& from the url Roger Klorese provided, http://www.iss.net/security_center/reference/vuln/smtp-ehlo.htm
it says : SMTP daemons that support Extended HELO (EHLO) can release information that could be useful to an attacker in performing an attack. Attackers have been known to use the EHLO command to determine configuration information on SMTP daemons. So what other 'vulnerable' configuration information EHLO reveals & how they can disabled/mitigated/fabricated ? Roger
