On Wed, 7 May 2008, Deepak Jain wrote:
I know of a tool that a major financial institution uses when certifying your networks security -- that scrapes the version number from your ESTMP banner to decide whether you comply or not (and other banners). (Rather than actually testing for a specific vulnerability). Simply blocking all of these packets from their test host gives you a high passing score; possibly a perfect one. [Irony and humor aside...]
Cisco PIX/ASA firewalls in SMTP fuxup mode are so incredibly broken. Possibly the worst SMTP implementation ever. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ FISHER GERMAN BIGHT: VARIABLE 3, BUT EASTERLY 4 OR 5 IN SOUTH GERMAN BIGHT. SLIGHT. FOG PATCHES. MODERATE OR GOOD, OCCASIONALLY VERY POOR.