Bug 21801 - default sendmail config permits SMTP EXPN and VRFY
default sendmail config permits SMTP EXPN and VRFY
Product: Red Hat Linux
Classification: Retired
Component: sendmail (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Florian La Roche
Dale Lovelace
: Security
Depends On:
  Show dependency treegraph
Reported: 2000-12-06 09:51 EST by John Bollinger
Modified: 2007-04-18 12:30 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-01-04 09:47:10 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description John Bollinger 2000-12-06 09:51:18 EST
An ISS scan of one of my RedHat 6.2 systems flagged low-severity vulnerabilities in the default sendmail (8.9.3-20)
configuration.  In particular, ISS complained that VRFY and EXPN were both enabled, and explained that both allow
an intruder to obtain information about local user accounts on the system.
Comment 1 Jarno Huuskonen 2000-12-09 18:04:49 EST
Also the default sendmail config allows users to use mailq command. This
can be used to snoop /var/spool/mqueue contents  --> users can see where
other users send / receive mail.

This can be changed with the restrictmailq in sendmail.cf

(also noexpn and novrfy should disable the EXPN and VRFY commands)

Comment 2 Florian La Roche 2001-01-04 09:47:06 EST
I do not set restrictmailq, but have added restrictqrun.

Note You need to log in before you can comment on or make changes to this bug.