In sendmail.cf on the line Privacyoptions , add noexpn and novrfy.
authwarnings should already be there.
U can also use define(`confPrivacy_FLAGS' , `authwarnings,noexpn,novrfy') in
your .mc file and
cd sendmail-configuration-directory
m4 ../m4/cf.m4 your-mc-file.mc > sendmail.cf
chmod g-w ./sendmail.cf
Switch out your config files and HUP sendmail.
these options give outside users the ability to see if a paticular username
is valid on your system by telnetiing to smtp port. Someone, for example,
could get all the users who are subscribed to this mailing list through expn
and them spam them...
> -----Original Message-----
> From: Adrian Walters [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, January 28, 2000 4:20 PM
> To: [EMAIL PROTECTED]
> Subject: Re: expn and vrfy
>
> what do these options do?
>
> On Fri, 28 Jan 2000, matt boex wrote:
>
> =>Date: Fri, 28 Jan 2000 14:18:10 -0800 (PST)
> =>From: matt boex <[EMAIL PROTECTED]>
> =>Reply-To: [EMAIL PROTECTED]
> =>To: [EMAIL PROTECTED]
> =>Subject: expn and vrfy
> =>Resent-Date: 28 Jan 2000 22:19:55 -0000
> =>Resent-From: [EMAIL PROTECTED]
> =>Resent-cc: recipient list not shown: ;
> =>
> =>
> =>how do i shut of the expn and vrfy options on
> =>sendmail. i looked for it on www.sendmail.org but
> =>their security links throw you to cert.
> =>
> =>matt
> =>__________________________________________________
> =>Do You Yahoo!?
> =>Talk to your friends online with Yahoo! Messenger.
> =>http://im.yahoo.com
> =>
> =>
> =>
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
