On Dec 17, 2007 2:42 PM, John Burnham <jpb15@???> wrote:
> > One of the servers we look after was recently "penetration
> > tested" and they
> > could find very little wrong so they complained about silly
> > things like it's
> > possible to see which users locally exist on the server
> > through the answer
> > Exim provides to the RCPT command.
> >
> Actually, surely all it's doing is enumerating the email addresses that
> that server
> accepts mail for.... This may have little or no connection to the OS user
> accounts.
True. It mostly relays, but does deliver one domain locally. Like I said,
seems perfectly fine to me, which it is!
Cheers
Phill
>
> J
>
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
