Good Evening,
I have been looking at JAMES and it occurred to me that the JAMES server
advertises itself in the email trace information in an email message.
i.e. <James 2.2.0a8>
If a hacker sees this and knows anything about JAMES, they could take
advantage that the config.xml file is clear text and easily displays a
database username and password to someone who could hack into the
computer.
My question is two part. First, is there anyway that I can remove the
JAMES name and version from the email trace information. Second, how do
people protect vital files such as the config.xml file. If a server is
behind a firewall and all ports are closed, there is a chance that a
hacker could break into a server. Is there a way to encrypt the
config.xml file?
Thank you,
Hut
