Sendmail EXPN contents.gifindex.gif

Sendmail EXPN

EXPN allows an intruder to determine if an account exists on a system, providing significant assistance to a brute force attack on user accounts. It provides additional information concerning users on the system, such as if they exist and their full names. The scan engine verifies whether EXPN is turned on in sendmail.

Risk: Low/Medium

Fix: If you are running sendmail, add the following line to your sendmail configuration file (usually located in /etc/sendmail.cf):

Opnoexpn

For other mail servers, contact your vendor for information on how to disable the expand command.