Re: [exim] CVE-2019-10149: already vulnerable ?

Top Page
Delete this message
Reply to this message
Author: mixed8e
Date:  
To: exim-users
Subject: Re: [exim] CVE-2019-10149: already vulnerable ?
> On Sun, Jun 23, 2019 at 07:37:37PM +0200, Heiko Schlittermann via
> Exim-users wrote:
>> It *seems* that the attackers test for the Exim version in the SMTP
>> banner. In servers having 4.92 I do not see as many attempts as on
>> 4.87->4.91. But there may be other things influencing this.
>
> I have 4 external relays for my company with custom greeting message
> which has no word "Exim" and no version. No breaking attempts logged
> up to 16.06.2019, since this date logs have records about probes
> with prefix "root+": <root+${run{...}@...>.


Dumb question, what is the config setting that allows me to remove the
Exim version from the greet banner?