RE: Avoiding Postfix Fingerprinting

From: Michael Scheidell (scheidell_at_secnap.net)
Date: 03/08/05

  • Next message: Javier Fernandez-Sanguino: "Re: Avoiding Postfix Fingerprinting" 
    Date: Tue, 8 Mar 2005 13:04:28 -0500
To: "Isidro Labrador" <irlabrador@sgi.es>, <pen-test@securityfocus.com>

     
    You could 'fiddle' with return codes,
    (do a postconf | more)

    All of these can be changed with postconf -e/ edit main.cf and sighup
    postfix
    (and one of my server responds as 'postfix'. The other as 'maybe
    postfix' with 3 differences...)

    So, tweaking the return codes, turning on and off options might do it.

    (oh, I suppose you did change the banner to NOT say 'postfix', right?
    Maybe you could 'emulate' an sendmail or microsoft exchange server
    banner? And invite MS type attacks?)

  • Next message: Javier Fernandez-Sanguino: "Re: Avoiding Postfix Fingerprinting"

    Relevant Pages

    • Re: [OT] Postfix - STARTTLS problem: 454 4.3.0 TLS not available due to local problem
      ... # libsasl2 ... as you need those to get TLS working on Postfix. ... Here's the output from postconf -n: ... mydestination = $myhostname, loaclhost.$mydomain $mydomain ...
      (Debian-User)
    • Re: Network is unreachable email error
      ... mydestination = mail.bizmail.com.au ... Network is unreachable (port 25) ... Because you're not using a relayhost, Postfix is trying to send the mail directly to the recipient's mailserver and since your ISP is blocking port 25, Postfix cannot access it. ... If your postfix version is> 2.3 you can use the postconf -e command to edit the main.cf like this: ...
      (Debian-User)
    • Re: [SLE] Postfix error
      ... > i installed postfix with yast and configured it with yast ... to a working DNS server, or access to a mail server that will relay on ... "postconf -n" and the output of "postconf mydomain myhostname". ...
      (SuSE)
    • chroot and postfix with sasl question
      ... and the postfix users list is a very hostile list for receiving help. ... Fetchmail is getting my mail. ... Here is the postconf -n result: ... Does putting an n under chroot make it not chroot? ...
      (Ubuntu)
    • Re: [SLE] Postfix woes
      ... SUSE puts a lot of the stuff at the bottom that is commented earlier in the ... This might explain why postfix "ignores" your configs. ... A command you might find useful is postconf. ...
      (SuSE)