[Dshield] SMTP server banner?
schneelocke at gmail.com
Sun Oct 31 22:00:34 GMT 2004
> > and nothing else (assuming your mail server does ESMTP). In
> > particular, I'd advise against putting in the mail server software's
> > name or version, since that makes scanning for vulnerable versions
> > when a new hole is found much easier.
> I'll guarantee that I'm able to tell you what MTA software is being run
> for any major type used on the Internet, irrespective of what appears in
> the banner.
Sure, you can use stuff like Nmap's service fingerprinting and the
like, but at least you can make it less easy to figure out what's
running, right? ;)
More information about the list