Re: [Exim] vulnerabilities

Top Page
This message is part of the following thread:
M+++\the complete thread tree sorted by date
MMMMMSteve Haslam at <-
MMMMJohn Burnham at ->
Delete this message
Reply to this message
Author: Anand Buddhdev
Date:  
To: Marc Peiser
CC: exim mailing list
Subject: Re: [Exim] vulnerabilities
On Fri, Jan 28, 2000 at 05:15:43PM +0000, Marc Peiser wrote:

> We had some guys test the security on our network and this is what they
> said:
>
> "SMTP daemons on your machine supports features (such as EHLO, RCPT, VRFY
> and EXPN) which my enable hackers to gain information which could be used
> to exploit other vulnerabilities."

VRFY and EXPN can give out email address information, so yes, it is a
good idea to disable them.

> Are they been stupid or is there some precautions I can take?

EHLO is the extended HELO used by SMTP clients to introduce themselves
to your server and find out the extended capabilities your server
supports, to perhaps aid in more efficient transfer of mail. I don't see
how it can be a security problem. RCPT is used to specify email
recipients. If you disable it, you can't receive mail! So those guys who
tested your network certainly didn't know what they were saying.

--
See complete headers for more info



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] vulnerabilitiesRe: [Exim] vulnerabilities->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)