Mailinglist Archive: opensuse (3637 mails)

< Previous Next >
[SECURITY] Default postfix main.cf reveals software name and version
  • From: wilson@xxxxxxxxxxx (Jonathan Wilson)
  • Date: Thu, 31 May 2001 18:25:22 -0500
  • Message-id: <5.1.0.14.0.20010531181420.05598eb0@xxxxxxxxxxxxxxxx>
Hello,

I know this is a very minor thing but I was just setting up a mail server and noticed that by default, SuSE's postfix mail.cf is set to show OS/softwareinfo. Most security professionals recommend that all such banners be disabled, since banners can sometimes be quite helpful to crackers.

The offending lines in /etc/postfix/main.cf are:

mail_name = Postfix on SuSE Linux 7.1 (i386)
smtpd_banner = $myhostname ESMTP $mail_name

Running netcat quickly reveals this info:

jw@testbox:~ > netcat xxx.xxx.xxx.xxx3 25

220 servicemail123.com ESMTP Postfix on SuSE Linux 7.1 (i386)


I suggest commenting out mail_name and setting smtpd_banner to wither nothing or $myhostname, or some other such harmless thing. Consider carefully what really belongs there.

P.S. Is "ESMTP" actually needed for anything? I don't know that much about mail protocols.

----------------------------------------------------
Jonathan Wilson
System Administrator

Cedar Creek Software http://www.cedarcreeksoftware.com
Central Texas IT http://www.centraltexasit.com


< Previous Next >
This Thread
  • No further messages