Hi. On Fri, Jun 21, 2019 at 04:40:11AM +1000, Andrew McGlashan wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > > > On 20/6/19 11:45 pm, Reco wrote: > > Hi. > > > > On Thu, Jun 20, 2019 at 11:26:08PM +1000, Andrew McGlashan wrote: > >> Is there a way to provide version of "4.92" easily or some other > >> text to stop the likelihood of outsiders trying to pound on and > >> exploit the server? Even though they won't be able to do > >> successfully due to up to date patch status. > > > > # rgrep banner /etc/exim4/ > > /etc/exim4/conf.d/main/02_exim4-config_options:# smtp_banner = > > $smtp_active_hostname ESMTP Exim $version_number $tod_full > > /etc/exim4/exim4.conf.template:# smtp_banner = > > $smtp_active_hostname ESMTP Exim $version_number $tod_full > > > > Replace v$version_number with 4.92 or set "smtp_banner" to whatever > > you like. > > Thank you, I've changed the banner for now.... let's hope that lessens > the problem.
Please share the results if possible. On this particular MTA I've counted whopping 4 attempts to exploit CVE-2019-10149 so far. One made from France, three from US. I'm kind of disappointed, I've expected half a million Chineese and Russian bots at least ;) Reco
