Re: Determing Microsoft Exchange Versions..?

• Previous message: Pete Rotheroe: "Re: Looking for Info"
• In reply to: Simon Waters: "Re: Determing Microsoft Exchange Versions..?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 29 Jul 2002 19:47:19 +0200
From: Philipp Buehler <lists@fips.de>
To: Simon Waters <Simon@wretched.demon.co.uk>

On 29/07/2002, Simon Waters <Simon@wretched.demon.co.uk> wrote To omegatron@hushmail.com:
> > While I'm at it... is there a way to restrict this information from outgoing messages when using Exchange? Saw a few messages last week that explained how to mask the Exchange server banner, but not for mail headers and such...
>
> I find running mail through Postfix and the following line in
> the badheader file....
>
> /^X-Mailer:.*/ ignore

Still leaves you with the Received: lines, which can be ignored that
way aswell.

> But that is technically an RFC infringement, as envelope
> elements are sacrosanct, but I guess that was more important

Actually this is not the envelope, and X- headers are subject to
ignorance anyway.

Filtering Received: headers is more of a problem, if you need
deeper debugging, but even this can be resolved.

And common security enforcements dont fit into the land of
common RFCs anyway :)

ciao

-- 
Philipp Buehler, aka fips | sysfive.com GmbH | BOfH | NUCH | <double-p> 
#1: Break the clue barrier!
#2: Already had buzzword confuseritis ? 
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Previous message: Pete Rotheroe: "Re: Looking for Info"
• In reply to: Simon Waters: "Re: Determing Microsoft Exchange Versions..?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: SQL ... Subject: SQL ... >> This list is provided by the SecurityFocus Security ... For more information on SecurityFocus' SIA service which ... >This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) RE: Insurance ... property--data beign deemed "intangible" for the purposes of insurance. ... for physical security testing there are often 3rd parties ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) RE: Pen-Testing Lotus Notes/Domino ... Subject: Pen-Testing Lotus Notes/Domino ... of document security. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) R: Pen-Testing help (Compaq Insight & htsearch) ... This web server happens to be in front of their ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) Re: Application & Iplanet/Apache web server vulnerability and penetration testing ... I don't know what to do on the web servers other than delete example ... Any suggestions on iPlanet and Apache security? ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint