On 22-May-2001 Nguyen, NgocCan wrote:
>
> Davide,
>
> when I type "telnet smtp.xmailserver.org 25, i have naturally this message :
>
> 220 <[EMAIL PROTECTED]> [XMail 0.71 (Linux/Ix86) ESMTP
> Server] service ready; Tue, 22 May 2001 09:08:05 -0700
>
> It's good, but I think it's not a security to display "[XMail 0.71
> (Linux/Ix86)", is there some options which allow to hide this message ??
This is an old stupid issue.
Maybe a guy that claimed himself to be a security expert and seeing that his
security rules was no longer than a couple of lines, decided to add to a
security document.
case 1) An XMail version HAS buffer overflow vulnerability and an exploit is
available to hackers
Hacker tools tries EVERY know exploit to each available port 25.
So hiding the [XMail 0.71 (Linux/Ix86) ESMTP Server] does not solve
Your problem.
case 2) An XMail version DOESN'T have a buffer overflow vulnerability
You've no problem at all.
- Davide
