Ask Bjørn Hansen wrote:
[...]
Why? If it's for security, will it really make a difference? Does it
give any information out that an attacker can use? If there ever is a
security problem in qpsmtpd (unlikely, but I suppose possible),
wouldn't the attacker just hit SMTP servers at random for it anyway?
Or if doing a more targeted attack, surely they'll try no matter what
the version string says or doesn't say.
> [...]
Sure. I don't think it's a big issue. I'm not a believer in security
through obscurity, but I also don't believe in giving such things away
for free.
Thanks,
Gordon
