Status of VRFY and EXPN commands in Messaging Gateway

book

Article ID: 172000

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

Penetration testing shows a report that Symantec Messaging Gateway (SMG) allows usage of VRFY and EXPN commands.

Cause

SMG sends a 252 response to commands that are restricted by default. Some penetration testing can interpret this as a allowed command by seeing a response.

Example commands and responses from SMG:
vrfy [email protected]
252 2.0.0 vrfy restricted
expn [email protected]
252 2.0.0 expn restricted

Resolution

Verify the SMTP commands you want to use are not allowed by testing with a telnet connection to your SMG over port 25.