Changing the IMAP server's banner -- does one still need to
patch the source?
Alexander Dalloz
ad+lists at uni-x.org
Thu Jun 16 14:43:13 EDT 2005
Am Do, den 16.06.2005 schrieb Ralph Seichter um 17:06:
> I'm looking for a configuration parameter to change Cyrus IMAP's
> banner text. A banner like
>
> * OK server.tld Cyrus IMAP4 v2.2.3 server ready
>
> is giving too much away about the server, IMHO. For security reasons,
> I'd like show only the information required by RFC definition.
Sorry, but that is nonsense, with other words well known as "security by
obscurity" and thus simpy useless. See the thread "Cyrus Banner" which
started Tuesday. Seriously, you gain absolutely nothing by hiding any
kind of version number or IMAP server type string. Get over to useful
things and keep your system up to date. Your version of Cyrus-IMAPd is
outdated and has bugs (at least if not patched).
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.27_FC2smp
Serendipity 20:39:27 up 23 days, 19:17, load average: 0.17, 0.24, 0.20
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list