STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The SMTP service HELP command must not be enabled on AIX.

DISA Rule

SV-215417r508663_rule

Vulnerability Number

V-215417

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

AIX7-00-003122

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

To disable the SMTP service HELP command remove the HELP file using command:
# rm <helpfile_path>

Check Contents

Run the following command to get the "HELP" file location:
# grep "^O HelpFile" /etc/mail/sendmail.cf

The above command should yield the following output:
O HelpFile=/etc/mail/helpfile

If the above command does not yield any output, this is not a finding.

The "HELP" file should be referenced by the "HelpFile" option.

Check to see if the "HELP" file exists:
# ls <helpfile_path>

If the "HELP" file exists, this is a finding.

Vulnerability Number

V-215417

Documentable

False

Rule Version

AIX7-00-003122

Severity Override Guidance

Run the following command to get the "HELP" file location:
# grep "^O HelpFile" /etc/mail/sendmail.cf

The above command should yield the following output:
O HelpFile=/etc/mail/helpfile

If the above command does not yield any output, this is not a finding.

The "HELP" file should be referenced by the "HelpFile" option.

Check to see if the "HELP" file exists:
# ls <helpfile_path>

If the "HELP" file exists, this is a finding.

Check Content Reference

M

Target Key

4012

Comments