Shawn wrote: > Hmm, I have a vague recollection of Davide release a quick=20 > fix like less > then 12 hours after a regular release -- I figured it was him=20 > that found > a fixed the issues -- still 2 in how many years? How many other mail > vendors can say the same :-D >=20
qmail & postfix.. atleast for remote exploits.. not sendmail, exchange, = notes, groupwise and others I guess. That xmail has not had many vulnerabilities the last few years doesn't = mean that xmail is flawless. Just look to apache httpd. Or sshd. Or the = OpenSSL lib. These were living for quite a few years without remote = exploits. I wish I could change the greeting banner in order to let potential = hackers know as little about my systems as possible. It's possible to = fool nmap's os detection and I guess most hackers move on to the next = system if they can't figure out much about your systems. Why do you think we get regular scans for bind versions? Also in bind = you can return bogus versions here without loosing functionality.=20 Also it wouldn't break anything (else than not being RFC compliant) by = changing the banner. All extended mail options are still available = through ehlo. Quite a few programs let you alter greeting messages. Usually not with = commercial software, but enterprise firewalls can also do that. Pix for = instance automaticly filters out any such responses from the mailserver = (inserts 'X's in place for the message) while some others have built in = smtp secure proxies (Checkpoint/Raptor). So I'd say it's quite an accepted thing to do this and you're actually = gaining something from it too. I also can imagine it wouldn't be the = hardest thing on earth to implement such a feature. Lars - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
