STIGQter STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

If the AIX host is running an SMTP service, the SMTP greeting must not provide version information.

DISA Rule

SV-215412r508663_rule

Vulnerability Number

V-215412

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

AIX7-00-003114

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Ensure "Sendmail" or its equivalent has been configured to mask the version information. If necessary, change the "O SmtpGreetingMessage" line in the "/etc/sendmail.cf" file from:
O SmtpGreetingMessage=$j Sendmail $v/$Z; $b

to:

O SmtpGreetingMessage= Mail Server Ready ; $b

Check Contents

If the AIX host is not running an SMTP service, this is Not Applicable.

Check the value of the "SmtpGreetingMessage" parameter in the "sendmail.cf" file:
# grep SmtpGreetingMessage /etc/mail/sendmail.cf

If the value of the "SmtpGreetingMessage" parameter contains the "$v" or "$Z" macros, this is a finding.

Vulnerability Number

V-215412

Documentable

False

Rule Version

AIX7-00-003114

Severity Override Guidance

If the AIX host is not running an SMTP service, this is Not Applicable.

Check the value of the "SmtpGreetingMessage" parameter in the "sendmail.cf" file:
# grep SmtpGreetingMessage /etc/mail/sendmail.cf

If the value of the "SmtpGreetingMessage" parameter contains the "$v" or "$Z" macros, this is a finding.

Check Content Reference

M

Target Key

4012

Comments