[EMAIL PROTECTED] wrote, on 02. mar 2007 00:56: >>> Hi, Sam - i wouldn't mind changing that banner too. The reason - i don't >>> want people knowing what IMAP server i ran. Just like my postfix is >>> giving >>> generic smtp banner. Even if i patch everything ontime, there maybe >>> specific >>> scripted attacks. Now - i haven't seen any serious security issues with >>> Courier (thank you and all the other coders), so it's not an urgent >>> problem, >>> but still.... >>> >> Well, security through obscurity is not very sound. Besides, hiding >> what IMAP server you run, while allowing people to use insecure >> clear-text protocols seems sort of like rearranging deck chairs on the >> Titanic. >> >> If your system is properly secured, it should not matter if people know >> what IMAP server (or really any other server) you are running. > > I know all of that, Roberto. I don't run IMAP cleartext - not even on local > network. I don't want a script connecting with SSL to se that banner - > that's how paraniod i am. For example - i once sanitzed a sympa mailing list > server of any identifying marks... > As i said - it's not a big deal, but for me - it's still an issue.
FWIW I've been running a Courier IMAP server, now at 4.1.2, doing imaps and that says what it is for a local high school on the net since 2004 - no security issues yet. I guess that site's only one of tens or hundreds of thousands ... The site's running Postfix that says what it is and makes mincemeat of would-be crackers. --Tonni -- Tony Earnshaw Email: tonni at hetnet dot nl ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Courier-imap mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
