Penetration Testing mailing list archives
Re: Determing Microsoft Exchange Versions..?
From: Philipp Buehler <lists () fips de>
Date: Mon, 29 Jul 2002 19:47:19 +0200
On 29/07/2002, Simon Waters <Simon () wretched demon co uk> wrote To omegatron () hushmail com:
While I'm at it... is there a way to restrict this information from outgoing messages when using Exchange? Saw a few messages last week that explained how to mask the Exchange server banner, but not for mail headers and such...I find running mail through Postfix and the following line in the badheader file.... /^X-Mailer:.*/ ignore
Still leaves you with the Received: lines, which can be ignored that way aswell.
But that is technically an RFC infringement, as envelope elements are sacrosanct, but I guess that was more important
Actually this is not the envelope, and X- headers are subject to ignorance anyway. Filtering Received: headers is more of a problem, if you need deeper debugging, but even this can be resolved. And common security enforcements dont fit into the land of common RFCs anyway :) ciao -- Philipp Buehler, aka fips | sysfive.com GmbH | BOfH | NUCH | <double-p> #1: Break the clue barrier! #2: Already had buzzword confuseritis ? ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Determing Microsoft Exchange Versions..? omegatron (Jul 27)
- Re: Determing Microsoft Exchange Versions..? Simon Waters (Jul 29)
- Re: Determing Microsoft Exchange Versions..? Philipp Buehler (Jul 29)
- <Possible follow-ups>
- Re: Determing Microsoft Exchange Versions..? diego . kellner (Jul 28)
- Re: Determing Microsoft Exchange Versions..? Simon Waters (Jul 29)