Q0717

Nigel Metheringham edited this page Nov 30, 2012 · 3 revisions
Clone this wiki locally

Q0717

Question

When using Nessus on a system that runs Exim, a number of security issues are raised. Nessus complains that Exim answers to EXPN and/or VRFY; sometimes it even complains that Exim allows relaying.

Answer

Exim supports EXPN and VRFY only if you permit it to do so in the ACLs defined by acl_smtp_expn and acl_smtp_vrfy, respectively. Otherwise, its responses are

550 Administrative prohibition
252 Administrative prohibition

Maybe the use of 252 is the problem. It is recommended that this be done (by those that discuss these things) because there are stupid clients that attempt VRFY before sending a message.