RE: [Exim] hiding software type & version

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MMNico Erfurth at <-
.M.MThomas Kinghorn at ->
Delete this message
Reply to this message
Author: Timothy Arnold
Date:  
To: 'Nico Erfurth', Dennis Davis
CC: Timothy Arnold, exim-users
Subject: RE: [Exim] hiding software type & version
I don't really understand what ESMTP means .. ;)

The only problem I have is announcing that our mail server is Exim Version
3.x or 4.x .. Just in case someone finds a bug in the code which could be
exploited.

Thanks to everyone for the information requested.

Regards,
Tim.

PS: (off topic) - does anyone know how to remove ident for apache/bind?


-----Original Message-----
From: Nico Erfurth [mailto:masta@perlgolf.de]
Sent: 23 December 2002 13:24
To: Dennis Davis
Cc: Timothy Arnold; exim-users@???
Subject: Re: [Exim] hiding software type & version

On Mon, 23 Dec 2002, Dennis Davis wrote: 

> >From: Timothy Arnold <timothy.arnold@???>
> >To: 'Suresh Ramasubramanian' <mallet@???>,
> >    Timothy Arnold <timothy.arnold@???>
> >Cc: "'exim-users@???'" <exim-users@???>
> >Subject: RE: [Exim] hiding software type & version
> >Date: Mon, 23 Dec 2002 11:58:51 -0000

> >
> >I realize that there might be other methods for determining what
> >version of MTA/OS I am running, but why give a scriptkiddie an easy
> >ride?
>
> Quite. I'm happy to do this with most s/w *providing* it's
> cheap to do. My exim configuration files usually include
> the following somewhere in the main configuration section:
>
> # Let's go almost minimal on the SMTP greeting banner. This is
> # obviously only relevant if we are listening on the SMTP port.
> smtp_banner = "${primary_hostname} SMTP Server ready."

you should do

smtp_banner = "${primary_hostname} ESMTP Server ready."

IIRC a server SHOULD announce that it understands ESMTP.
There was a discussion on exim-users some months ago.

ciao


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] altering outgoing mailRE: [Exim] hiding software type & version->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)