Re: [Exim] vulnerabilities

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M+++\Anand Buddhdev at <-
MMMMMJethro R Binks at ->
Delete this message
Reply to this message
Author: John Burnham
Date:  
To: Marc Peiser
CC: exim-users
Subject: Re: [Exim] vulnerabilities
> We had some guys test the security on our network and this is what
they
> said:
>
> "SMTP daemons on your machine supports features (such as EHLO, RCPT,
VRFY
> and EXPN) which my enable hackers to gain information which could be
used
> to exploit other vulnerabilities."
>
> Are they been stupid or is there some precautions I can take?

Some people think vrfy and expn are security problems.
VRFY allows an address to be verified. I use it occasionally when I'm
trying to determine whether an address is valid or not.
EXPN gives what the email address expands out to on that machine, so you
could check where postmaster@??? goes.
This might be regarded as too much information for some people.
EHLO is the smtp command that identifies you to an MTA (and tells it to
use ESMTP instead of SMTP). Some systems might allow you to disable it
and only allow HELO (which does the same job but only gives you SMTP).
RCPT specifies the recipient of an email. Disabling this will make mail
transfer a bit difficult. If you're interested, can I suggest you have a
quick read of RFC 821 and 822 (and a few others, but they can wait) ?
John.




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] vulnerabilitiesRe: [Exim] vulnerabilities->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)