[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] POSSIBLE ATTACK newline in string
- Subject: [cobalt-security] POSSIBLE ATTACK newline in string
- From: "David Black" <DavidBlack@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 7 Feb 2004 01:16:24 -0600
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> Subject: Re: [cobalt-security] POSSIBLE ATTACK newline in string
> Date: Fri, 6 Feb 2004 08:51:16 +0100
>
>
> Change in your sendmail.cf
> This line:
> O SmtpGreetingMessage=$j Sendmail $v/$Z; $b
>
> By:
> O SmtpGreetingMessage=$j Microsoft Exchange; $b
>
> Review your vrfy and expn flags are disbled
>
> # privacy flags
> O PrivacyOptions=authwarnings,novrfy,noexpn,restrictqrun
>
> Un saludo, Danny
>
Sorry about the re-post. My original message had the wrong subject.
Thanks Danny. My "SmtpGreetingMessage" is different. Mine is:
O SmtpGreetingMessage=$?{if_name}${if_name}$|$j$. Sendmail $v/$Z; $b
Can I adapt your modification like this (below)?
O SmtpGreetingMessage=$?{if_name}${if_name}$|$j$. Microsoft Exchange; $v/$Z;
$b
(last line, all on one line)
Thanks again to all who support this list.
David Black
Houston, TX