IBM Support

Turning off VRFY/EXPN for sendmail in AIX

Question & Answer


Question

How do I turn off VRFY/EXPN in sendmail.

Answer

VRFY and EXPN

The vrfy command allows a user to connect to your Sendmail server and ask to verify that an address is valid. Using this command a user can verify if an account is valid.

The expn command allows someone to telnet to your Sendmail server and give the server an alias. The expn command expands the alias into the list of actual recipients

To Disable EXPN and VRFY do the following:

vi /etc/mail/sendmail.cf

Search for the line that reads:

O PrivacyOptions=

To disable expn and vrfy, change the line to read the following:

O PrivacyOptions=noexpn novrfy

Or, to set all of sendmail's privacy options to their most private settings:

O PrivacyOptions=goaway

save the file, and refresh the sendmail daemon.

#refresh -s sendmail

[{"Product":{"code":"SWG10","label":"AIX"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"APARs - AIX 5.3 environment","Platform":[{"code":"PF002","label":"AIX"}],"Version":"5.1;5.2;5.3;6.1","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]

Document Information

Modified date:
17 June 2018

UID

isg3T1010668