disable VRFY

fahad_8 · ‎05-22-2006

Hi all

i got this report from Security section
{
In its default configuration, Sendmail implements the VRFY command which allows anyone who can connect to Sendmail to obtain information about which user accounts exist, and where mail is being delivered. Many sites choose not to hand out this information via VRFY.

Recommendation: You should disable VRFY by adding "needvrfyhelo" to the P or Privacy line in the sendmail.cf file, usually found in the directory /etc }

so how i can disable VRFY , i tried many times but no result

regards

Arunvijai_4 · ‎05-22-2006

Hi,

Have you looked into /etc/mail/sendmail.cf file ?

#grep -i VRFY /etc/mail/sendmail.cf
# needvrfyhelo Insist on HELO (or EHLO) before the VRFY command
# novrfy Disallow VRFY command totally

So, you can use novrfy to disallow VRFY.

-Arun

"A ship in the harbor is safe, but that is not what ships are built for"

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

disable VRFY

disable VRFY

Re: disable VRFY