Re: [Exim] SMTP banner

Top Page
Delete this message
Reply to this message
Author: Matt Bernstein
Date:  
To: Marc MERLIN
CC: Philip Hazel, exim-users
Subject: Re: [Exim] SMTP banner
At 09:45 +0100 Marc MERLIN wrote:

>While I'm not a big fan of security by obscurity, if people feel they need
>to obscure their SMTP banner, they should have to do it themselves. As
>others mentionnned, when debugging SMTP connections, I like to know which
>remote server I'm talking to, so I'd vote for:
>
>smtp_banner = Exim 4 ESMTP server ready
>
>Note that I'm only asking for '4', not the exact release number.


No.. that's insecurity by obscurity.

I know someone (who shall remain nameless :) who changed his banner to
hide the version number and MTA name. But if you telnet in to port 25 and
type "help" it tells you "This is sendmail version 8.10.0". I don't know
if that's secure or not, but if it's not known insecure, why hide it?