO used by SMTP clients to introduce themselves
to your server and find out the extended capabilities your server
supports, to perhaps aid in more efficient transfer of mail. I don't see
how it can be a security problem. RCPT is used to specify email
recipients. If you disable it, you can't receive mail! So those guys who
tested your network certainly didn't know what they were saying.

--
See complete headers for more info