Sam Varshavchik <[EMAIL PROTECTED]> writes:
> On Sun, 20 Jan 2002, Ben Beuchler wrote:
>
> > On Sun, Jan 20, 2002 at 11:45:37PM +0100, Robert Penz wrote:
> >
> > > i've just scanned my mail server with nessus, and it found that
> > <snip>
> > > how can I block that?
> >
> > Look at the config file for the esmtpd service.
>
> Right, but it's not really a good idea to rely on what a canned "security
> scanner" spits out, without educating yourself on the subject matter at
> hand.
>
> Personally, I've always found EXPN and VRFY to be useful troubleshooting
> tools, and that's why they're on by default. There is sufficient logic in
> Courier to prevent EXPN/VRFY from being abused by hostile attackers.
FYI: EXPN and VRFY are disabled in the Debian packages by default.
Ciao
Racke
--
For projects and other business stuff please refer to COBOLT NetServices
(URL: http://www.cobolt.net; Email: [EMAIL PROTECTED]; Phone: 0041-1-3884400)
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
