Removal or obfuscation of mail_name

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Removal or obfuscation of mail_name

J Doe
Hello,

I was reading about the mail_name parameter in main.cf.

I was wondering (and I know the gains would be minor given that this falls into security through obscurity), is there anything to gain by either removing this or specifying something false ?

Is there any third-party servers or tools in the e-mail ecosystem that would depend on this being “Postfix” ?

Thanks,

- J
Reply | Threaded
Open this post in threaded view
|

Re: Removal or obfuscation of mail_name

Viktor Dukhovni


> On Nov 6, 2017, at 2:26 PM, J Doe <[hidden email]> wrote:
>
> I was reading about the mail_name parameter in main.cf.
>
> I was wondering (and I know the gains would be minor given that this
> falls into security through obscurity), is there anything to gain by
> either removing this or specifying something false ?

There is nothing to be gained by pretending your server is not running
Postfix.  Postfix is too easy to "fingerprint" by observing its responses
to various SMTP commands.  Just let it be.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Removal or obfuscation of mail_name

J Doe
Hi Victor,

>> I was wondering (and I know the gains would be minor given that this
>> falls into security through obscurity), is there anything to gain by
>> either removing this or specifying something false ?
>
> There is nothing to be gained by pretending your server is not running
> Postfix.  Postfix is too easy to "fingerprint" by observing its responses
> to various SMTP commands.  Just let it be.

Ok, thanks for letting me know.

- J
Reply | Threaded
Open this post in threaded view
|

Re: Removal or obfuscation of mail_name

Bill Cole-3
In reply to this post by J Doe
On 6 Nov 2017, at 14:26 (-0500), J Doe wrote:

> Is there any third-party servers or tools in the e-mail ecosystem that
> would depend on this being “Postfix” ?

Nothing *SHOULD* depend on any particular content in the text part of
any SMTP response except EHLO. As Viktor said, it's generally useless to
pretend not to be Postfix, since there are clues you can't configure
away. However, it can be interesting to see what some spambots try when
you claim to be specific old versions of Sendmail.

--
Bill Cole
[hidden email] or [hidden email]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole