Postfix security – How to change mailbanner

By default the installation of Postfix is already security-minded. An out-of-the-box install could be enough for most users but still, some tweaking could not hurt.

Replace your mailbanner (the text one sees when telnetting to your port 25) with something meaningless.
This is what you see when you do telnet to port 25.

nikesh@poison:~> telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 poison.hell.com ESMTP Postfix

Now to remove this banner incformation, you need to change a variable setting in your main.cf file, something like …

smtpd_banner = $myhostname ESMTP Sorry, No banner

After doing the change, restart your postfix server and try doing telnet again to port 25

nikesh@poison:~> telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
220 poison.hell.com ESMTP Sorry, No banner

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s