> On 5 Feb 2016, at 09:21, Adam Funk <a24061@???> wrote:
>
> On 2016-01-31, Todd Rinaldo wrote:
>
>> Apologies if I missed this announcement made the list already.
>>
>> I was surprised to find these survey numbers tonight. Given Exim is no longer a default install on many distros, I was surprised to find that Exim constitutes 53% of the mail servers on the internet. The numbers are a little skewed given some banners didn't report their mail server, but it's still impressive.
>>
>> http://www.securityspace.com/s_survey/data/man.201510/mxsurvey.html
>>
>> Less impressive is that only 20% of exim servers are up to date :(
>
> Just curious: why are 100% of Postfix servers "Version Other"?
The survey never proceeds beyond the "EHLO" greeting. That’s a shame, because it means that about 50% of servers aren’t identified, whereas some servers will give away their version number with a HELP, or something like that. Anyway, some servers display the software name at EHLO. And some of them also display the version number. Security consultants don’t like that, so the display of software name or version is often disabled. Not that it helps much, if at all.
So, perhaps Postfix never displays a version number.
--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148