Ken I am just interested in suppresing platform/version information when someone telnet to port 143. Just one more layer of security. If I understand you correctly I just need to add:
"imapidresponse: no" to /etc/imapd.conf? This correct. >If you think that having the vendor/version information in the banner is >a security problem, then you should tell us what you think the security >issues are, so they can be fixed. If its a config problem, then fix >your config ;-) > >In any case, there are multiple places in the services where the >vendor/version string is used: > >- In the banners for imapd, pop3d, lmtpd -- disable by editing the >source -- > look for prot_printf(, "... ready\r\n", ,CYRUS_VERSION) >- imapd: ID command response -- disable with "imapidresponse: no" in >imapd.conf >- imapd: NETSCAPE command response -- not compiled by default >(--enable-netscapehack configure option) >- pop3d: IMPLEMENTATION capability -- disable by editing the source in >cmd_capa() > >Ken >
