解決 OpenVAS 掃描 Linux 主機出現的「Check if Mailserver answer to VRFY and EXPN requestsd」訊息

使用 OpenVAS 掃描 CentOS 7.x Linux 主機時,出現「Check if Mailserver answer to VRFY and EXPN requestsd」訊息

# telnet 127.0.0.1 25
Trying 127.0.0.1…
Connected to 127.0.0.1.
Escape character is ‘^]’.
220 localhost.localdomain ESMTP Postfix
VRFY
501 5.5.4 Syntax: VRFY address[@more@]解決方式:
參考網站:
Mail Server Security question – Google 網上論壇

修改 /etc/postfix/main.cf
# cp /etc/postfix/main.cf /etc/postfix/main.cf.$(date +%F)
# vim /etc/postfix/main.cf
加入下面一行
disable_vrfy_command=yes

測試一下
# telnet 127.0.0.1 25
Trying 127.0.0.1…
Connected to 127.0.0.1.
Escape character is ‘^]’.
220 localhost.localdomain ESMTP Postfix
VRFY
502 5.5.1 VRFY command is disabled

重新啟動 Postfix
# systemctl restart postfix.service;systemctl status postfix.service