Penetration Testing mailing list archives
RE: Filtering email headers generated from internal network (Sensible?)
From: "Eyal Udassin" <eyal () swiftcoders com>
Date: Tue, 10 May 2005 01:27:03 +0200
Hello Bipin, Since the cost of implementing a filter to remove the MIME fields you mentioned is very low, I highly recommend it. This is very similar to recommending to remove the server field of the HTTP response in web servers.
From my point of view, you can only gain from filtering this data.
Best regards, Eyal Udassin - Swift Coders POB 1596 Ramat Hasharon, 47114 972+547-684989 eyal () swiftcoders com www.swiftcoders.com -----Original Message----- From: Bipin Gautam [mailto:visitbipin () hotmail com] Sent: Monday, May 09, 2005 5:36 PM To: pen-test () securityfocus com Subject: Filtering email headers generated from internal network (Sensible?) Is it sensible to filter extra email headers in the gateway generated from your internal network before it leaves your server, so that Information like... User-Agent:, X-Virus-Scanned:, and those EXTRA hopps of Received from: (headers........) won't leak out, which could be a valuable information for a potential intruder. Moreover the trouble multiplies if a software exploit is realesed before patch. It is kinda Security by obscurity. But if it buys you some extra time to act isn't is sensible to impliment or just too paranoid? drop your views, Bipin Gautam http://bipin.sosvulnerable.net/
Current thread:
- Filtering email headers generated from internal network (Sensible?) Bipin Gautam (May 09)
- RE: Filtering email headers generated from internal network (Sensible?) Eyal Udassin (May 11)
- <Possible follow-ups>
- RE: Filtering email headers generated from internal network (Sensible?) anyluser (May 09)
- Re: Filtering email headers generated from internal network (Sensible?) Kyle Maxwell (May 11)
- Re: Filtering email headers generated from internal network (Sensible?) Joachim Schipper (May 11)
- Re: Filtering email headers generated from internal network (Sensible?) Brendan Murray (May 11)
- Re: Filtering email headers generated from internal network (Sensible?) Sebastian Garcia (May 13)