使用 OpenVAS 掃描 CentOS 7.x Linux 主機時,出現「Check if Mailserver answer to VRFY and EXPN requestsd」訊息
# telnet 127.0.0.1 25
Trying 127.0.0.1…
Connected to 127.0.0.1.
Escape character is ‘^]’.
220 localhost.localdomain ESMTP Postfix
VRFY
501 5.5.4 Syntax: VRFY address[@more@]解決方式:
參考網站:
Mail Server Security question – Google 網上論壇
修改 /etc/postfix/main.cf
# cp /etc/postfix/main.cf /etc/postfix/main.cf.$(date +%F)
# vim /etc/postfix/main.cf
加入下面一行
disable_vrfy_command=yes
測試一下
# telnet 127.0.0.1 25
Trying 127.0.0.1…
Connected to 127.0.0.1.
Escape character is ‘^]’.
220 localhost.localdomain ESMTP Postfix
VRFY
502 5.5.1 VRFY command is disabled
重新啟動 Postfix
# systemctl restart postfix.service;systemctl status postfix.service