Author: Tim Robinson Date: To: users Subject: Re: [bitfolk] 21 critical Exim security issues need addressing
Hi Andy
Am I right to assume that if port 25 is firewalled from the outside then
the risk from external hacks is minimal?
Cheers
Tim
On 07/05/2021 02:48, Andy Smith wrote: > Hi,
>
>
> Most hosts, unless they are acting as a server listed in one or more
> domains' MX records, do not need to be remotely accessible on port
> 25. If that's the case for you then you would be well advised to
> reconfigure Exim to only listen on localhost. Though there are still
> 11 other vulnerabilities that local users could exploit. At least
> you'd only get rooted by a friend, right?
--
Best Regards
Tim Robinson
Director
TxRx Communications Ltd
01256 810630
