Synopsis
It is possible to enumerate the names of valid users on the remote host.
Description
The remote SMTP server answers to the EXPN and/or VRFY commands.
The EXPN command can be used to find the delivery address of mail aliases, or even the full name of the recipients, and the VRFY command may be used to check the validity of an account.
Your mailer should not allow remote users to use any of these commands, because it gives them too much information.
Solution
If you are using Sendmail, add the option :
O PrivacyOptions=goaway
in /etc/sendmail.cf.
Plugin Details
File Name: sendmail_expn.nasl
Supported Sensors: Nessus
Vulnerability Information
Exploit Ease: Exploits are available
Vulnerability Publication Date: 8/1/1982
Exploitable With
Metasploit (SMTP User Enumeration Utility)