My employee scans our machines for security problems. A potential security problem has been uncovered for both "exim" and "smail" packages. A solution is provided for sendmail if it were the MTA, but since it is not, I need help with an equivalent configuration.
Here is the information of the issue: smtpexpn: SMTP EXPN command (CAN-1999-0531) Simple Mail Transfer Protocol (SMTP)-compliant applications, such as the Sendmail program EXPN, could allow an attacker to determine if an account exists on a system, providing significant assistance to a brute force attack on user accounts. EXPN provides additional information concerning users on the system, such as if they exist and their full names. This information can be useful in further attacks. Remedy: If you are running Sendmail, add the line Opnoexpn to your Sendmail configuration file, usually located in /etc/sendmail.cf. For other mail servers, contact your vendor for information on how to disable the expand command. Upgrade to the latest version of Sendmail (8.11.4 or later), available from the Sendmail Consortium Web site. See References. --OR-- Apply the appropriate patch for your system, available from the Sendmail Consortium FTP site. See References. I am stuck on the last remedy and hope someone from this mailing list can provide the solution. Thanks... -- James D. Freels, P.E._i, Ph.D. Oak Ridge National Laboratory [EMAIL PROTECTED] - work [EMAIL PROTECTED] - home
