On scans the VRFY command is a finding, to disable it
Add this line below to the
/etc/postfix/main.cf
.
disable_vrfy_command = yes
Now test if VRFY is disabled.
devil@hell> telnet localhost 25
Trying 127.0.0.1…
Connected to localhost
Escape character is ‚^]‘.
220 hell.on-earth.local ESMTP Postfix
VRFY
502 5.51.1 VRFY command is disabled
Trying 127.0.0.1…
Connected to localhost
Escape character is ‚^]‘.
220 hell.on-earth.local ESMTP Postfix
VRFY
502 5.51.1 VRFY command is disabled
If the VRFY command does not come back as „VRFY command is disabled“ then this is a finding.