> So what other 'vulnerable' configuration information EHLO reveals > & how they can disabled/mitigated/fabricated ?
You may want to suppress the SIZE information (maximum size of a message that your server will accept). Some hackers might take this as a challenge and try to exploit it in a denial-of-service attack to clog up your server with huge junk messages that are just under your advertised size limit. Unless you have a very small "message_size_limit" for some unusual reason, I don't see any real point in explicitly advertising it. And unless you are intentionally using the ETRN feature, you should omit the ETRN keyword from your EHLO response. I believe ETRN can be explicitly turned off by saying "fast_flush_domains =" (with no value after the equals sign) in your configuration. You can read http://www.postfix.org/ETRN_README.html for more info about ETRN. "smtpd_discard_ehlo_keywords = etrn size silent-discard" should suppress the above two items. The "silent-discard" option tells Postfix not to clutter up your log file with the fact that these EHLO keywords are being suppressed. I don't believe the other keywords I see in my server's EHLO response (PIPELINING, VRFY, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, and DSN) are exploitable, but maybe someone else out there knows of something. As Wietse pointed out, a standards-compliant SMTP implementation is required to implement EHLO, and some of the extended features (such as STARTTLS) are simply not expendable. This fact may or may not influence a paranoid management type who is making demands based on a fuzzy advisory from a security tool or a vague warning in a trade rag, but I'm not at all surprised that Postfix does not appear to have any way to disable EHLO entirely. Rich Wales ri...@richw.org
