Bug 21801 - default sendmail config permits SMTP EXPN and VRFY
Summary: default sendmail config permits SMTP EXPN and VRFY
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: sendmail
Version: 6.2
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Florian La Roche
QA Contact: Dale Lovelace
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2000-12-06 14:51 UTC by John Bollinger
Modified: 2007-04-18 16:30 UTC (History)
2 users (show)

Clone Of:
Last Closed: 2001-01-04 14:47:10 UTC

Attachments (Terms of Use)

Description John Bollinger 2000-12-06 14:51:18 UTC
An ISS scan of one of my RedHat 6.2 systems flagged low-severity vulnerabilities in the default sendmail (8.9.3-20)
configuration.  In particular, ISS complained that VRFY and EXPN were both enabled, and explained that both allow
an intruder to obtain information about local user accounts on the system.

Comment 1 Jarno Huuskonen 2000-12-09 23:04:49 UTC
Also the default sendmail config allows users to use mailq command. This
can be used to snoop /var/spool/mqueue contents  --> users can see where
other users send / receive mail.

This can be changed with the restrictmailq in sendmail.cf

(also noexpn and novrfy should disable the EXPN and VRFY commands)

Comment 2 Florian La Roche 2001-01-04 14:47:06 UTC
I do not set restrictmailq, but have added restrictqrun.

Note You need to log in before you can comment on or make changes to this bug.