RE: [Exim] hiding software type & version

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Thomas Kinghorn
Dátum:  
Címzett: Exim-Users (E-mail)
Tárgy: RE: [Exim] hiding software type & version
Here is another good banner if you are blacklisting.

Place the banner directly underneath the primary hostname in the Runtime
Configuration.

smtp_banner = "${primary_hostname} Secure SMTP \n\
                 ${tod_full} 2002\n\n\
                This server uses MAPS RBL, MAPS RSS and MAPS DUL to\n \
                filter mail from known spamming hosts/users.\n \
                See http://www.mail-abuse.org/ for more information.\n"


Regards,

Tom



-----Original Message-----
From: Jan Johansson [mailto:jan.johansson@nwl.se]
Sent: 23 December 2002 02:51
To: 'Timothy Arnold'; exim-users@???
Subject: RE: [Exim] hiding software type & version


>does anyone know in v3/4 how to remove the software type & version of

Exim
>during smtp communication? We recently had an internet security scan
>performed and they recommended that we remove this information.


None of the SMTP exploit scanners I have seen lately uses the banner in
the first place they fingerprint in other fashions.


Who recommended hiding this info? From my experience, this
recommendation is one of the
"We-can-always-find-something-to-make-the-customer-think-they-are-more-v
unerable-then-they-are"-things.


--

## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at http://www.exim.org/ ##