STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:SV-227848r603266_rule
V-227848
SRG-OS-000480
GEN004660
CAT III
10
Edit the sendmail.cf file and add Opnoexpn option.
Restart the Sendmail service.
Determine if EXPN is disabled.
Procedure:
# telnet localhost 25
expn root
If the command does not return a 500 error code of command unrecognized, this is a finding.
OR
Locate the sendmail.cf configuration file.
Procedure:
# find / -name sendmail.cf -print
# grep -v "^#" <sendmail.cf location> | egrep -i "(goaway|noexpn)"
Verify the EXPN command is disabled with an entry in the sendmail.cf file that reads as one of the following:
Opnoexpn
O PrivacyOptions=noexpn
Opgoaway
O PrivacyOptions=goaway
(Other privacy options, such as novrfy or noetrn, may be included in the same line, separated by commas. The goaway option encompasses a number of privacy options, including noexpn.) If the EXPN command is not disabled, this is a finding.
V-227848
False
GEN004660
Determine if EXPN is disabled.
Procedure:
# telnet localhost 25
expn root
If the command does not return a 500 error code of command unrecognized, this is a finding.
OR
Locate the sendmail.cf configuration file.
Procedure:
# find / -name sendmail.cf -print
# grep -v "^#" <sendmail.cf location> | egrep -i "(goaway|noexpn)"
Verify the EXPN command is disabled with an entry in the sendmail.cf file that reads as one of the following:
Opnoexpn
O PrivacyOptions=noexpn
Opgoaway
O PrivacyOptions=goaway
(Other privacy options, such as novrfy or noetrn, may be included in the same line, separated by commas. The goaway option encompasses a number of privacy options, including noexpn.) If the EXPN command is not disabled, this is a finding.
M
4061