omegatronat_private wrote: > > While I'm at it... is there a way to restrict this information from outgoing messages when using Exchange? Saw a few messages last week that explained how to mask the Exchange server banner, but not for mail headers and such... I find running mail through Postfix and the following line in the badheader file.... /^X-Mailer:.*/ ignore But that is technically an RFC infringement, as envelope elements are sacrosanct, but I guess that was more important when lots of external relays were passing mail around. You need some extra entries to hide internal mail servers, but it isn't rocket science. Of course running mail through Postfix probably wasn't the solution you were after, and I had to kick Postfix to stop sending standard Postfix bounce messages, and banners. The hacking guru's will spot Postfix a mile off from the way it backs of when it encounters errors in the SMTP protocol, but by that time it has probably already sent a message to the administrator about the abuse it is getting or will do shortly. WatchGuard's SMTP proxy will rip out a lot of this kind of information leakage for you as well (although you have to check checkboxes to make it happen), and no doubt other good firewall products do the same. Of course if you rip out this information in too distinctive a fashion you give yourself away, witness the versions of BIND 9 that reply to authors.bind but not version.bind, when the version string has been redefined. Simon ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Jul 29 2002 - 08:52:05 PDT