← Back to VMware vRealize Automation 7.x SLES Security Technical Implementation Guide

V-240446

CAT II (Medium)

The SMTP service must not have the EXPN feature active.

Rule ID

SV-240446r671079_rule

STIG

VMware vRealize Automation 7.x SLES Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-000382

Discussion

The SMTP EXPN function allows an attacker to determine if an account exists on a system, providing significant assistance to a brute force attack on user accounts. EXPN may also provide additional information concerning users on the system, such as the full names of account owners.

Check Content

Use the following command to check if EXPN is disabled:

# grep -v "^#" /etc/sendmail.cf |grep -i PrivacyOptions

If "noexpn" is not returned, this is a finding.

Fix Text

Add "noexpn" to the "PrivacyOptions" flag in /etc/sendmail.cf