howto change sendmail info when telnet to port 25

[dwcasey]

When I telnet to port 25, I see OS version and sendmail version. How can I turn this off?

Thanks.

 

[DSMARWAY]

hi,

why would you want to telnet to port 25 ?
this is normally used as a test to check if the remote hosts is allowing connections and receiving your mails
?

what are you trying to do ?

 

[Morsing]

It's a security problem if people from outside can see this information. dwcasey is absolutely right about turning it off.

Can't remember how though but I've done it a few years ago.

Cheers Henrik Morsing
IBM Certified AIX 4.3 Systems Administration

 

[dwcasey]

You have to have port 25 available to receive mail from the "outside". But, for the most part, nobody will telnet to it unless you're testing and you manually send a message to watch it to make sure it's being routed correctly.

Other than testing, hackers like to do it and by doing so, some are giving out sendmail versions (potential know exploits at a certain version) and OS type and version.

Morsing, I think I've done this once a LONG time a ago (4+ years) and I can't remember how I did it either. It may be in an IBM doc somewhere, I'll dig around.

Thanks.

 

[GFitzG]

AIXSPadmin answered this in a thread on Nov 9, 2002 as follows:

# SMTP initial login message (old $e macro)
O SmtpGreetingMessage=$j Sendmail $v/$Z; $b

But beware...
Even though you can eliminate it from the greeting prompt via /etc/sendmail.cf - the sendmail HELP command will reveal all that an attacker needs (to start from).
If this is a real concern, you will need to download & rebuild sendmail yourself.

 

[dwcasey]

Great! Thanks. Dunno if we want to go through the trouble of recompiling Sendmail or not.

In some ways I prefer the IBM/AIX installation over a customized compiled version.