Re: [exim] Hidden Exim version number

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Ian Eiloart
Dátum:  
Címzett: Michael Chung, exim-users
Tárgy: Re: [exim] Hidden Exim version number


--On 15 September 2010 19:15:40 +0800 Michael Chung
<michaelchung@???> wrote:

> Dear All,
>
> I want to hidden the version number of my exim SMTP server. I am using
> Exim 4.70 now. But I does not want any one to know the for security
> reason.
>
> When I telnet to my SMTP server with port 25, I got the following
>
> 220 mai.xxx.com ESMTP Exim 4.70 Wed, 15 Sep 2010 18:33:07 +0800
>
> Can I hidden the version number?


You can (and others have said how), but there's no point. The only reason
I've heard is "security", but if you're running software with a security
bug, then a hacker will not check the version number (which could be hidden
or faked) before attempting to exploit the bug. Heck, they probably won't
even check whether you are running Exim.

On the other hand, displaying version numbers can make it easier for
helpful people to help you. Including alerting you to security updates.

If I have interoperability problems with a remote site, one thing I do is
try to find out what software they're running, and what version, so that I
can help them to fix any problems on their end.

> Thank you very much!
>
> Michael




--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/